Representation on mis-selling of GST database on Social Media

CGPI had come across the message on Social Media Platforms which claims to provide the information of All India ‘GST” Databas – 24 Lacs Registered Taxable Persons (records) in respect of their GSTN Number, Business Name, Contact details & Turnover ……………. your CGPI Team considered the gravity of the incident , the possible fall out of the same along and decided to file representations with all suitable suggestions before all appropriate authorities in the interest of all stakeholders of the country. Copy of such filed representation is shared herewith for the knowledge of everyone.

CONFEDERATION OF GST PROFESSIONALS AND INDUSTRIES

Monday, November 9, 2020

To
Honourable Prime Minister of India
Prime Minister’s Office
South Block, Raisina Hill
New Delhi-110011
Phone No: +91-11-23012312
Fax: +91-11-23019545, 23016857

To,

Honourable President of India
President’s Secretariat
Rashtrapati Bhavan
New Delhi – 110 004
E-mail: [email protected]
Tel No +91-11-23013324
Fax: +91-11-23017290, 23017824

Honourable Sirs,

Sub: Representation – Public Domain Information Sharing Issues- Regarding 

A brief Introduction about Confederation of GST Professionals and Industries (CGPI):

CGPI is a national alliance of Advocates, Chartered Accountants and other GST Professionals focused exclusively on GST. CGPI’s main objects are to organize the indirect tax community into one common body so that a unified body can stand up for the interests of the professional community as well as trade and industry with respect to GST as well as ensuring that quality and timely educational initiatives are taken up in association with our partner associations in each State and local area, in all areas, including non-metro areas. CGPI will also be allying with trade and industry associations so that their problems can be addressed in a better manner.

At the outset we wish to submit that it is only after duly considering the gravity of the incident and the possible fall out of the same, that we felt befitting to submit this communication to your high and esteemed office.

As an Organization, one of the member reported that such message is circulated on Social media platforms which claims to provide the information of All India “GST” Databas – 24 Lacs Registered Taxable Persons (records) in respect of their GSTN Number, Business Name, Contact details & Turnover @Rs.999 (per state) Contact: Databasequint@gmail.com.  (message posted here)

Objective of Representation

Such a WhatsApp message appalled us, and prompted us to file our representation as a concerned Stakeholder of India and also on behalf of all Trade, Industry and Commerce. We believe that this glaring, illegal and adventurous advertisement fundamentally violates the Rights to Privacy of business enterprises operating in India whether small, medium, large and/or Multinational companies under Article 21 of Constitution of India. We wish to draw the attention of Sovereign to such organized, malafide commercial activity of unauthorizedly selling data which can be detrimental to the interests of trade, commerce and Industry; and also, to the e-Governance objectives as planned, formulated and implemented by the Sovereign under the GST framework w.e.f July 1, 2017.

The definition of Data provided under Information Technology Act, 2020 is reproduced below: –

Section 2(1)(o) of the Information Technology Act, 2000 (the “IT Act”) has defined “date to mean “a representation of information, knowledge, facts, concepts or instructions which are being prepared or With advent of technology which evolving almost every day like speed of light by way of new processes, new systems, new algorithms, new permutations and combinations etc. Such data disseminated by technology if used in productive and constructive manner it can create value additions for the enterprises as well as economy but if the same is used in unproductive and unconstructive manner it can destroy the foundations of enterprises and country which are built by uncountable time, efforts and intellectual property rights.

Data growth in recent times have seen substantial growth which can’t be measured easily as it may be termed as infinite and sky is the limit which has no geographical boundaries. Data can create its own identity which none of us could imagine due to technology developments across the borders of world. Data derives its substantial value by using analytics, algorithms and modern technology solutions to derive its business strategies for the way forward.

The Right to privacy is age-old common-law concept and invasion of such privacy in the form of data gives the right to any aggrieved person to claim tort-based damages. The right of privacy is the right to be free from unwarranted publicity, to live a life of seclusion, and to live without unwarranted interference by the public in matters with which the public is not necessarily concerned.

Quote

“No person shall be deprived of his life or personal liberty except according to procedure established by law”

Unquote

“The said right cannot be curtailed “except according to procedure established by law”

The risk is very high today of some unscrupulous organisations selling vital data or fundamentally breaching one’s right to privacy of such data, information, details, statements, financial information, PAN data etc. which are available at the click of mouse because of our advanced and all-pervasive information network. With the growth and development of technology, more information is now easily available and accessible. The information explosion has manifold advantages but also has some inherent disadvantages. The access to information, which an individual or business enterprise may prefer not to give, needs the protection of privacy related laws.

The populace looks up to the Sovereign inter alia as a Regulator, Torch Bearer as well as implementor of innovative Fiscal Policies governing the interests of Trade, Commerce and Industry for Inbound Trade and/or Outbound Trade. It also looks towards you as a Protector and Guarantor of data privacy rights, particularly in respect of data shared by way of information uploaded during Registration, every kind of compliance of Law (viz. minor or major) as well as sharing of data in the latest era of faceless assessments (formulated to comply and improve the working processes of the law in real time in an effective and efficient manner).

Fallouts/Pain Areas/Destruction areas of such mis selling of data in public domain

We, as an organization, are particularly concerned that such mis selling of data would seriously dampen the spirit of doing business in India and consequently result in unscrupulous people tarnishing the image of our country by perpetrating things which are termed as dangerously illegal. Such flagrant acts can derail foreign inflows into the economy. If stringent and corrective actions are not implemented by the Sovereign, it could result in:

• Hacking of data for obtaining fake and bogus registrations;
• Fraudulent issue of Tax Invoices for claim of Input Tax Credits under the provisions of Section 16 of the GST Act,2017;
• Siphoning of genuine business funds for notorious and obnoxious activities which can derail the dream of India reaching the 5 Billion mark;
• Shaking the foundations of the Banking system by way of weakening the rupee and loss of savings of lakhs of people who have saved their dimes in the banking accounts of the economy which could result in closure/insolvency of SME enterprises who can’t absorb the burden of such fraud,
• Such exposures would relegate our country to a low international ranking on Global Index, thus resulting in many organisations scouting for alternate investment options on a worldwide basis;
• Today the whole world is desperately facing the pandemic called NOVEL COVID 19 or Corona Virus which has purportedly germinated out of Bio- technology, which has terrified the world. It our apprehension that if such massive data thefts and trading activities are not prevented/ controlled through regulatory measures, the day is not far when we will witness data terrorism becoming a stark and challenging reality on the lines of this pandemic in terms of its massive and deadly impact.
• If the fall out becomes a reality, many of the stakeholders would be tempted/ compelled to convert themselves and operate in unorganized Business Structures rather than through formal and organised Business Entities. This will be a step backwards and entirely avoidable.

Suggestions: –

To address above issues, we already have in place various statutes formulated and implemented in India viz. Personal Data Protection Bill, 2019, Information Technology Act, 2000 & Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal information) Rules, 2011 – these need to be updated regularly and streamlined to provide for timely, protective and remedial implementation, particularly in respect of:

• Section 43A (data protection),
• Section 66C (identity theft),
• Section 66D (cheating by personation by using technology),
• Section 66E (intentionally or knowingly captures, publishes or transmits the image of a private area of any person without his or her consent),
• Section 69 (directions for interception or monitoring or decryption of any information through any computer resource),
• Section 69A (directions for blocking for public access of any information through any computer resource.
• Section 69B (to authorize to monitor and collect traffic data or information through any computer resource for cyber security.)
• Section 72 (Disclosure of electronic data without consent viz. violation of privacy) and
• Section 72A (Providing information by person and/or intermediary pursuant to breach of lawful contract)

Suitable Whistle Blower mechanism should be firmly installed in place for reporting such flagrant violations of data protection/privacy laws without disclosing one’s identity to ensure the Whistle Blower’s personal safety. The Whistle Blowing mechanism should be capable of being invoked through a web- complaint, email, phone or dedicated reporting helpline etc.

Conclusion

To conclude, we would like to emphasise that the matter has grave repercussions and is fraught with risk that can shake the confidence of the business fraternity – nationally and internationally. It is our prayer that your Honorable Self needs to intervene and get to the bottom of this to ascertain how much and how such information got leaked in public domain from the GST portal in the form of 24 Lacs Database Records consisting of GSTN Number, Business Name, Contact details and Turnover details etc.

We are requesting on behalf of all stakeholders of the country be its Professionals, CAs, CMAs, SME Industries, Big Companies, Associations, Advisors etc.to promptly address the above concerns, so that the dream of establishing India as the best place in the world to live and do business comes true.

Thanking you in anticipation.

For Confederation of GST Professionals and Industries

Authorized Signatory

Mobile No +91 72082 96001/+91 98211 64261/+91 98202 95319

Date: 09/11/2020
Place: Mumbai

Nitin Sureshchandra Bhuta

CC to:

Download Full Text of Representation

*****

Disclaimer: The contents of this article are for information purposes only and do not constitute an advice or a legal opinion and are personal views of the author. It is based upon relevant law and/or facts available at that point of time and prepared with due accuracy & reliability. Readers are requested to check and refer relevant provisions of statute, latest judicial pronouncements, circulars, clarifications etc before acting on the basis of the above write up.  The possibility of other views on the subject matter cannot be ruled out. By the use of the said information, you agree that Author / TaxGuru is not responsible or liable in any manner for the authenticity, accuracy, completeness, errors or any kind of omissions in this piece of information for any action taken thereof. This is not any kind of advertisement or solicitation of work by a professional.