Michael Keenan says compliance agencies need to ‘keep up’ with technology as ATO says it doesn’t remotely access devices

This article is more than 3 years old

This article is more than 3 years old

The justice minister, Michael Keenan, has expressed serious concern about the release of a tax office guide to hacking phones.

The ABC revealed on Wednesday that a tax office worker had published on LinkedIn a step-by-step guide to the hacking of phones.

The guide taught users how to access data, call records and text messages, including when phones were without sim cards or battery power, the ABC reported.

Keenan said on Wednesday he was concerned about the publication of the guide. “Obviously we are very concerned about that,” he said. “But we do have very robust systems within the ATO to detect that.”

The document suggests the ATO is hacking phones as part of its fraud investigations, although the agency requires a warrant or permission from the owner to do so.

Asked whether this was a new strategy, Keenan said the tax office and other compliance agencies needed to “keep up” with the evolution of technology.

“I don’t really want to go into the ATO’s methodologies,” he said. “But the ATO, like other compliance agencies in Australia, do need to keep up with the way technology evolves and they do need to exploit technology like other agencies do.”

Labor calls on taxation watchdog to review ATO's online systems failures Read more

The ATO’s chief information officer, Ramez Katf, said the agency did not monitor or remotely access taxpayers’ mobile phones. The agency also rejected the use of the word “hacking” to describe its activities, saying it did not remotely access devices or act without lawful authority.

Katf said the ATO did use universal forensic extraction software in criminal investigations, including on laptops or mobile devices involved in large-scale fraud or organised criminal activity.

“These assets would first need to be accessed following a court-ordered warrant, where it is determined that material specifically relating to the court warrant is held on those assets,” he said.

“As this activity is conducted legally, and never involves remote access to a device, it is not correct to refer to it as ‘hacking’.”

“Any use of software that may bypass the security lock of a phone, is conducted with the relevant legislative approval (primarily section 3E of the Crimes Act) or following written consent from the owner of the device.”

Katf’s statement did not address the publication of the guide on LinkedIn or possible reprimands for the individual involved.

The episode adds to a list of controversies plaguing the federal agency this year. Public confidence in the ATO was damaged by the resignation of its deputy commissioner Michael Cranston over an alleged $144m tax evasion scheme involving his son Adam. The deputy commissioner has been charged with using his position to help his son but is not accused of direct involvement in the alleged fraud.



The tax commissioner, Chris Jordan, conceded in May that the allegations were likely to tarnish the ATO’s reputation.

The confidence of tax accountants and businesses in the agency has also been put at risk by a series of online system failures. The outages, which began late last year, have caused lost productivity to the private sector and prompted calls for compensation.

The ATO released a separate statement on the outages on Wednesday, saying it would “where possible” waive late fees for those yet to lodge their 2015-16 tax return or business activity statements that were due in December. Fees would be waived or not imposed if those documents were lodged by the end of August, the tax office said.

The ATO anticipated there would be more disruptions in future as it tried to solve its ongoing IT problems, which “highlight the sheer size, scale, and complexity of the ATO’s IT environment”.

“We acknowledge the more regular nature of these incidents recently continues to impact on those stakeholders – tax practitioners, the superannuation industry and digital service providers – who rely on the availability of our systems to run their business,” the statement said.



“We understand that tax practitioners, their clients and other taxpayers have been struggling to catch up and meet the various lodgment requirements related to tax,” it said.