- KRA’s chance with the proposal is to convince lawmakers in the plenary to overturn the committee’s decision
- LSK said the exemption would have compromised right to privacy
Image: COURTESY
Kenya Revenue Authority has lost a bid to spy on taxpayers’ Mpesa and bank accounts.
In a new strategy to uncover tax cheats, the taxman, through the National Treasury, sought to be given unfettered access to the details.
The Finance Bill, 2024, proposed to amend the data protection law to grant KRA exemptions from privacy rules when probing evaders.
The bill proposed changes to Section 51(2) of the Data Protection Act to grant KRA an exemption “when disclosure is necessary for the assessment, enforcement or collection of any tax or duty under a written tax law.”
Currently, the law prohibits the taxman from accessing taxpayer’s private data – including tracing sources of undeclared revenue – unless through a court order.
“The processing of personal data is exempt from the provisions of this Act if disclosure is necessary for the assessment, enforcement or collection of any tax or duty under a written tax law,” the Bill read.
But MPs shot down the amendment, saying it was potentially litigable.
The Finance Committee, led by Molo MP Kuria Kimani, said there were sufficient legal avenues for the taxman to get the information on tax compliance.
“The Committee notes that the proposal to allow the KRA access to personal data as proposed may not meet the threshold under articles 31(c) and (d) of the Constitution of Kenya,” the MPs said in their report on the bill.
“Section 51 of the Data Protection Act outlines the circumstances under which exemptions might apply.”
MPs further noted that KRA already has the powers it was seeking in Section 60 of the Tax Procedures Act.
“The law…empowers the commissioner or an authorised officer with a warrant to have full access to any data for the purposes of administering a tax law.”
An individual undertaking a personal activity, national security or public interest is among areas the present law exempts from the prohibitions.
KRA’s chance with the proposal is to convince lawmakers in the plenary to overturn the committee’s decision.
If they succeed, the taxman would be clothed with powers to compel banks and telecommunication firms to produce statements of customers’ transactions.
KRA was also to get powers to monitor transactions on Paybills, bank accounts and applications that businesses and individuals use to receive cash.
In such a regime, the taxman would be empowered to slap anyone with tax demands if it notes that the transactions surpass the declared taxes.
Mavoko MP Patrick Makau urged his compatriots in the House to approve the deletion, saying even the existing law is yet to be followed to the letter.
“Yesterday, we had members whose accounts were frozen because the Act [data protection law] was misused. You never know, someone might slap you with a demand for a particular tax,” he said.
The MP said much as the Committee had proposed the deletion, it would only suffice if MPs vote to support the amendment.
Many stakeholders who appeared before the Committee to give their views on the bill opposed the proposed changes to the data law.
The Law Society of Kenya in its memorandum to Parliament said the proposal compromised the right to privacy.
“The proposal undermines the rights guaranteed by Article 31 and Article 24 of the Constitution,” the memo by LSK president Faith Odhiambo read.
The proposed law would be problematic and would go against the supreme law [Constitution] which recognises the right to privacy.
“It is essential to reconsider this approach and ensure that data protection laws apply uniformly to all relevant entities, including the KRA,” the society said.
Article 31 of the Constitution “ensures that individuals’ personal information remains confidential and protected.”
The Data Protection Act imposes obligations on state agencies, emphasising data security, responsible data collection and limitations on data usage, the lawyers said.
They argued that while rights may be limited ‘reasonably’, the limitations must be checked.
“Such limitations must align with democratic principles, human dignity, equality and freedom,” the society explained.
It further pointed out that the law outlines instances where information disclosure is legally mandated. This could only be “particularly when public authorities require data for specific tasks.”
“Without precise definitions, there is potential for abuse, such as unwarranted assessments on personal accounts if the KRA fails to meet tax collection targets,” LSK said.
The lawyer’s body added that the exemption would remove KRA’s obligation to adhere to data privacy laws while handling taxpayers’ information.
“Consequently, taxpayers’ rights as data subjects may be compromised, especially when the KRA shares data with other state agencies.”
This was among a number of ‘punitive’ proposals that President William Ruto’s team has conceded in the tax law currently before MPs.