GST- 8-layered security wall to protect GST data

By | September 27, 2016

The structure of the board of the Goods and Services Tax Network (GSTN) has enough safeguards to ensure the government has strategic control of the entity, its chairman has said, while asserting that security of sensitive data will have the highest level of protection.

“Therefore, by the structure of the board itself the government has ensured that no decision can be taken which is not supported by the government,” GSTN chairman Navin Kumar told TOI, while expressing confidence that the system would be ready before GST rolls out on April 1, 2017.

“This concern that (since) they (private entities) have 51%, they can control it — they cannot control it. No board meeting can take place unless at least 50% of the directors present are from the government.”

The Indian Revenue Service officers’ association has opposed the move to let GSTN manage the IT system. BJP Rajya Sabha MP Subramanian Swamy has also written to PM Narendra Modi to put on hold all operations of GSTN until it is restructured with state-owned financial entities.

There are 14 directors on the board, out of which seven are nominated by the central and state governments. Three by central government, three by state governments and the chairman is selected jointly by the state and central governments.

“Out of the remaining seven, three come from private shareholders. Now the private shareholders have 51% equity, governments have 49%. But the governments send seven directors, private financial institutions send only three directors. And, there are three independent directors and CEO is appointed by the board,” Kumar said, pointing to the government’s dominant role.

Kumar, a former IAS officer, said an eight-layered security wall has been built to ensure the data is protected.

He said strict protocols have been put in place to ensure that only those who are authorised can access data in the system, which will have data of 80 lakh taxpayers from across 29 states, Union territories and the central government.

“We don’t have access to the data. We are managing this but we don’t have access to the data. Infosys is writing the code and building the code and they will manage it, and they also can’t access data,” said Kumar.

“The access to data is given only to those people who are prescribed by law to access it. So, all the tax authorities can access the data, taxpayers can access their own data. No shareholder by the fact that he is a shareholder can access the data. As far as GSTN is concerned and Infosys is concerned, they have access to the system. But not the data. There is a clear distinction,” he said, adding that state-run STQC will test and audit the entire system before it is switched on.

“Data of 30 governments will be there. It will be a very attractive target for any hacker or people who want to wreck the system. We are aware of this and, therefore, right from the beginning we have kept a very precise focus on security. Whatever best is available in the world today to ensure security of the system as well the data we are doing it,” he said.

Kumar said about 60% of the application process has been done and next month the first part of the portal will be thrown open for existing tax payers

“We will give all the VAT and service tax payers a provisional ID and will ask them to come to our portal,” said Kumar.

“We will ready for that. We are working towards that goal only. We have discussed with Infosys, with our own team. And we have drawn up our schedule based on that,” he said, when asked whether GSTN would be ready before the roll out date.  Source- http://timesofindia.indiatimes.com [27-09-2016]

Leave a Reply