Thursday 30 August 2012

e-tax 2012 on Mac and Linux FOI Part 2

I have received a reply to my freedom of information request for the source code of the etax client. The letter is dated the 9th of August 2012, but I have been too busy to blog about it because I am a candidate in the upcoming Parramatta council election. I also have not had time to reply to it.

In short it was refused.

It was a two page letter (I will scan it later) but the key paragraph is:
"I consider there is an increased likelihood of hacking if the source code is released and the serious ramifications of this outweigh the public factors in favour of release. I have therefore exempted the source code from release under Section 47E of the FOI Act."

In my appeal I will point out that various open-source software is developed with the source code publicly available and is just as secure as closed source equivalents - for example Apache and Linux. I will point out that Apache is used by the majority of webservers and Linux is widely deployed without any greater number of security issues.

Another key paragraph is:
"Section 11C of the FOI Act requires the office to publish details of information released under the Act on our website and make the information availble to the public unless it would result in the unreasonable release of personal or business information or it would be unreasonable to publish the information. If we were to release the code to you, we would be obliged to release it to the general public also."

While this is true that section 11C subsection 3 does require the release of the material, no mention is made of section 11C subsection 1c and subsection 2 which states that the Information Commissioner may make a determination that the information should not be published to the general public.

So my avenues of approach will be:
  • Appeal on the basis that numerous open-source projects are as secure as closed-source projects
  • During appeal clarify that request is only for etax client
  • I was also referred to a press release stating that a Mac OSX client is planned for 2013 but a cross-platform version was promised in 2007 - how can we be sure a Mac OSX version will be completed
  • Consult with the Office of the Information Commisioner to get a publication exception, so there is no chance of source code falling into the hands of "hackers"
  • If this FOI request fails, then launch a new FOI which requests a list of Windows function calls which are used during the pre-fill and lodgement processes
I have 30 days in which to appeal for a review by the ATO - so the 8th of September 2012. I have 60 days in which to appeal for a review by the OIC - so the 8th of October.
Posted by at
Labels: ,

3 comments:

  1. Rob22 November 2012 at 19:09

    Any update on this FOI request?

    ReplyDelete
  2. teambob29 December 2012 at 15:57

    Hi, I didn't end up challenging this. Partly because I was so busy (I ran for council) and partly because I made a mistake.

    > This freedom of information request is for the complete source code of the e-tax 2012 computer program.

    That should be the source code the the e-tax 2012 *client* computer program.

    I will look at putting in another FOI request in 2013.

    ReplyDelete
  3. SpiderDan25 May 2013 at 08:59

    I am sure glad that someone cares enough to persue this. The government obviously doesn't care because they have issue with spending the tax payer $$$ to fund a project that will be only used by a "monority", hovever, they obviously have no issue giving themselves generous pay rises in 2013...

    ReplyDelete

Subscribe to: Post Comments (Atom)