| UNAUTHORIZED HACKINGThe term "computer | | | | compelled to facilities the access to |
| hacking" traditionally describes the penetration into | | | | e-data.AUTHENTICATING THE INTEGRITY OF |
| computer systems, which is not carried out with | | | | BUSINESS RECORDSWith conventional commerce |
| the aims of manipulation, sabotage or espionage, | | | | original records are paper-based and can be |
| but for the pleasure of overcoming the technical | | | | examined for the attributes of authenticity and |
| security measures. In practice, this kind of | | | | integrity. Since, with e-commerce transactions, the |
| offense can be frequently found. As far as | | | | original documents are stored in electronic form |
| damage is concerned, a differentiation must be | | | | the comfort of physically viewing the originals |
| made. In numerous cases, the attacked computer | | | | knowing that they are unaltered does not exist. |
| user is not actually harmed, but only endangered. | | | | However, software is being developed to identify |
| Contrary to this, considerable damages occur in | | | | alterations to computer records. Specific |
| other cases especially when the perpetrators later | | | | accounting software may also be deployed for |
| use their knowledge for committing espionage and | | | | this purpose. Many of us in the workplace feel |
| sabotage. In any case the "formal sphere of | | | | more comfortable with paper-based records. But |
| secrecy" or the integrity of the concerned | | | | is this comfort an illusion? Paper records can be |
| computer systems is violated. Also it is very | | | | altered, lost or falsified. So too can computer |
| tough to draw a dividing line between what can | | | | records. The fact is that we are familiar with the |
| be considered mild and what endangers life. | | | | tools and procedures for checking paper records. |
| Consider someone breaking into the online flight | | | | Whereas, he tools for validating computer records |
| system of an Pakistan Airlines flight. He or she is | | | | are new and, perhaps, less intuitive. Revenue |
| definitely endangering the lives of those on board | | | | authorities are likely to reach a number of |
| though it may have been done for fun's.To get | | | | conclusions to do with this over the next few |
| access and verify the record being hosting in | | | | years:* Computer audit means more and |
| remote services often requires the use of | | | | different training of staff.* Once staff is trained, |
| hacking to get access to records. The use of | | | | computer audit will have advantages over |
| hacking as legal tools requires use of hacking soft | | | | traditional audit in terms of speed, precision and |
| wares with most modern technology and means | | | | flexibility. It will be seen as the only way to audit |
| employed to curb any evasion of tax and verify | | | | large companies, in particular.* Computer audit will |
| the e- record.No specific statutory provisions are | | | | make it easier to examine both accounting |
| available for the defining the authorized hacking | | | | systems and the records which go to make up |
| rights on the part of tax officer.SECURITY AND | | | | those systems. Overall, it is not the fact that |
| PRIVACY ISSUES OF WEB HOSTING SITESIn | | | | records are paper or computer-based that |
| numerous Western legal systems, the first | | | | matters.What matters for Revenue is that |
| "computer-specific" reforms of law during the | | | | businesses more likely to perpetrate tax fraud |
| 1970s and 1980s concerned the protection of | | | | are identified through correct risk analysis. This |
| personal rights and privacy in particular. The | | | | does not depend on the nature of the records as |
| relevant legislation was a reaction to new | | | | between paper-based and computerized. In |
| challenges to privacy by the increasing possibilities | | | | conclusion, Revenue auditors will require a higher |
| of electronic data processing to gather, store, | | | | level of computer skills in future to allow accurate |
| connect and transfer personal data. The traditional | | | | interpretation of computerized records systems. |
| provisions for the protection of secrecy only | | | | It will also be necessary for Revenue auditors to |
| covered part of the personality right and proved | | | | have systems analysis skills to validate the data |
| to be far too narrow for a protection against the | | | | models used in a given accounting environment. |
| new dangers. A differentiation in criminal data | | | | They will also need manipulation skills to accurately |
| protection law which can be found in all countries | | | | trace transactions through such systems. The |
| today results from this historic development: | | | | computer software industry is aware of potential |
| Traditional offenses for the protection of secrecy | | | | for loss of audit trail arising from business being |
| (e.g. for doctors, lawyers or public officials) can still | | | | conducted on the internet. As mentioned already, |
| be found in the core of criminal law, i.e. the | | | | the industry is developing techniques to ensure |
| Criminal Code. Personal data receives indirect | | | | the integrity of electronic records. An example of |
| criminal protection by general criminal provisions | | | | this is a technique called "message digests". A |
| that are not limited to personal data . We can | | | | message digests works by attaching a unique |
| therefore speak of an international wave of | | | | message to an electronic record. Any subsequent |
| reform, which clearly shows the common | | | | change to the record can be detected by |
| problems of all national legal systems.There are | | | | comparing the original digest with a newly created |
| often Immunity is provided against disclosure of | | | | digest based on the current state of the file data. |
| information relating to security procedure, no | | | | Once again we see an emerging overlap of |
| person shall be compelled to disclose any | | | | interest between the public and private sector; |
| password, key or other secret information | | | | both are keen for ecommerce to work well and |
| exclusively within his private knowledge, which | | | | both face common problems. The point has been |
| enables his use of the security procedure or | | | | well made that the private sector, particularly the |
| advanced electronic signature shall not confer any | | | | auditing profession, has the same interest as tax |
| immunity where such information is used for the | | | | auditors in safeguarding the integrity of |
| commission of any offence under any law for the | | | | e-commerce records. One area of focus is the |
| time being in force.The most formidable task is | | | | impact of significant electronic processing of |
| getting access to remote data is the shelter being | | | | information on the auditor's ability to rely on |
| provided by the remote hosting site for | | | | substantive, observable evidence in the conduct |
| maintenance of the privacy and security of the | | | | of an audit.FILING OF TAX RETURN OF |
| database. The right to breach the security right as | | | | E-BUSINESS AND FURNISHING |
| statutory is not possible in case of hosting of data | | | | EVIDENCESelf-assessment relies on taxpayers |
| at remote server, unless the tax payer be | | | | voluntarily meeting their tax obligations. |