Its a huge PDF file, so these are the highlights...
(Cross-posted to SAIA list)
McCrea, P & Smart, B
"The Internet Report"
CSIRO 1997
http://www.cmis.csiro.au/pubs.html
"Prepared by CSIRO for the Australian Taxation Office as
part of the ATO's Electronic Commerce Project".
p 157, Recommendation 5
The ATO should consider using Internet based e-commerce
capabilities for the collection of transactional tax.
p 159, Recommendation 11
Webshops [sic] should be licensed
The owner of a webshop, or the licensed hosting
organsiation operating on behalf of the owner, should
register details of the webshop with the ATO... This
recommendation reflects the current practice of
registration of business, and it could well be
extended to the registration of *all* businesses,
whether Internet-enabled or not.
Webshop details should include:
a) IP number and port(s)
b) URL
c) ACN or other ATO-recognised ID
d) e-mail address...
This requirement should apply either if:
a) the computer containing the webshop is in
Australia
b) the owner is an Australian resident
This requirement could be carried out on-line with a
minimum effort using SSL secure connection from the
webshop to the ATO's web-site...
The information collection may be of internest to
other revenue collection agencies and may assist the
ATO in multilateral discussions.
[Note implication that material woulds not be suject
to the full confidentiality provisiions of the
Taxation Act GT]
p 160, Recommendation 12
Organisations that operate or host webshops should be
licensed
Organisations that operate their own Webshops, as well
as ISPs and third party "site providers" who host
Webshops on behalf of other organisations, should be
licensed. It is expected that such registration will
apply to the larger ISPs only. Smaller ISPs, whose
role is oriented around community service and who do
not host merchant facilities, will be unaffected.
As part of their licence, Webshop hosting
organisations should report to the ATO details of the
Webshops that they host. This requirement could be
achieved by the Webshop hosting organisation asking
their new (and existing) clients the question: "Do you
intend to sell goods or services from your web-site?"
This places the obligation firmly on the Webshop
owners, the only obligation on the Webshop hosting
organisation being to report what theirs client have
stated. This is a simple requirement that could be
achieved at low cost by on-line notification to the
ATO as described in the previous recommendation.
p 160, Recommendation 13
A legislative and technical framework required to
monitor commercial IP traffic should be determined
A legislative and technical framework required to
monitor commercial IP traffic should be determined As
the Internet matures and its security improves, it
will increasingly be used for financial transactions.
Currently financial transactions between organisations
take place on proprietary networks, such as SWIFT in
the case of the banking system. The ATO currently has
access to the log files of these proprietary networks
for audit purposes.
It is critical that the ATO be able to assess the
level of electronic commerce on the Internet. This
can be achieved from the audit trails of Webshops and
Webshop hosting organisations, as described in
Recommendations 11 and 12, but this will not detect
those people or organisations that carry out financial
transactions on the Internet outside the licensed
e-commerce infrastructure providers.
Internet payment protocols such as SET, Mondex,
Cybercash, Digicash, and others, are beginning to be
deployed, and the header of a packet (the "port
number") will indicate whether such protocols are used
in that packet. It should be noted that the number of
such "financial" packets is likely to be a tiny
fraction of the overall Internet traffic.
Statistical information gathered from traffic across
the network is capable of supporting the
identification of some unreported commercial
activity. However, the Internet is a public network,
and any attempt on the part of the ATO or other
organisations to "monitor" Internet packet traffic for
certain types of packets should be undertaken only
after privacy and other concerns have been addressed.
It is recommended that the ATO cooperate with other
Government agencies (such as Attorney General,
Department of Communications and the Arts, AUSTRAC and
others) to determine the legislative framework that is
required for such IP traffic monitoring.
p 161, Recommendation 14:
A record of the ranges of IP numbers of Australian based
computers should be maintained.
Each Internet-enabled computer in the world has a
unique IP number, although this may be assigned
temporarily to a computer by an IAP whilst it is
connected to the Internet, and then re-assigned to a
different computer during a different session. There
is not necessarily a correlation between an IP number
and the geographical location of a computer.
Currently there is not a definitive list of IP numbers
of those computers that are located in Australia.
Hence it is not straightforward to determine whether a
computer with a particular IP number is located in
Australia or not.
The most straightforward approach to establishing the
list of Australian IP numbers is to seek the
cooperation of the international telecommunications
companies that connect Australia to the rest of the
world. Every international leased line that connects
Australia to the wider Internet is associated with a
range of IP numbers serviced by that leased line.
With appropriate legislation in place, international
carriers can request their lessees (ISPs, large
corporations, etc) to provide the range of IP numbers
that are serviced over each of their leased links.
The result will be a list of ranges of all IP numbers
in use in Australia, including those numbers that are
not yet assigned. However the list would not include
those IP numbers reached in Australia by
tunnelling. Organisations that use tunnelling for
legitimate purposes will also register the ranges of
IP numbers reached at the Australian end of the
tunnel. This method will not detect those IP numbers
that are deliberately concealed through tunnelling
with the active cooperation of overseas collaborators.
However such active cooperation in IP concealment will
be detected in the jurisdiction where the IP numbers
appear to be. With international cooperation, such
information could be made available to the ATO.
-- glen.turner@itd.adelaide.edu.au Network Support Specialist Tel: (08) 8303 3936 Information Technology Division Fax: (08) 8303 4400 University of Adelaide SA 5005