Tax Information, Third Parties and GDPR: Legal Challenges and Hints from the Court of Justice

Abstract

This paper aims at explaining why the General Data Protection Regulation (GDPR) might play a key role in building a more coherent legal framework intended to face the several legal challenges that are likely to emerge from recent measures adopted at European and national levels regarding the consistent involvement of private third parties in the direct taxation process. These measures, wished-for combat against tax fraud and facing the ‘permanent’ economic crisis, are aimed either to collect and exchange taxpayers’ data from new sources (i.e., at EU level Directive on Administrative Cooperation (DAC6, 7 and 8)) or to facilitate ‘tax just happening’ and pave the way for the implementation of a Tax Administration 3.0 model, as suggested by the OECD’s Forum on Tax Administration (FTA) (e.g., at national level the involvement of digital platforms as withholder or joint liable person). Currently, while the analysis of the involvement of digital platforms in the indirect taxation process is fast growing, less attention is devoted to the potentialities and risks deriving from their involvement as third parties in the direct taxation process. Therefore, starting from a recent judgment of the Court of Justice of the European Union (SS SIA, C-175/20) and the stimulating opinion raised by the Advocate General, the present paper contributes to open a debate to fill this literature gap on a topic that is proving crucial from both a scientific and societal perspectives.This paper aims at explaining why the General Data Protection Regulation (GDPR) might play a key role in building a more coherent legal framework intended to face the several legal challenges that are likely to emerge from recent measures adopted at European and national levels regarding the consistent involvement of private third parties in the direct taxation process. These measures, wished-for combat against tax fraud and facing the ‘permanent’ economic crisis, are aimed either to collect and exchange taxpayers’ data from new sources (i.e., at EU level Directive on Administrative Cooperation (DAC6, 7 and 8)) or to facilitate ‘tax just happening’ and pave the way for the implementation of a Tax Administration 3.0 model, as suggested by the OECD’s Forum on Tax Administration (FTA) (e.g., at national level the involvement of digital platforms as withholder or joint liable person). Currently, while the analysis of the involvement of digital platforms in the indirect taxation process is fast growing, less attention is devoted to the potentialities and risks deriving from their involvement as third parties in the direct taxation process. Therefore, starting from a recent judgment of the Court of Justice of the European Union (SS SIA, C-175/20) and the stimulating opinion raised by the Advocate General, the present paper contributes to open a debate to fill this literature gap on a topic that is proving crucial from both a scientific and societal perspectives. CJEU, Advocate General opinion, third parties, GDPR, DAC 6, DAC 7, proportionality principle, purpose limitation principle, data minimization principle, taxpayers’ data protection