The privacy issue has been thrown into sharp relief by a sharply-worded report from STEP, warning that transfer of client data under Tax Information Exchange Agreements is now so heavy that there are serious risks to client privacy in some countries.

Nowadays, the privacy of clients of banks is treated not so much with respect by policymakers as hostility, judging by the pressures on offshore centres and the purchase of stolen bank data by certain governments, such as that of Germany. Fears about privacy are not just special pleading - they are based on genuine concerns.

The privacy issue has also been thrown into relief by a sharply-worded recent report from the Society of Trust and Estate Practitioners, warning that there have been so many recently signed Tax Information Exchange Agreements – TIEAs – that there are serious risks to client privacy in some countries, it says. In particular, STEP fears that without tough new safeguards, data will be transferred to governments with poor or unreliable records for respecting personal data, and property and human rights.

More than 70 nations have “substantially” implemented the OECD’s international standards for tax transparency; there are more than 350 TIEAs in force between countries. STEP said that the “great majority” of such agreements are between countries that have, in its opinion, a good track record of governance and protecting human rights. But a minority do not fall into this category, and the number of countries trying to obtain tax data through TIEAs is expanding. STEP said that more than 90 countries have joined the OECD Global Forum on Transparency and Exchange of Information For Tax Purposes. (The report did not identify any specific jurisdictions by name as giving grounds for particular concern, however).

Future OECD entrant candidates include the likes of Indonesia, China and Russia, none of which have a stellar reputation for the protection of human rights. The World Bank, says STEP, issues performance rankings on jurisdictions for issues such as respect for property and individual rights, control of corruption and regulatory effectiveness. In the top 25 jurisdictions are places such as Finland, Liechtenstein, Switzerland, Sweden, New Zealand and Germany; in the bottom 25 are places such as Burundi, Chad, Sudan, Zimbabwe, Angola, Uzbekistan and Venezuela.

“There are growing concerns that without strong and explicit safeguards, the growing number of countries exchanging data via TIEAs will significantly increase the danger that sensitive personal data will be abused. The risk of abuse would be compounded if there is any general move to automatic information exchange without further strong safeguards,” STEP said.

In particular, the report noted that as of July this year, there were no published OECD proposals to protect individuals’ privacy or any acknowledgement from leading political figures that this was an issue. STEP is urging the OECD to set down a standard saying that only countries that achieve a minimum standard on national governance should have access to personal data from abroad and put in place measures to make sure that only “relevant and necessary” data are handed over.

STEP is right to be concerned, and it is not alone in its worries. Dan Mitchell, a senior fellow at the Washington DC-based Cato Institute and co-author of a recent book on global tax policy, argues that the privacy and human rights aspects of TIEAs have been overlooked.

Asher Rubinstein, a US-based lawyer at Rubinstein & Rubinstein, who looks at such issues, said concerns are justified but added this caveat: "I agree with the concerns over privacy following the exchange of information pursuant to a TIEA.  However, this is merely pointing out the obvious: there is no longer any secrecy with respect to accounts at foreign financial institutions.  If banking information is shared pursuant to a TIE exchange, the "cat is already out of the bag", so to speak."

"For instance, if the IRS obtains banking data from a foreign bank, there is little limitation to how the IRS may use the information, including sharing the data with other agencies such as the SEC, and with state authorities.  We already have seen the German government share bank account data with other governments including the UK, US, Canada and even India, whose government is now investigating Indian nationals with non-compliant foreign accounts," he added.

Not just about tax

"It's not just an economic or tax issue. There are certain human rights concerns here. There are many governments that are discriminatory and oppressive and offshore centres are a safe refuge allowing victims of tyranny to protect family assets,” said Cato's Mitchell. He cited the position of groups such as ethnic Chinese people living in Indonesia, as an example of groups that have historically had an uneasy relationship with the government.

The privacy issue is even more poignant nowadays because governments, he said, are also losing confidence among their citizens over issues such as their ability to safeguard data - he cited examples of how the UK administration, for instance, lost laptops and discs of client information.

In the past, people living in parts of the world where there is a risk of kidnap by criminal gangs or by governments stealing their citizens’ property, have used numbered bank accounts as security. But this is obviously a tricky issue and governments looking to hunt down criminals do need access to bank data. While secrecy protects the vulnerable, it has also been misused by criminals – hence the difficulty of balancing privacy and security. And of course, since 9/11, the scales have weighed even more heavily against client confidentiality due to the need to trace and freeze funding for certain groups.

Philip Marcovici, chief executive of LawInContext, a consultancy, and who recently advised the government of Liechtenstein on that jurisdiction’s disclosure agreement with the UK government, said that agreement was notable for the high importance attached to client privacy. There are grounds for some concern about the sheer number of TIEAs being signed, he said.

"In the rush to enter TIEAs it could well be that the best interests of families and individuals are not at the forefront of concerns," he said. "I think they [STEP] do have a point. The big rush by financial centres to sign and enter into TIEAs is notable," he said.

STEP’s warning about the proliferation of tax information exchange agreements is timely. This issue is not just about revenue and fair play over tax. There are serious governance matters at stake. Countries must think long and hard about transferring data if there are not processes in place to guard against information reaching the wrong hands.

(The OECD did not respond to this publication's request for comment at the time of going to press.)