MPs reject KRA’s push for unrestricted access to taxpayers’ data

By Newsflash Correspondent

The National Assembly Finance Committee has, for a second time, rejected a proposal to allow the Kenya Revenue Authority (KRA) unrestricted access to taxpayers’ data, citing concerns over privacy rights and constitutional limitations.

The controversial clause, contained in this year’s Finance Bill, sparked public outcry over alleged privacy infringements as the government seeks personal and corporate data to crack down on tax evasion.

Currently, KRA can link its system with those of third parties like banks, telecoms, remittance companies, and payment service providers—without accessing personal data or proprietary business information. The proposed changes aimed to repeal Section 1B of tax laws, which prohibits KRA from unlimited access to such sensitive data.

The committee stated that existing laws already provide KRA the authority to retrieve financial records using court-issued warrants, making the proposed amendment redundant.

“Considering these protections, the committee found the provision unnecessary and potentially in violation of the Constitution,” the report noted. Treasury Cabinet Secretary John Mbadi had supported the clause, arguing it was vital in tackling tax evasion, especially by high-net-worth individuals hiding assets behind legal shields. He said the amendment was key for enabling the tax agency to obtain financial records from individuals and businesses to uncover tax fraud.

The government is trying to raise tax revenue to meet mounting debt repayments by broadening the tax net and clamping down on evaders. Last year’s Finance Bill led to violent protests against tax hikes.

Private sector opposes data access plan

This year, the Treasury avoided introducing significant new taxes or increasing current ones. In removing the clause from the 2025 Finance Bill, the Finance and National Planning Committee said giving KRA unchecked access to personal data would infringe on privacy rights. “Regarding KRA’s proposed wide-ranging access to personal data for tax enforcement—especially involving trade secrets or customer information—the committee determined that the provision fails to meet Article 31(c) and (d) of the Constitution, which guarantees the right to privacy,” the committee said in its Monday report.

Private sector players, including KPMG and Oraro and Company Advocates, urged the government to withdraw the proposal, warning it violated fundamental privacy rights.

In an earlier analysis of the 2025 Finance Bill, KPMG cautioned that giving KRA unfettered data access would undermine public trust while breaching other legal protections. “Firms may be forced to reveal personal customer data, triggering concerns over data safety, privacy law compliance, and risks of misuse or data leaks,” the firm said. “A lack of confidentiality and privacy safeguards could damage taxpayers’ confidence in KRA, resulting in opposition or refusal to share data. Moreover, forcing disclosure of proprietary and private data contravenes the Data Protection Act and Industrial Property Act.”

KRA under scrutiny

KRA is already under scrutiny from companies for attempting to integrate its systems with theirs, amid fears it would gain unauthorized access to private data.

Banks, for example, have resisted KRA’s system integration demands, concerned it could tap into confidential account transaction details. A legal amendment in December gave KRA the authority to compel taxpayers to link their systems with the agency’s to identify tax evaders and improve collections.

However, that law explicitly barred KRA from demanding integration involving trade secrets or personal data gathered during business.

The Parliamentary Committee emphasized that KRA can already access sensitive information under existing laws. “The committee observed that Section 51 of the Data Protection Act clearly outlines the conditions for exempting certain data protections,” it stated. “Furthermore, Section 60 of the Tax Procedures Act empowers the Commissioner or an authorized officer to access relevant data for tax purposes, as long as a court-issued warrant is obtained.”