Author: Aayushi Gupta
Introduction
The Income Tax Bill, 2025 (New IT Bill), introduced in Lok Sabha in February 2025, has garnered significant attention and not just for reasons that the taxpayers would have hoped. Likely to come into effect on April 1, 2026, the New IT Bill enables tax authorities to access various private digital spaces—such as emails, social media accounts, and online financial platforms—when there is suspicion of tax evasion, or when an individual is believed to hold undisclosed income, or property and denies access to relevant information. By extending search and seizure powers deeper into digital spaces, the New IT Bill raises notable privacy concerns.
What does the New IT Bill say?
According to Clause 247 of the New IT Bill, tax authorities may override a taxpayer’s systems to access electronically stored data if two conditions are met. First, they must have reason to believe—based on information in their possession—that the taxpayer has evaded taxes or holds undisclosed income, property, or valuable items on which applicable income tax has not been paid. Second, the taxpayer fails to grant access to that data. Notably, this search process may be authorized under both the New IT Bill and the Black Money (Undisclosed Foreign Income and Assets) and Imposition of Tax Act, 2015.
Under the existing Income Tax Act, 1961 (IT Act), Section 132 allowed income tax officers to inspect books of accounts, or other documents maintained as electronic records. Under the IT Act, authorities had the power to break open locks of safes, doors, boxes, lockers, or almirahs if keys were unavailable. In the case of electronic records, individuals in possession of such documents are required to provide necessary assistance in facilitating inspection by tax authorities. However, the provision did not explicitly state whether authorities could override access to electronic records if it was denied. The power to override access was confined to physical spaces under the IT Act, whereas the New IT Bill extends this power to digital spaces, allowing tax authorities to gain access to virtual digital spaces in cases where access is not granted. By doing so, the New IT Bill introduces a notable shift from the existing legal framework, which does not expressly provide for such digital access.
Clause 261(i) of the New IT Bill defines a “virtual digital space” as any computer-created environment that is separate from the physical world. This space enables interactions, communications, and activities via computer systems, networks, and emerging technologies and is used to create, store, and exchange electronic data. It includes email servers, social media accounts, online investments, trading and banking accounts, websites storing asset details, remote and cloud servers, digital application platforms, and similar spaces.
Clause 261(e) of the New IT Bill further clarifies that a computer system includes not only computers, networks, and devices but also digital or electronic data storage devices—whether used individually or as part of a network. This definition also covers devices used by intermediaries for information creation, processing, storage, or exchange, as well as remote servers, cloud servers, and virtual digital space.
Possible Implications
The expanded enforcement authority under Clause 247 of the New IT Bill builds on the existing search and seizure power under Section 132 of the IT Act and has raised several concerns. First, the Bill does not clearly define the extent of the “reason to believe” required for these actions. Even though the extent of the reason for belief is not clear, the Apex Court, in Income Tax Officer Ward No. 16(2) v. M/S Techspan India Private Ltd. and Anr. (2018) affirmed that there should be a rational nexus between the facts considered and the conclusions reached and that they must not be arbitrary, vague, and based on mere suspicion. Even though the court cannot judge the sufficiency of the ground, it can examine whether the reasons recorded are actuated by mala fides or on a mere pretence and that no extraneous or irrelevant material has been considered. Additionally, Clause 249 prevents disclosure of the basis for such belief to any person, authority, or the Appellate Tribunal, which means that the specific rationale behind each search may remain undisclosed, preventing taxpayers from effectively challenging searches. This also obfuscates the implementation of judicial principles in relation to the phrase “reason to believe”. Courts, including in Ajit Jain v. Union of India (2000), have recognised that some transparency is vital to meaningful judicial review.
The inclusion of “digital” elements within the New IT New IT Bill, to address modern methods of tax evasion, may be a valuable addition, but the absence of procedural safeguards to prevent misuse of search and seizure powers also raises concerns about potential privacy infringement. The Supreme Court’s K.S. Puttaswamy (Retd.) v. Union of India (2017) judgment affirmed that the right to privacy is intrinsic and inalienable under Article 21 of the Constitution. Any intrusion into privacy must meet the following criteria:
- There must be an existing law that authorizes the intrusion.
- The law must serve a legitimate state aim and fall within the zone of reasonableness to prevent arbitrary action—prevention and investigation of crimes qualify as legitimate aims.
- The extent of interference must be proportionate to its objective.
- There must be procedural safeguards to prevent abuse of power.
While the New IT Bill satisfies the test of legality—having statutory backing once enacted—and aims to curb tax evasion in the digital age, where online platforms can facilitate non-reporting of income or money laundering, it may not fully meet the proportionality standard outlined in Puttaswamy. To ensure a balance between privacy and justified enforcement, procedural safeguards could be introduced to prevent arbitrary exercise of power. Justices D.Y. Chandrachud, R.F. Nariman, and S.K. Kaul, in Puttaswamy, emphasized that search and seizure powers must be accompanied by procedural safeguards to prevent misuse. Currently, the New IT Bill lacks explicit provisions to ensure searches are conducted with proper oversight by putting in place certain procedural safeguards to guarantee the privacy of individuals.
Crucial safeguards exist in other laws. Under Section 17 of the Prevention of Money Laundering Act, 2002, authorities can conduct searches if they have a reason to believe a person is involved in money laundering or possesses related records or property. However, they must record these reasons in writing, and submit them to the Adjudicating Authority immediately after the search. Section 97 of the Bharatiya Nagarik Suraksha Sanhita, 2023 (BNSS), which relates to suspected stolen property, mandates that searches be conducted only after an inquiry establishes sufficient grounds with a warrant authorizing the police to seize relevant property. The requirement to document searches and report them to higher authorities acts as a safeguard. In comparison to the above examples, the New IT Bill significantly expands digital access powers without introducing comparable procedural safeguards.
Internationally, many countries balance tax enforcement with privacy protection. The Canadian Charter of Rights and Freedoms requires search warrants and production orders when digital information is needed as evidence. A nexus between the files examined and the purpose of warrant must also be established. In the United States, while the Constitution does not explicitly mention the right to privacy, the Fourth Amendment protects against unwarranted searches and seizures by requiring a warrant supported by probable cause, which necessitates reliable and trustworthy information sufficient to lead a person of reasonable caution to believe that an offense has been committed. Additionally, the OECD Declaration on Government Access to Personal Data Held by Private Sector Entities outlines safeguards such as prior approval by judicial or independent authorities. Where prior approval is not required, other legal safeguards, including clear conditions and oversight mechanisms, ensure against misuse.
In contrast, the New IT Bill grants tax authorities access to virtual digital spaces without similar oversight, which may affect individuals’ right to privacy in the digital realm. Without safeguards—such as prior approval, effective oversight, and transparency in the basis of search—concerns remain about the protection of personal data. Any intrusion into privacy should be justified by a clear purpose and supported by enforceable procedural guarantees.
Conclusion
Modernizing tax investigations to address challenges in the digital age is an important objective. However, to align with the proportionality standards set by the Puttaswamy judgment, it may be worthwhile to consider clear procedural safeguards. For example, tax authorities might be encouraged to maintain a well-documented, demonstrable reason—beyond mere suspicion—when a taxpayer is believed to be evading taxes or concealing income or property. It could also be beneficial to obtain prior judicial approval before accessing private digital space and to keep detailed records that outline the grounds for such searches.
Furthermore, it may be helpful to clearly specify how information obtained from virtual digital space is used, ideally limiting its application strictly to tax proceedings and preventing any unrelated access. By establishing these explicit protocols and oversight mechanisms, the balance between effective tax enforcement and the protection of individual privacy rights can be maintained within a transparent and accountable democratic framework.
