ATO looks to “unattributable exploration” of social media and the internet

The Australian Taxation Office (ATO) is set to acquire software that will facilitate “unattributable exploration” of various online platforms, including social media and different segments of the web—surface, deep, and dark. This initiative aims to expand the ATO’s existing open-source intelligence (OSINT) capabilities, which were initiated last year to bolster the protection of Australia’s tax and superannuation systems.

In recent tender documents, the ATO indicated that its OSINT efforts have already enabled proactive measures to safeguard Commonwealth revenue and maintain the integrity of these systems. The agency is now looking for one or more OSINT tools to support a range of applications in intelligence, operations, and data science.

The ATO highlighted that multiple dedicated teams are tasked with the protection of tax and superannuation systems. These teams have an ongoing need to stay ahead of online criminal behaviors that threaten the taxes, identities, and operations of Australian citizens and agencies.

In terms of data science, the focus is more internally oriented, emphasizing monitoring, detection, and prevention of potential fraud. This aligns with the ATO’s recent request for behavioral analytics software to address insider threats.

The ATO’s new specifications include advanced tools for targeted digital data collection across a variety of platforms such as Facebook, Instagram, Twitter (now X), Telegram, Gab, Reddit, 4chan, 8kun, VK, and Discord. The agency also emphasizes the necessity of collecting data from a wide array of dark web forums and marketplaces.

This capability will empower the ATO, along with the Tax Practitioners Board (TPB) and the Australian Charities and Not-for-profits Commission (ACNC), to enhance their ability to detect, intercept, and disrupt serious financial crimes increasingly exploited by criminals.

Initially, access to these tools will be limited to a small group of about 40 staff members, with potential for that number to double over time. The largest user base, consisting of around 28 operational and tactical users, will have the most sophisticated technical resources at their disposal.

Among the desired features are mechanisms that enable investigators to blend seamlessly with online traffic during searches, the capability to geolocate individuals of interest, and tools for attribution tracing similar to advertising identification software used by major tech companies like Apple, Google, and Microsoft.