P1: IML/FFX P2: IML/FFX QC: IML/FFX T1: IML
PublicAcc WL040/Bidgolio-Vol I WL040-Sample.cls June 19, 2003 16:55 Char Count= 0
IMPLEMENTATIONCONSIDERATIONS 153privilege as well as the limitations of section 7525. CPAs
need to know what is considered a confidential commu-
nication and what types of tax work and documents are
protectable. In addition, CPA firms will need to implement
office practices to be sure that no disclosure occurs that
may cause a client’s privilege to be waived. For example,
inadequate electronic storage or security over the storage
may indicate that no confidentiality was intended, thus
the information is not privileged. In addition, CPA firms
need to evaluate whether any encryption or other precau-
tions are needed to ensure that electronic transmissions
protect confidential information.
Questions have been raised over the past several years
by attorneys and bar associations as to whether e-mail is
a confidential delivery vehicle such that information sent
via e-mail is privileged (assuming it otherwise qualifies
for protection under the privilege). Questions have also
arisen as to whether certain rules, such as those dealing
with solicitation, apply to e-mails and information pro-
vided on Web sites. Some states have issued guidance on
these matters. For example, in 1997, the Illinois State Bar
Association issued Advisory Opinion No. 96–10. The con-
clusion reached is that an attorney’s duty to protect con-
fidential client information is not violated by the attor-
ney’s use of e-mail and the Internet without encryption to
communicate with clients unless unusual circumstances
require enhanced security measures (such as when it is
already known that break-ins have been attempted). The
rationale is that the ability to intercept e-mail is about as
difficult as intercepting a regular phone call. Also, inter-
cepting e-mail is illegal under the Electronics Communi-
cations Privacy Act of 1986. Before communicating via
e-mail with a client or potential client, however, consid-
eration should be given to who else has access to the e-
mail. For example, if the client is using the e-mail system
at his or her job site and it is regularly reviewed by the
systems administration staff or is shared e-mail, there is
no expectation of privacy and thus no indication that the
communication was intended to be confidential. (Also see
American Bar Association Formal Opinion No. 99–413.)
There is little case law on the subject of e-mail and
confidentiality, and no guidance with respect to the IRC
section 7525 privilege. Several states, however, have is-
sued opinions similar to that in Illinois, which may pro-
vide some general guidance for a CPA. CPA firms will need
to consider the limited guidance that exists, the basics of
the privilege, and the nature of the information involved
and the security situation (for example, is it one prone to
hackers?) in establishing the procedures needed to main-
tain the client’s privilege under section 7525 with respect
to electronic transmission of protected tax information.
Future guidance from the IRS may provide some assis-
tance on this matter as well.Privacy in Practice
A CPA firm doing business over the Internet, such as on-
line consulting, will need to demonstrate to clients that
information transferred electronically and Web-based ac-
counting information is secure from people who are not
supposed to access it and view it. Clients will also need
to know that the CPA firm’s data storage systems are se-
cure. Basically, to be successful and to operate within aCPA’s professional responsibility, the CPA firm may want
to provide the same key protections provided by a seal of
approval such as CPA WebTrust (see earlier discussion of
this service). The three assurances offered by WebTrust
are proper disclosure of business practices for e-business
transactions, integrity of transactions, and protection of
information. In essence, CPA firms will certainly find that
clients will want the same privacy and security protec-
tions from the online services they receive from their CPA
that their CPA, as a trusted business advisor, should be
recommending for the client’s business.Regulatory Considerations in Online Financial Report-
ing.Since 1995, the SEC has issued various releases pro-
viding guidance to companies and their financial advisors
on procedures to allow for electronic delivery of financial
information. Generally, use of technology to deliver infor-
mation is encouraged because of its efficiency in allowing
for quick and wide distribution of information in a cost-
efficient manner. The 1995 and 1996 SEC releases pro-
vide guidance to ensure that the electronically delivered
information is at least equivalent to paper delivery (Se-
curities Act Releases Nos. 7233 [1995] and 7288 [1996]).
The creation of XBRL has made use of the Internet to de-
liver and present all types of financial information in a
standardized language, a reality. The usage of electronic
financial reporting will continue to result in the need for
more guidance to ensure that the information is as com-
plete and reliable, however, as has been expected with pa-
per disclosures. Securities Act Release No. 7856 (2000)
addressed issues that can arise when a registered com-
pany’s Web site includes links to Web sites of third parties
that include financial information about the company. For
example, to what extent is the company liable under the
antifraud provisions of the securities laws for the finan-
cial information at the third party’s Web site? The release
states that the answer depends on the facts and circum-
stances of the particular situation. Three factors to be con-
sidered are the context of the hyperlink, the risk of investor
confusion, and the presentation of the hyperlinked infor-
mation. (View Internet-related SEC Interpretive Releases
at http://www.sec.gov/divisions/enforce/internetenforce/
interpreleases.shtml.)Taxation.In 1998, the federal government enacted the
Internet Tax Freedom Act (1998) providing a three-year
moratorium prohibiting state and local governments from
imposing certain taxes on Internet access fees. The Inter-
net Tax Nondiscrimination Act (2001) extended the mora-
torium to November 1, 2003. Debate continues on how
certain taxes should apply to Internet transactions. Exist-
ing tax rules were not written with the e-commerce busi-
ness model in mind, and sometimes online transactions
do not fit neatly within existing tax rules, and uncertainty
remains. Tax issues also exist in that some policymakers
believe that certain Internet transactions should not be
taxed so that the Internet and e-commerce will flourish.
CPA firms get involved in the e-commerce taxation de-
bates and issues because of their expertise with tax rules
and their obligation to advise clients. The area that has re-
ceived the most attention involves the application of sales