Citation: Minister of National Revenue v. Shopify Inc., 2025 FC 969
Court: Federal Court of Canada
Date: May 29, 2025
Judge: The Honourable Mr. Justice Régimbald
Docket: T-778-23

Overview

This case involves the Minister of National Revenue’s attempt to compel Shopify Inc. to disclose extensive information about its Canadian users under the Income Tax Act (ITA). Specifically, the Minister sought judicial authorization to issue an Unnamed Persons Requirement (UPR) under subsection 231.2(3) of the ITA, targeting a broad class of Shopify users who sold or leased products and services using Shopify’s platform and provided a Canadian address during account registration.

The Court ultimately denied the Minister’s application, finding that the request failed to meet the statutory threshold under paragraph 231.2(3)(a) of the ITA—namely, that the targeted group must be “ascertainable.” The decision emphasized that lack of definitional clarity and internal inconsistencies in the Minister’s request rendered the proposed UPR unworkable.

Key Legal Framework

Under subsection 231.2(3) of the ITA, the Minister must satisfy the Court of two preconditions to authorize a UPR:

  1. The group of unnamed persons is ascertainable; and

  2. The request is made to verify compliance with duties or obligations under the ITA.

Even where these preconditions are met, the Court retains residual discretion to deny the request or impose conditions.

Facts and Minister’s Application

Shopify is a Canadian e-commerce platform that enables users to sell goods and services online and through various physical and digital channels. The Minister sought a UPR directing Shopify to produce detailed user data for all “Canadian-resident merchants” over the previous six years. The request included:

  • Names, dates of birth, SINs, business numbers

  • Contact information and IP/domain data

  • Banking and transaction details

  • KYC (Know Your Customer) documentation

The stated objective was to verify compliance with income tax obligations.

The Court’s Analysis

1. Ascertainability of the Target Group

Justice Régimbald conducted a rigorous review of whether the group of persons targeted by the UPR could be considered “ascertainable.” He acknowledged that Canadian jurisprudence has established a relatively low threshold for this term, and that broad data sweeps can be acceptable under the ITA. However, the Court found the proposed group definition problematic for several reasons:

  • The Minister used the terms “Shopify Owner,” “Merchant,” and “Store Owner” inconsistently.

  • The definitions failed to distinguish between business owners, employees, third-party contractors, and others “associated with” an account.

  • The group’s scope was contradictory between the draft UPR (focused on the address at registration) and affidavit evidence (focused on current address association).

  • Shopify’s system does not record some of the requested data unless users enroll in financial services, making compliance impossible for many accounts.

Justice Régimbald emphasized that the ambiguity and internal inconsistencies in the group definition rendered it non-ascertainable, thereby failing the first statutory precondition.

2. Verification of Compliance (s. 231.2(3)(b))

Although it was not necessary to consider this second requirement due to the failure on ascertainability, the Court proceeded with the analysis given the potential use of this application as a test case for future UPRs.

The Court found that the lack of clarity around the target group undermined the Minister’s ability to show that the request was truly aimed at verifying tax compliance. The evidentiary record did not establish a credible or direct link between the group definition and a concrete audit purpose. Furthermore, the Minister failed to show why the requested data—some of which was unavailable or purged—was necessary for enforcement under the ITA.

3. Residual Discretion and Proportionality

The Court considered its discretionary power to deny the request or impose terms, even if the two statutory preconditions were met. Key concerns included:

  • Feasibility: Shopify demonstrated that compliance would be extraordinarily burdensome, potentially taking nearly a decade.

  • Proportionality: The scope of the request and the vast volume of sensitive data sought were disproportionate to the potential compliance benefits.

  • Privacy: Although privacy concerns are not central to the Court’s mandate under s. 231.2(3), the Privacy Commissioner had raised significant concerns about the breadth and intrusiveness of the request in a special report, which the Court noted.

The Court held that even if the preconditions were met, it would decline to authorize the UPR due to impracticality, disproportionality, and the unavailability of key information.

Context and Related Proceedings

This application was heard in conjunction with another (File No. T-777-23), involving a similar request related to an international tax agreement with Australia. That case raised overlapping but distinct issues. The present matter was limited to domestic enforcement and was compared to past UPR cases such as Roofmart, Rona, and PayPal.

Justice Régimbald took care to distinguish this case from earlier approvals of similar UPRs, noting that while courts have often approved broad information sweeps, they did so in contexts where the data was clearly defined, readily available, and legally justifiable. Those conditions were not met here.

Conclusion

The Court denied the Minister’s application to issue a UPR to Shopify Inc. on the grounds that the targeted group was not ascertainable within the meaning of the ITA, and that the request was vague, impractical, and disproportionate. This decision reinforces the necessity for the Minister to draft UPR requests with clarity and precision, especially when dealing with complex digital service providers like Shopify.