The main concern for cloud providers as potential tax payers in user countries, such as Portugal, is to assess their business taxability in a given country (nexus concerns) and to what taxes they are subject.

Database-as-a-Service (DaaS) and Hosting-as-a-Service (HaaS), among many others, are two very common features of Software-as-a-Service (SaaS), one of the well-known service models of cloud computing. Our article will focus on these two primary features of SaaS and within a public cloud environment. The big DaaS and HaaS providers are US companies (v.g., Dropbox, iCloud and Google Docs) as long as Portugal (and Europe for that matter) is uniquely a user country.

In Portugal there are no specific taxation rules or guidelines for e-commerce transactions, either explicit or implicit.

And the problem of e-commerce taxability has only aroused within the academic environment (and 20 years of research passed there hasn’t been found a concrete solution), being the recent cloud computing discussion held only in the US.

Portuguese Tax Authorities are not yet aware of the problem, at least publicly. Portuguese Tax Authorities are mainly concerned with solving other big taxation issues related to more tangible and traceable realities.

But the truth is that e-commerce transactions and specifically cloud computing ones are becoming a very popular reality and soon will trigger the countries’ Tax Authorities attention, since they will see it as another source of revenues, particularly in this economic and financial crisis atmosphere.

Tax experts can only do one of both: either they find a unique and exclusive solution for e-commerce, or they find ways to fit and adapt existing rules (thought out to a physical reality) to a virtual one.

Cloud providers, as potential tax payers, must ask themselves the following questions:

  1. What it is that I’m selling or providing?
  2. What are the relevant nexus that link my business activity to a certain territory?

After having reached a plausible answer to the questions above, tax payers can start to worry about compliance issues: what taxes am I subject to pay and where?

A cloud transaction might trigger income tax (on companies’ profits) and GST or sales and use tax in the US and VAT in Europe.

The problem that follows is that more than one jurisdiction might find itself competent to tax the cloud transaction, leading to a double or even multiple taxation.

Or, on the other hand, the potential tax payer and the business activity it pursues might not even be detected by the local Tax Authorities, leading to a double non-taxation and tax evasion.


Cloud providers must define very well what it is that they are selling or providing.

SaaS transactions’ complexity may vary from provider.

Is it a transfer of property over software? If it is a transfer of property, is it tangible or intangible property? Is it a provision of services? What kind of services? Only digitally delivered ones or other type? Is it rental income for the use of a license? Is it royalties?

The majority view is that cloud computing does not involve the transfer of software and apart from some apps related to the cloud, the software is not downloaded by the user. Usually the user pays for a periodical license fee for the data warehousing, the software hosting and the server management. Does that constitute rental income? It may as well be a provision of services because the user is paying a different amount accordingly to the memory made available for the data warehousing, i.e., “on a pay-per-use basis charge”. And if the provider of SaaS is simultaneously the intellectual owner of the software, it may as well mean that we’re standing before royalties income.

Tax and IT experts’ opinions on the transactions definition vary a lot.

At the US level, both federal and local, each State chooses the right to tax or not to tax based on completely different assumptions, transactions definitions and nexus. There is a total disharmony that triggers multiple taxation problems.

So in the US cloud providers can preview if they’re going to be taxed and why and need to find a way to eliminate double taxation. 

In Europe and in particular in Portugal cloud providers can’t even preview if they’re going to be taxed or not, much less how and on what grounds.

If Portuguese Tax Authorities deem to find the cloud transaction as a transfer of property then it might be subject to tax for VAT purposes as well as income tax. If it is considered a provision of services, whether digitally delivered or delivered by other means, then it might be subject to tax for VAT purposes as well as income tax. If it is considered as a rental income for the use of a license then it will only be subject to income tax. If it is considered as royalties then it will be subject to withholding tax.

For income tax purposes the Model Convention of OECD (of which Portugal is a signatory country) requires a physical presence to trigger taxation, no matter the substrate of the transaction – residency or a permanent establishment of some sort, considered as such by the OECD guidelines. In Portugal the Companies Revenue Code (“CIRC”) tax the company’s profits because it has here its headquarters (on a worldwide basis) or because it has here some type of a permanent establishment – subsidiary, branch or other (based on the revenue source).

On what concerns VAT, article 6 of Portuguese VAT Code (transposed by EU VAT Directive) locates the operations in order to assess what jurisdiction has competence to tax. But even these rules for locating operations are based on spatial and physical notions. And we advance the following information: if a US cloud provider makes SaaS available for a Portuguese final consumer and the Portuguese Tax Authorities consider the cloud transaction (which they most probably will do) as a provision of electronically delivered services, then the cloud transaction will be taxed in Portugal and the cloud provider must register in Portugal for VAT purposes and charge VAT at a 23% rate.


So far we’ve talked about the possible definitions for the substrate of the transaction, the possible taxes imposed on the transaction and now we need to start clarifying the “where”, i.e., the relevant nexus that may link a business activity to a given territory and as such which jurisdictions have the right to tax.

To illustrate the nexus crisis when applied to e-commerce here is an (extreme, yet possible) example: company A is profitable on turning real money into virtual currency for items’ purchases on online games. There may be or not a website with this company information. If there is a website, it could be lodged on a third party’s server. The company has 3 directors, each one has residency in a different country. They communicate with each other only via e-mail and the board meeting are held through videoconference. They bind the company in all its acts by authenticated digital signature. The company’s workers and collaborators are dispersed worldwide and they are linked by an intranet. The company’s accountancy is in digital format saved on a hard-drive. Question: is there any nexus with a certain territory?

This completely virtual reality does not fit existing sourcing rules to assess tax jurisdiction or fiscal sovereignty.

Throughout the years there have been many attempts to solve nexus issues. Two opposite approaches have been forwarded: i) the creation of new nexus especially designed for this virtual reality or the creation of a new tax unique and exclusive for e-commerce transactions - we could even go extreme and conceive a new tax code just for this reality with both income and consumption manifestations, categories of income, categories of tax payers, nexus and sourcing rules, exemptions, different rates if necessary, and ii) to adapt and materialize existing nexus rules.

Regarding the first type of approach, we highlight the OECD proposal for a Bit Tax. It would consist of the following: tax would be levied on the amount of bits transmitted. It could either function as a consumption tax or a withholding tax. The proposal came out to be rejected because it didn’t pay respect to the fundamental tax principles: neutrality, contributory capacity and equality. It would discriminate between traditional transactions and online transactions and it was impossible to establish a direct correspondence between the bits transmitted and the real market value of the operations. On the other hand, it could promote tax fraud: for instance, taxpayers would try to find ways to minimize taxation by extreme file compression and transactions’ shifting from the Internet to intranets. Portugal expressly rejected Bit Tax proposal in Resolução do Conselho de Ministros n.º 94/99.

Regarding the second type of approach, we highlight the following:

  1. Direct taxation of shareholders by means of a fiscal transparency regime: however this would misrepresent the fiscal transparency regime thought out to a specific situation and it would be a bad precedent for taxation to disregard the collective entity for this matter.


  1. Virtual Permanent Establishment: no need to fulfill the requirement of a “fixed place of business”. It would only matter the substrate of the economic activity on a continued basis, measured by factors like the business volume, the number of transactions, the use of local servers, the existence of software patents. Problem is this proposal is extremely difficult to materialize and it is still attached to the PE form, intrinsically created to solve physical nexus issues.


  1. Server’s location: this proposal almost reached welcoming by the OECD and it is notwithstanding discussed in the Model Convention Commentaries.  The problem with the server is that it constitutes hardware, something physical and can be very easily displaced. A larger problem is the existence of mirror servers (website lodging duplicates). The nexus is thus very easily manipulated.


  1. ISP: the Internet Service Provider only manages servers and makes data warehousing available on the Internet. Thus it couldn’t function as a PE-Agency because it has no powers to conclude contracts. Similar to the PE Agency is the US concept of “click-through nexus” in which the provider receives customers by means of a link in a third party’s website.


There is an authentic crisis because taxation was forever based on territorial, physical and easily traceable pillars. And IT is not.


The inherent dematerialization of e-commerce, the absence of territorial nexus or the multi-location of possible nexus make it very hard to determine the jurisdictions competent to tax.

Plus, the intrinsic anonymity of e-commerce makes it hard to acknowledge the parties involved in the transactions and the identification of the potential tax payers. The parties involved can also experience extreme mobility and shifting and easily manipulate nexus. All of this may cause treaty shopping phenomena (tax payers manipulate nexus in order to choose the most favorable jurisdictions in which to be taxed through DTC’s scope).

The lack of specific and concrete rules or guidelines for e-commerce and cloud transactions on one hand promote tax base erosion and tax evasion for potential taxpayers that want to elude Tax Authorities and on the other hand make it impossible for dutiful tax payers that want to comply.

The same lack of specific rules instigate uncertainty and disharmony in countries attempts to solve the cloud & tax problems, since each of them comes up with a different solution of their own causing either a double taxation of the same income (more than one jurisdiction finds itself competent to tax) or a double non-taxation and/or tax evasion (because not even one jurisdiction finds itself competent to tax).

Besides the problems above, we still have to disclose another one very important, that is Transfer Pricing applied to e-commerce. The arm’s length principle is based on comparable transactions between unrelated parties and in the virtual economy there are no comparable transactions. Particularly in cloud transactions companies are complexly integrated and the operations involve non-replaceable services and intangibles. Tracing the source and value of the operations is also hard: it is not easy to follow the trace within the chain of distribution between intellectual property rights, cloud infra-structure and high-qualified personnel


It is imperative for European and non-European countries apart from the US to start designing the most adequate tax treatment to this new virtual reality and in order for countries to acknowledge potential tax payers and trace taxable transactions and to avoid harmful phenomena it is imperative to strengthen their relationships on what concerns Exchange of Information Agreements and Double Taxation Conventions.