Appearance before the Standing Senate Committee on National Security and Defence on Canada Border Services Agency (CBSA) border security measures
April 28, 2014
Ottawa, Ontario
Opening Statement by Chantal Bernier
Interim Privacy Commissioner of Canada
(Check against delivery)
Introduction
Good evening Mister Chair and Members of the Committee and thank you for your invitation.
Joining me today is Chris Prince, our policy lead on the border file.
Let me begin by saying your study is timely.
As you have heard from previous witnesses, the changes underway in border security are vast and their privacy implications far-reaching.
In my time today, I will focus specifically on the data protection and sharing challenges - as these aspects implicate privacy rights of Canadians and non-Canadians alike.
Beyond the Border and Canada - US Joint Privacy Principles
As this Committee is well-aware, the 2011 Beyond the Border declaration and 2012 Perimeter Security Work Plan have a great many moving parts, each progressing on different tracks.
Bearing this in mind, the governments of both Canada and the US had the foresight to acknowledge and codify privacy as a major concern from the outset.
That is why the two governments established twelve Joint Privacy Principles to be observed as each perimeter security initiative is developed.
Among other things, these principles seek to require that organizations limit use and disclosure of personal information, ensure the public is fully informed and verify that information collected and shared is up-to-date and accurate.
We have, however, expressed some concerns with the shape of substantive protections accorded under these principles.
For example, we had hoped greater control would have been exerted to restrict onward transfer of data to third countries.
Ideally, a legal right for the originating country to refuse transfer of personal information would have been an important fail-safe.
Potential risks for individuals
For our part, over the past three years, we have expended considerable effort examining privacy risks connected with border security.
In our communications with CBSA and other agencies, we have flagged concerns touching on:
- The widening scope of sensitive personal information being collected;
- The expanding uses and sharing of this information by authorities;
- The need for clear complaint and redress mechanisms, and;
- Retention periods for sensitive personal information that would have to be justified.
A call for reform
Ultimately, choices at the program level of departments only go so far. And this is why in January we also recommended legal reform in our special report to Parliament, Checks and Controls.
To offer adequate protection in a modern information-sharing environment, Canada needs a modernized federal Privacy Act, so that:
- Departments clearly demonstrate the necessity for collecting personal information;
- Privacy Impact Assessments are required prior to implementing new programs, and;
- Provisions for exchange of personal information with foreign authorities are tightened.
This last point is particularly significant to your current study; simply put, federal agencies must exercise great care in sharing personal information with foreign counterparts.
They also must ensure the veracity of any such information.
Finally, we firmly believe agreements and rules for cooperation between domestic and foreign agencies must be as clear as possible beforehand and where practical put in writing.
Conclusion
In closing, each issue I have raised reflects the scope and reach of significant changes to Canada’s border security policy and they will be important for this Committee to consider.
Thank you and I look forward to your questions.
- Date modified: