Skip to main content

TRAN Committee Meeting

Notices of Meeting include information about the subject matter to be examined by the committee and date, time and place of the meeting, as well as a list of any witnesses scheduled to appear. The Evidence is the edited and revised transcript of what is said before a committee. The Minutes of Proceedings are the official record of the business conducted by the committee at a sitting.

For an advanced search, use Publication Search tool.

If you have any questions or comments regarding the accessibility of this publication, please contact us at

Previous day publication Next day publication
Skip to Document Navigation Skip to Document Content


Standing Committee on Transport, Infrastructure and Communities



Tuesday, May 11, 2010

[Recorded by Electronic Apparatus]



    Thank you, and good morning, everyone. Welcome to meeting number 16 of the Standing Committee on Transport, Infrastructure and Communities. Our orders of the day, pursuant to Standing Order 108(2), are a study of aviation safety and security.
    Joining us today, we have, from the Canadian Civil Liberties Association, Nathalie Des Rosiers, general counsel, and from the Canadian Airports Council, Toby Lennox, Howard Bohan, and Normand Boivin.
    I'm sure you've been instructed as to the process. We do have a few members who will join us as we start, but I think in order to make time I'll ask you to start, please.
    Good morning. My name is Howard Bohan. I'm vice-president of operations and customer experience for the Greater Toronto Airports Authority. I'm also here on behalf of the Canadian Airports Council. My colleagues are Toby Lennox, vice-president of corporate affairs and communications, and Normand Boivin, vice-president, airport operations and aviation development with Aéroports de Montréal.
    Thank you for the opportunity to appear before you today to provide airports' perspective on aviation security. We also appreciate the time that the committee is taking to examine this critical issue. It is our view that an open dialogue on aviation security with key industry partners will help to produce an even more efficient and effective aviation security system. We will be pleased to answer any questions that the committee may have, both at this session and at any member's convenience.
    The Canadian Airports Council was formed in 1992 as the federal government devolved control of airports to local private non-share corporations. Since that time, the CAC has evolved into the national representative for airports on a wide range of significant issues and concerns.
    Canada's airports are engines for economic development in the communities they serve and are one of their most important elements of local infrastructure.
     The CAC's membership represents more than 200 Canadian airports, including all of the national airports system airports and most passenger services in every province and territory.
     Together, CAC members handle virtually all of the nation's cargo and international passenger traffic and 95% of the domestic passenger traffic. They create well in excess of $45 billion in economic activity in the communities they serve, and more than 200,000 jobs are directly associated with CAC member airports, generating a payroll of more than $8 billion annually.
    Mr. Chairman, the airport community understands and supports the importance of aviation security. The safety and security of our passengers and air carriers is paramount. It is our first concern in operating the airports and informs everything we do. There is, in our view, a direct link between stable, dependable airport security and the health of the Canadian air transportation system.
     It is very clear that attacks on aviation, even those not originating in or directed at Canada, have an impact on people's willingness to travel by air. Canada is a vast nation, where communities are linked to each other and to the wider world by our transportation system. Airports are mindful that the security of that transportation system is crucial to our economic and national well-being.
    The thankfully failed attack of December 25 served as a serious reminder. We need to continually re-examine the current air security system to ensure that it adequately addresses risks and vulnerabilities, and that it is playing that foundational role in the economic success of Canada.
    We therefore enthusiastically welcome the decision of this committee to conduct the current study and the decision of the Government of Canada to engage in a comprehensive national security review. It is entirely appropriate that we engage in this review, and we look forward to providing whatever assistance is necessary.
    It is important to recognize that any discussion of aviation security should not simply examine and unpack what happened on December 25. Rather, the discussion should look forward to anticipate future threats in light of the significance of the economic importance of aviation security.
     December 25 reminded us that the threat is very real, but also that we can no longer simply balance security with customer service. It is no longer a trade-off. The singular challenge we face is that we as an industry have to excel at both.
     We must work together to find better, more efficient ways of identifying, assessing, and mitigating risk holistically, with a new appreciation for the impact on business and industry sustainability.


    In achieving this lofty goal, we ask that any review consider the vital role of the airport operators. They are the only ones who can connect all the dots through recognition of industry/business interdependencies and associated impacts of security-related interruptions.
    Unlike particular agencies whose mandates are necessarily limited, it is only the airport operators who are able to see the entire airport as a system. As a result, we are able to identify and address the various challenges of implementing a fully integrated and holistic security system, which starts at the perimeter of the airport and goes through to the aircraft seat.
    The events of December 25 placed a tremendous strain on the ability of the air transportation system to function. The implementation of measures in one area resulted in unintended consequences in another, simply because the airport operator was not able to coordinate the various activities. It is also critical that any review recognize the very real distinctions between the size and roles of the various airports in Canada. It is essential that airports be engaged, whether they are regional airports or gateway airports. The question is one of “scalability” and taking advantage of the opportunities that exist in each type of airport. Smaller airports simply do not have the complexities of the larger ones, but their smaller, more communal character can serve to enhance security in ways that are not possible at gateway airports such as Montreal, Toronto and Vancouver.
    Systems should be flexible enough to deliver security in a completely different manner, depending on a number of factors, including available resources and levels of risk. We recognize that it will not be easy, but we feel that the issue of “scalability” should be viewed as an opportunity, not a challenge.
    If there is one impression that we would want to leave with the committee today, it is that airports recognize the importance of airport security, which is a top priority at all airports across the country. As well, as partners in the aviation industry, we must work together to create an integrated system that anticipates threats of the future and offer a customer experience that will ensure that people choose to fly.
    Should there be an incident similar to the event of December 25 at one of our airports, we understand that the impact could be immediate and devastating. Clearly, we are motivated to make sure that such an event never happens again. Again, I stress on behalf of the Canadian Airports Council that the safety and security of our passengers and air carriers is paramount. We are committed to working with all stakeholders, including the federal government and our various security agencies, to ensure that the safety and security of Canada's aviation system is world-class.



    Thank you.
    Mr. Volpe.
    Oh, I'm sorry, Madame Des Rosiers. Do you have a presentation as well?
    [Inaudible--Editor]...the fact that I showed up late. He's trying to draw attention to that.
     My apologies.


    I would like to thank you for having invited me. My name is Nathalie Des Rosiers, and I am here on behalf of the Canadian Civil Liberties Association. The first part of my presentation will be in French, and the second in English.
    The Canadian Civil Liberties Association is a non-profit organization that is recognized for its work on issues related to civil liberties in Canada. The organization was founded in 1964, and its expertise has been recognized both by the courts and House of Commons.
    In our view, four security models are the subject of the current debate on airport security. The first, relatively new model is based on what I would call "profiling", which is an Israeli model that makes use of behavioural profiling techniques in order to subject certain types of people to more in-depth investigations. The profiling model imposes a greater burden on some passengers and less on others. We suppose that this type of regime gives preferential treatment to some in order to avoid long line-ups. This first model identifies certain passengers and places them in different security categories.
    The second model is what I would call the "technological" security model, which relies on increasingly sophisticated detection techniques that apply to all passengers in order to ensure the highest level of security. The recent investment in body scanners, following the events of last December, would fall into this category.
    The third model relies more on random testing, on the unpredictability of search methods and implementation, which may prevent potential terrorists from figuring out the system and getting around it.
    The fourth model is more dependent on intelligence services in order to detect terrorist networks and prevent their members from entering airports and boarding planes. Our association is particularly concerned with Canada's passenger protection program. I will come back to that later.



    My presentation will look at these four systems and outline what are the concerns of a civil libertarian with each one of them, and what are some of the recommendations that you should look at, whether you choose any one of them. We suspect that probably we'll be in a mode where there will be different visions that may be applied to different airports, but certainly these visions are not mutually exclusive. In any event, each system requires that civil liberty concerns be addressed.
    On the pros and cons of the profiling model, the first model, I think many people are skeptical about the idea of adopting the Israeli model, pointing out that the level and types of threats differ between Canada and Israel. According to them, threats against the Israeli airports are more frequent, at a type of higher level, and focus on one particular political situation, whereas Canada may have a lower level of threat but certainly a more diffuse type of threat.
    Extremists will vary, and I think I join my colleagues here in thinking that the designation of the airport security should be made not with one type of terrorist in mind, but in recognizing that our history has included also the Air India disaster and other internal political conflicts. I think we should be careful, as we design the model, to assume that the threat of terrorism is just like the ones affecting other countries and, more importantly, that it will remain the same.
    With each new wave of immigration, one may imagine that new conflicts may transform themselves and radicalize conflicts leading to terrorism. My point is simply that we ought not to design the system with only September 11 or December 25 in mind.
    There are many objections to profiling, behavioural or other. In the Israeli model that has been presented to us, it invites workers, after training, to go with their hunches a bit and to watch all travellers, to spot the people who would present traits of edginess, nervousness, and act on these hunches to interview and inspect more fully the travellers so identified.
    In our view, this certainly has the potential for engaging in racial profiling of the worst kind and engaging many false positives. This proposal has the potential of disrupting always the same kinds of people: the young Arabic-looking man or the people with a fear of flying or people with mental illness, the people who display some awkwardness in airports.
    Profiling by country, which is another aspect that comes out in this, is equally as reprehensible, if not more. The image of a young Canadian soccer team arriving at the airport and being split into whether people are indeed born in Canada or born elsewhere is unacceptable, I think, in our imagery. It is indeed also against common sense, I think, to fail to recognize that we need community engagement to identify potential terrorists and not to marginalize them. So profiling by country of origin and country of destination seems to be counterproductive.
    In our view, other preferable alternatives exist. I will get to them in a minute. But if you are going to consider profiling in any way, we urge you to do the following.
     The model must be vetted by the Canadian Human Rights Commission. It must ensure against the possibility that racial profiling will be done. It must be constantly evaluated for its impact on travellers, particularly with respect to race, age, and religion.
    It must provide--and I will come back to this a couple of times in my presentation--for some compensation for the travellers who, because of having been wrongly identified, suffer inconvenience or miss their flights or suffer other serious inconveniences. In my view, we have to start thinking that this is like a vaccination. If we're going to display a model where some people will be identified for the benefit of all, then we should ensure that they are compensated and that they don't have to spend years of fighting to get some recognition for what they have suffered.
    The profiling model is also applied in the positive sense, with the possibility of safe travellers having special passes to forego all screening or to minimize screening. Again, this may be worrisome, I assume, because we would expect that savvy future terrorists may be able to acquire the special passes.


    Just to summarize, our concern on the profiling regime being put forward is that it may lead to racial profiling, whether they admit it or not, and it should be evaluated clearly on that basis. We should not skirt our responsibility to look at that.
    The technological model applies universally and does not have the potential drawbacks that I just explained. However, it raises three types of issues.
     First, as we've discussed several times, are the privacy concerns and the risks of what I would describe as malfunction and malfeasance.
     Any time you have a technology, there is the risk that it will not function properly. Therefore, with the body scanners, the concern that the CCLA has expressed several times is that even if the images are supposed to disappear quickly, there is indeed a risk that they will be circulated.
    There's also the risk of malfeasance. Someone watching famous people—some of you may be coming to the airport—might take the image and make some money from it.
    There is a risk for privacy when we invest in technology, particularly when it's a technology that is more and more invasive.
    I think there is a great sense that there are false positives; the last time I appeared, we mentioned the Kelowna experience. When we looked at the Kelowna report, in our view it showed a really high degree of false positives. It could be with training that this will decrease. It was 68% for false positives, according to the report. It seemed to us that this was a pretty high level. Now, maybe with training, this will be reduced. Nevertheless, false positives, again, are not an efficient way of doing security. This may also lead to a false sense of comfort in the travelling public.
    In a way, it's an expensive system, because there's no end in sight. There's an exponential growth of security apparatus that could be invented. At some point, I think, we have to arrive at the point where we decide whether the marginal costs are sufficient to warrant it, both the cost to privacy and the cost to the travelling public.
     I think if you are going to go this way and continue to recommend further involvement and investment in privacy-invasive technology, it is important that the privacy commissioners continue to be involved and that the safeguards to protect privacy continue to be in place. In our experience with body scanners in other airports outside of Canada, after a number of years the possibility of choice is no longer there. It becomes a matter of routine and the initial safeguards are forgotten. So if you're going to go this way, make sure they continue to be evaluated.
    I have one minute left. On the third model, randomness, in our view, we think that constantly varying the randomness of the testing may defuse terrorist action and so on.
     I want to finish on the pros and cons of the intelligence model and simply refer you to our previous submissions on passenger protection problems. I urge you to adopt a legislative framework for this. In our view, the passenger protection program as it now exists is unconstitutional. It is a violation of the right to mobility and liberty and it is not prescribed by law. It is not prescribed by a statute.
     I think it is the responsibility of Parliament to enact a passenger program, and if they decide to do so, it must be a no-fly list that is bound by the rule of law and does provide for some procedural safeguards. Indeed, we now have some experience in designing programs where you need to have special advocates. Certainly, again, my plea would be that it is important that this not be left simply as an administrative program, but that it be scrutinized by Parliament and established through this.
    Merci beaucoup.


    Thank you.
     Mr. Volpe.


    Ms. Des Rosiers, just like the last time you gave a presentation before the committee and its members, your remarks today were impressive. Thank you.


     Gentlemen, thank you very much as well.
    I wonder if I could start with you first, Mr. Bohan, because one of the reasons why I was late is that I had occasion to travel by Pearson this morning. I think, because I'm a cynic, I guess, there might have been some correlation between the lineup that stretched about 600 metres down the airport to get through security and your presence here this morning.
    Voices: Oh, oh!
    I didn't set that up.
    Did you let CATSA know you were coming by here?
    No, no, I--
    I wondered who's putting pressure on the government for additional funding, whether it was the airport authorities or CATSA, because there didn't seem to be any reason. I didn't see any terrorist alert, there were no criminals coming by--
    A voice: Politicians.
    Hon. Joseph Volpe: Well, the guys from Fort McMurray had already passed.
     So I just wondered whether there was some connection. I say this half in jest, because your presentation, as did Monsieur Boivin's presentation, talks about a partnership, an economic partnership between a vibrant creator of wealth and the airline industry and the security business.
     I said security business; I didn't talk about anything else, okay? I just don't want you to get confused about where I'm coming from.
    So if the security business succeeded in getting the Government of Canada--there they are, right there--to invest or make a promise of investing another $1.5 billion, but then levelled on your clientele a $3.5 billion tax to make that investment.... What was all that lineup about? I can't imagine anybody going through there this morning thinking that they'd want to go through that experience again.
    That's a great question. If I had an easy answer to the dynamics of the queueing at busy airports, I'd probably be a lot richer than I am now, but I think that--
    You're looking for a partner? I'm not allowed to lobby, but if you're looking for a partner, I'll resign.
    This speaks to the point that Mr. Boivin spoke about earlier and that I tried to speak about: how the dynamic of the airport is so complex.
     As an example, when CATSA responds to events in one part of the terminal building, they may pull resources from that area to deal with an earlier peak in transborder, let's say. So the resources they planned to use in the domestic pre-board screening area to handle your flight are actually being deployed in transborder because of a surge of traffic that may have resulted--I'll use an example--in a shortage of staffing for Air Canada or the USCBP. You then get the surge happening within the sequential processes, and CATSA may not have anticipated that.
    I'm not trying to make an excuse for CATSA. I'm just saying that the airports are complex places, and the only people who really have a complete view of that are the airports themselves, because we look at it all. CATSA looks at one piece and USCBP looks at another. The airlines look at another.
    I don't know if that answers your question.
     It does, but unfortunately I've heard it before, Mr. Bohan. I guess I'm expressing the same frustration that everybody who recognized me this morning wanted to burden me with. I told them I was coming to a committee, and here you are, so I wanted to discharge some of my responsibility.
     I don't think the public is convinced, and neither am I, because you're talking about a management paradigm that surely has to be improved. I know that you don't have the responsibility and neither do any of your client airports. But CATSA starts at the screen; it doesn't go beyond the airport boundaries. So there's something in the management structure that's a problem.
    I only have another minute, but if you'll allow me, I'd like to go to Madame Des Rosiers, because what you said really has something to do with what she said earlier on, and that is that some of these surges--to use your word--can be prompted by people who have ambitions for resolving a problem elsewhere.
    A few weeks ago, we heard about the Khalistani movement in Canada actually threatening some members of Parliament. One can imagine that if there is a serious approach by CATSA, there might have been a surge on issues, especially with planes taking off and going elsewhere.
    A similar situation happened not that long ago, in 2006, when CSIS, the RCMP, and government officials examined some 14,000 people who were leaving the war zone of southern Lebanon. There were only 11,000 registered, but 4,000 non-registered permanent residents or non-Canadian citizens found themselves on planes and boats coming back to Canada. Now, I think a logical person would ask if 3,000 people weren't registered, what kind of pre-screening happened to integrate those individuals into a Canadian environment knowing that might exacerbate a problem elsewhere?
    I don't know, Madame Des Rosiers. I know what the government is going to say all the time: that you make a great case, but security trumps human rights, privacy rights, and any system you want to put in place. That's what they'll say.


    [Inaudible--Editor] Khalistani had threatened air traffic or air security in Canada as far as I know, and I'm sure the honourable member will agree.
    I'll ask you to be very brief.
    Well, simply, it's not the right calculation to think that it's a zero-sum game, that if you increase security you decrease human rights, and that's okay. I think you need the enhancement. That's how I was going to finish. And I'll just read my last sentence for you, which is that a strong commitment to fairness and to treating people with human rights is what it's all about to ensure security.
     It's part of the message of a democracy that there are things you cannot do and you should not do, because you've lost already if you are engaging in decreasing human rights to the nth degree. There are levels that you cannot reach, and in our view, I think you need to have these concerns present all the time.
    Thank you.
    Monsieur Laframboise.


    Thank you, ladies and gentlemen.
    My first question will be for the representatives of the Canadian Airports Council. You seemed rather uneasy with regard to... I would like to quote what you said on page 3 of your document, concerning the events of December 25: "The implementation of measures in one area resulted in unintended consequences in another, simply because the airport operator was not able to coordinate the various activities." Do you mean that CATSA, the Canadian Air Transport Security Authority, did not do its work?
    I do not think that CATSA did not do its work. I think that the implementation of measures with almost no advance notice did not enable a proper coordination, a proper set of instructions to be given, in order to use the best methods to achieve the objectives given to us by the Government of Canada.
    Despite the fact that there are five or six different agencies that deal with security, each one thought it had the right plan and applied the imposed measures within a few hours. The lack of coordination and exchanges on the objectives to meet within a single organization, a single airport, is what led to the circumstances experienced on December 26. Note that, as of December 26, airports held meetings in order to alleviate the situation as much as possible. You will remember that the five- to six-hour line-ups at U.S. Customs in Toronto and Montreal were reduced to about one hour in under three days. Once we have coordination, once information is gathered to enable all parties to meet their stated objectives, we achieve better results.


    I absolutely agree Mr. Boivin. However, the problem is that the government spends hundreds of millions of dollars on the Canadian Air Transport Security Authority. I am having trouble understanding why those in charge never conceived of the possibility of searching luggage piece by piece. They are paid to plan for that.
    You are telling me that there were never negotiations or discussions previously. Nobody ever told you that one day you might have to search luggage by hand. Nobody told you that or discussed that before December 25. Is that correct?
    There was essentially a lack of planning with respect to potential options or the potential risk of threats.
    Obviously this was confirmed to us by the airlines who said they were not involved in those debates either. When you all sat down to work together you succeeded in avoiding that. The problem is that when I addressed the president of CATSA he told me that it was like that in all airports around the world. This committee was subsequently told that in Canada we have the longest waiting times on the planet. Those five hours that you mentioned represent the longest time anyone has to wait on the planet.


    I have just a couple of things to say on the comments. The reason that the lines were the longest in Canada is that Toronto and Montreal are two of the largest access points into the United States. In fact, on any day, Toronto is between the fifth- and seventh-largest access point into the United States. So if you're going to have backups, you're going to have backups in Toronto.
    But I think the point we're making is that we're about to engage in a national security review, and if all we're going to do is strengthen pre-board screening and thicken that effort, then to try to address the other issues--Mr. Volpe, you're absolutely right--the question is, how are you doing it and how deep are you doing it? Are you doing it where you have a system that respects civil liberties and that is going from the curb right to the aircraft seat?
    Because if all you're doing is just strengthening one single line, you're never going to address the problems of customer service and, therefore, from time to time, issues are going to come up that will back everybody up and discourage people from flying. But you're also not taking advantage of even just the geography of an airport, which is going to allow you several different interdictions at different times.
    The problem right now--and we've learned this in other jurisdictions--is that there is no one coordinating effort that is going to be overseeing how that happens from the curb to the aircraft seat, because everybody gets passed from hand to hand. The physical manifestation of that was four separate and incredibly long lineups on December 26.
     But think about that physical manifestation as the fact that the responsibility gets handed over each time. We're not saying that CATSA is right, CATSA is wrong; what we're saying is that you had better look at what it is you want to put in place and then come up with an agency that is going to be handling that, as opposed to the reverse.


    Part of what you are saying is true. We have to look at how we can best intervene. Transport Canada is the one who should have been coordinating that, but inevitably, when you delegate various responsibilities to independent agencies, each one ends up with their own responsibilities. You, the airport authorities, are responsible for a part of security. The Canadian Air Transport Security Authority also shares that responsibility.
    When we tell that to Israeli officials, they think it's funny, they split their sides laughing because they are the only organization controlling everything in their airport whereas we have four or five organizations that are each responsible for their small part of security, which means that we end up with long line-ups.
    My second question is for Ms. Desrosiers. Inevitably, when you are considering how to ensure security, the best way to do that is through profiling. That is what has come out of the testimony we have heard. Earlier on I was reading over Ms. Lynch's testimony from when she appeared before the committee. She is not against behavioural profiling. Behavioural profiling is what Israel uses. We have been told that the only way to find terrorists transporting explosives is not with a scanner but rather with dogs. They are the ones who do that work best in the whole world. That means that there have to be, in the airport, dog handlers with their dogs who are able to figure out who is carrying explosives. The Israelis tell us they don't want scanners because they don't believe in them. So we have two different worlds. We use body scanners whereas they don't believe in them.
    We have to try to strike a balance and ensure that all players are around the same table to figure out who is responsible. CATSA tells us they are not responsible. You are telling us that CATSA has not done its work properly. In the end will never know who is responsible for what. In my opinion the problem is that we are spending hundreds of millions of dollars on CATSA to be responsible for a part of security and they are the ones mainly who are responsible for wait times, which is harming our industry. If there is another alert that involves a five-hour wait you are going to lose clients who will go elsewhere.
    Mr. Boivin, our problem in Montreal is that they go to the United States to take the plane in Plattsburgh.


    The same applies to Toronto clients who go to Buffalo and for Vancouver clients who go to Bellingham. There are even people from North Bay who will drive four hours in a car in order to take the plane south of the border because they know that wait times here are significant.


    Mr. Bevington.
    Thanks, Mr. Chair.
    Thanks to the witnesses who are here today. I've really enjoyed your presentations.
    There are a lot of issues that come up here.
     Madame Des Rosiers, you talk about the four different segments. I think that's very well laid out.
    On the intelligence, of course, the two incidents you talked about--Air India and December 25--were failures of intelligence in some respects, because we saw that intelligence services were using individuals to garner more information. They weren't taking steps before the fact.
     So what we have with both of these incidents is that there is some culpability with the intelligence services that don't alert the authorities that a dangerous person is going on a flight. Is that not the case?
    No system is perfect. In our view, the intelligence continues to be...if it's evidence-based and if it's well done, I think should be and will continue to be part of the system. Because airport security is not the only security issue in the country. I mean, the bombing in Times Square that did not take place is just as outrageous as bombing the file d'attente if there is too would be easier for a tourist to set himself up waiting to be screened if there are a lot of people there.
    My point on le profilage is that the cost to civil liberties must be counted and must be part of the issue. If you're taking any of these models, there are costs. You have to evaluate them on the basis of how much they will impact civil liberties. If le profilage is the solution, you have to make sure that you evaluate whether it turns out to be racial profiling and compensate for the cost of that.
    Similarly, we are seeing the failures of this security system, both on the positive side and on the negative side, where many people have been--
    But wouldn't you agree that you can't put the civil liberties in absence of the threat?


    That's right.
    So threat assessment is important as well. We've had clear evidence that hardened cockpits take away the threat assessment around guns and knives for airplanes.
    So don't you think as well that when you look at the civil liberties issues you look at the body scanners that are ostensibly going to detect ceramic knives? That was presented to us as well as being their major function, because they can't detect body cavity explosives, and they would have trouble with explosives in clothing. So what we're having is an intrusion on civil liberties that is really ineffective and really doesn't match up to the threat assessment.
    So don't you think those should all fit together?
    Yes. Certainly I think proportionality is the essence of our civil liberties and democratic regime. It requires an assessment what the costs will be to the civil liberties of the individual.
    My point today is simply to say that if you're going to do a cost assessment of all these models, do not forget the cost to the individuals whose liberties will be sacrificed in this. I think that's a very important point.
    That's a very good point. The whole essence of scalability is to do a threat and risk assessment in each area or each activity and then be able to develop a national program that works with small airports, medium-sized airports, and large airports.
    The threat at Thunder Bay or Saskatoon is just not the same as the threat at Toronto or Montreal. Whether it's domestic, international, or transborder pre-board screening, each one should be responding to the threat level, not just of that sector but of that day. We fully believe that predictability is a weakness and--
    So right now at, say, Pearson, you're dealing with everybody with the same level of security.
    Our transborder security meets the U.S. regulations and Canadian regulations. The security at domestic and international meets Canadian regulations.
    What percentage of the travellers are U.S. bound?
    About 30% to 35% are U.S. bound.
    Could we move them into separate security arrangements?
    We have separate security arrangements for them. They're processed in different areas.
    But are they being processed the same way?
    No. It's sort of like a national building code and a provincial building code.
     We meet the highest standard of each country for the transborder, so if the Canadian system says that you need to have 25% random secondary search, which it does, then the passengers going to the United States get 25% secondary search. If the U.S. system says you have to take the shoes off and check the shoes separately, then their shoes are also taken off and checked separately. It meets the highest standard. It meets the standards of the U.S. and it meets the standards of Canadian security requirements.
    Someone flying to Regina or Montreal will be processed using the Canadian standards and not the U.S. standards.
    Thank you, Mr. Bevington.
    Mr. Jean.
    Thank you, Mr. Chair.
    Thank you very much for attending today.
    One thing we have heard on this in the last several years is that the security system is only as good as the weakest link. The entire system depends on the weakest link, so whether it be an airport in Yellowknife or an airport in Toronto, the situation is such that security should be kept at a vigilant time....
    I would also agree with Ms. Des Rosiers. I apologize for my français. All of your comments I think were very good, and there are some concerns that the government shares as well, but I would say that I don't necessarily agree with your analysis that we are currently in violation of the charter based on trusted traveller and passenger protect. And even if we are, I think it's a reasonable infringement given what we face today under the charter and also the Constitution.
    Since I agree with so much of your presentation, I would like to zero in with our other guests today. I know that 200 Canadian airports, 95% of domestic no small way are we all impressed with what you bring to our economy and our GDP as airports across this country. We recognize that fully.
    But what we want to do today is think about what could happen to the productivity of the country if we could make that system 1% more efficient, or even 10% more efficient, while maintaining the same security and vigilance. That's what I want to concentrate on in the next few minutes. I'd like your input and some thinking outside of the box.
    First of all, we're winding up most of our study here and we would like to have some practical application of this. If you have any suggestions on who we could listen to, such as queueing experts—I think we are possibly having a queueing expert in the near future—but also on that low-hanging fruit that we can implement to make our system more productive and more efficient. I would look forward to your comments on that.
    Keeping that in mind, I want to say—and I'm not long on speeches, at least most of the time—that in Israel 50% of their citizens are on a trusted traveller type of pass. That's what we heard evidence on. We are in the low-digit percentiles, if that, in Canada and the United States, and I think that is one way that we can certainly move forward: a trusted traveller type of scenario.
     I would like to hear from the three of you on what you see as the low-hanging fruit that we can reach out for and grab and recommend to the government in the near future to make your system more productive and more efficient, and, in essence, to make a much stronger economic future for all of us.


    One thing on that is that we did some analysis on the impact of the December 25 events. It was particularly acute when you were talking about access to the smaller cities in the northeast, out of Montreal and Toronto, places like Allenton, or Madison, Wisconsin, where transborder trade is enormous. Because of the length of time and the hassle factor, people were choosing not to travel, so you saw a serious decline in the ability of the economic engine to keep going.
     Therefore, you're right. You have to be looking not only at questions of security, but also of customer service. A trusted traveller program has tremendous potential and tremendous possibility.
     I get concerned, though, when we start talking about low-hanging fruit or something that we could implement quickly. In fact, what we're talking about is the singular challenge that the Israelis probably have in their own right, which is, “Don't balance customer service and security--excel at both”.
    With respect to Madame Des Rosiers' presentation, where she talks about the four levels, we would never ask for or endorse one of them because what we're doing is endorsing all four of them. To ask whether a body screener is effective or not misses the point. Yes, it's always effective, but it's even more effective when you layer on a whole series of other things. Therefore, I'm afraid, what we're asking for is a very sophisticated, very aggressive, and very intricate look at the entire system.
    Yes, there are low-hanging fruit, but--
     Mr. Lennox, I don't want to cut you off, but I have seven minutes, which means I'm probably going to get about six minutes and 10 seconds out of the chair. If you don't mind, I would like to hear from everybody in relation to my question.
    There's been a lot of discussion about the Israeli system. I've had the good fortune of having the Cook's tour not only of Ben Gurion Airport, but also of all their border and marine crossings. The big “aha” out of the Israeli system is not that they use this technology or that process--and I want to go to Toby's point--but that they equate customer service with security and integrate the two.
     The head of security at Ben Gurion made it very clear to me that they are ranked number two in the world for customer service in the medium airport ASQ surveys. They see security as customer service, and that's a quote from him. We are proposing that we have that same vision.
    Toronto's number one, is it, or...?
    Toronto's in the bottom of the top quartile for big airports.
    What we're advocating is what the Israelis do: an airport-led, holistic, curb to airport system for the large airports with high risk. But we have to recognize is that the smaller airports just don't have the resources or, necessarily, the need to do that. Saskatoon has how many employees? Twenty-five? You're really in a different realm.
     So what we're asking for is a scalable system, where airports like Montreal, Toronto, and Vancouver will have a very sophisticated, risk-based, broad-based security system, and where small airports have an appropriate system, all meeting the standards that we meet, and this is risk assessment.


    Monsieur Normand.
    Similarly, on the trusted traveller program, in a small airport not only the risks are different, but sometimes the CATSA agent is searching his father, who works on the ramps. I mean, the trust is different at different places, and it has to be scalable to be applied differently. So on productivity, if you want to be productive, usually you don't apply the same principle to somebody at a larger airport and somebody at a smaller airport.
     I've been in Whitehorse. I worked in Whitehorse for a while. I knew everyone who worked at the airport.
     I was in Israel. I never got searched once because I was with the security head over there. They trusted me at that time, so I didn't go through the process.
    Right now what we're saying is that whether you are taking an aircraft to Whitehorse, Yukon, or to Toronto, you have exactly the same process for two different persons who are not the same risk. The low-hanging fruit or the productivity in that regard is, what do we trust and how do we access this? Right now, the system doesn't give any leeway for someone in Whitehorse to say, “I guess I trust that guy--he's my father”.
    Thank you.
    Mr. Dhaliwal, I'll give you a couple of minutes.
    Thank you, Chair.
    My question is to Ms. Des Rosiers.
    The worst tragic terrorist act that happened in Canada is the Air India situation, and I, along with most of the Sikh community and our leaders have condemned that because those victims haven't achieved closure yet. When you see.... I've gone back to read a few books: Open Secrets by M.K. Dhar; Nest of Spies, written by an ex-CSIS agent; and Soft Target.
    In those books, they also point a finger at the foreign governments that are planting spies in those communities to do spying and to tarnish the image of a whole particular community for the act of one individual, whether it be an attack on a member of Parliament or the Air India disaster.
    When it comes to racial profiling, my riding is a very diverse riding. People from all backgrounds have come together and live peacefully as law-abiding Canadians. What particular concerns would you have when it comes to foreign governments intervening, tarnishing the image of those communities, and then having racial profiling affecting every single individual in that community?
    I think racial profiling has several drawbacks. The first one is that it has a lot of false negatives. It's not appropriate because it is indeed targeting many people who are not likely to be terrorists at all. So to start with, it's not efficient.
     It also has the drawback of being what we despise the most about a society, which is to react to people based on the colour of their skin. This is completely inappropriate, so in a way we have to recognize that this has an unsavoury aspect to it. It's the wrong message to the passengers, it's the wrong message to the workers, and it's the wrong message to society. That would be the way in which I would start. It's inefficient and it's also an inappropriate message in a democracy.


    Thank you.
    We have to end it there.
    Thank you to our guests for being here. I'm sure the advice you've given us will be well taken. Thank you very much.
    We're going to take a one-minute break while our other guests come to the table.



    Thank you.
    Welcome back.
    Joining us now are Chantal Bernier and Carman Baggaley from the Office of the Privacy Commissioner of Canada.
    Welcome. I know that you know the routine. Please proceed.


    My name is Chantal Bernier. I am Assistant Privacy Commissioner for the Privacy Act. Today I am accompanied by Carman Baggaley, principal analyst in our office, who has a vast experience in the subject under discussion.
    Today I would like to talk about aviation security and share with you the approach of the Office of the Privacy Commissioner.


    What I would like to do, then, is address privacy in the context of aviation security, explain to you our approach, and apply it specifically to the passenger protect program as well as the secure flight program. While I do not intend to include in my presentation the issue of body scanners, I will be happy to answer any questions in that regard.
    Let me start with this premise: privacy and security do not have to be at odds. In fact, they must be integrated. And they converge. They converge in this fashion: privacy commands that we collect as little information as possible, in a minimal approach, and as well in the effectiveness of security, in the sense that its effectiveness rests upon collecting only the information that is relevant.
    The Canadian Charter of Rights and Freedoms and the Privacy Act, as well as the Personal Information Protection and Electronic Documents Act, together with the case law that interprets them, provide the basis for integrating privacy and security. It may be summarized in the following four principles.
     The first one is that the right to privacy is a fundamental right that cannot be infringed upon, unless it is demonstrably necessary for the public good. It follows, then, that the collection of personal information can only occur when it is proven necessary, and it must be proportionate to that necessity. Third, that necessity must be assessed on an ongoing basis by verifying that the collection of personal information is indeed effective and necessary in relation to the identified necessity. Finally, it must also be demonstrated that there are no less privacy-intrusive measures available to reach the same goal.
    When the collection and use of personal information are justified under human rights law, then privacy protection must be assured by strict management of personal information according to the rules of personal data protection. We have audited the passenger protect program from this perspective, and I will now turn to that.


    Our office has taken an active interest in the Passenger Protect Program since its inception. Most recently, in the fall of 2009, we issued an audit report on the passenger protect program and its specified persons list, commonly called the “no-fly list”.
    Our audit focused on the issue of whether Transport Canada has adequate measures in place to protect the personal information within its control. We found that these measures were generally adequate; however, we made recommendations to improve the privacy safeguards of the program. In particular, we recommended that the Transport Canada official who is designated to add or remove names from the list be provided with more information before a final decision is made.
    Second, we recommended that Transport Canada strengthen the technological information security safeguards to protect the list.
    Third, we recommended that Transport Canada improve its oversight of air carriers to ensure they protect the information on the list. All these recommendations are being or have been implemented. However, we remain concerned by the difficulty of ensuring that foreign carriers are not disclosing information on the list to their government or other parties. This perspective ensures that we both respect the right to privacy in analyzing security measures and that we duly take into account the security needs that must be met.



     Let me move now to Secure Flight. We are hearing that there is a possibility of the implementation of the American secure flight program, including overflights. As a U.S. government program, this program is outside our jurisdiction. However, we have looked carefully at this program, including the privacy impact assessment prepared by the Department of Homeland Security, the DHS, because it will have an impact on Canadian travellers when fully implemented.
    From a Canadian perspective, the most controversial aspect of Secure Flight is that it will apply to overflights; therefore, to flights to and from Canada that fly through American airspace without necessarily landing in the United States. This means, for example, that American authorities will have the ability to prevent someone in Canada from boarding a flight to Mexico.
    We are not questioning the American government's authority to implement such a program, as international law is clear that a state's sovereignty extends to its airspace, but we do need to understand how it may affect Canadian travellers.
    I would like to highlight some of the significant aspects of the program. First, air carriers will be required to provide DHS not only with basic identifying information, such as name, date of birth, and gender, but also, if available, with additional information such as passport information and itinerary information. Since this information will always be available for international flights from Canada flying over U.S. airspace, this information will always be provided in full.
    Although the DHS privacy impact assessment is somewhat unclear on this, our understanding is that information collected can be disclosed and used for purposes other than aviation security, such as for law enforcement and immigration purposes.
    Another aspect is that DHS will retain this information for as long as seven days after the journey has been completed, even for individuals who have raised no issues and do not match the list; for seven years for potential matches; and for 99 years for confirmed matches. A redress mechanism exists to resolve false positives, but it will take 50 to 60 days on average, thus, in effect, cancelling people's travel plans.
    One important difference between the secure flight program and the Canadian program as it exists now is that the responsibility for checking passengers against the no-fly list will shift from airlines to DHS. This brings both privacy safeguards and privacy risks.
     It is intended to lead to greater accuracy and, therefore, to fewer false positives, for example, for someone who has a similar name but is the wrong person. It eliminates the concerns that air carriers will use, misuse, or inappropriately disclose the list. As I mentioned earlier, this was one of our concerns in the audit of the PPP, the passenger protect program.
    On the other hand, this also means that DHS will collect the personal information of Canadian travellers. This is not without risk. We understand that the Canadian government attempted to have Canadian overflights exempted from Secure Flight.
    Unfortunately, the government was unsuccessful, except for flights between two Canadian cities. We also understand that the Government of Canada, by way of a diplomatic note, stated that protection of the privacy of Canadians was of “critical concern” in relation to Secure Flight.
     We urge the Canadian government to continue to negotiate with American authorities to minimize the impact of Secure Flight and to take the following measures. I would like to make six specific recommendations.
    Firstly, the Canadian government should negotiate the collection of minimal personal information, meaning strictly as necessary to ensure proper identification and therefore avoid false positives.


     Secondly, question the retention periods of seven days for no match and seven years for potential matches to fulfill the commitment from the U.S. authorities themselves to collect personal information only as necessary for airline security.
    Thirdly, negotiate robust and accessible redress mechanisms for Canadians to minimize the impact of an erroneous match.
     Fourth, implement measures to support Canadians availing themselves of the DHS redress mechanisms.
    Fifth, inform Canadians of the exact scope of personal information that will be collected by DHS on them under Secure Flight.
    Finally, clarify Canadian law on the conditions of disclosure of personal information by airlines to DHS to ensure public debate and legal certainty.


    In closing, Mr. Chairman, I want to emphasize the point I made earlier about the importance of integrating privacy into aviation security measures. If we can do so, both security and privacy will be enhanced.
    I will be happy to take your questions. Thank you.


    Thank you.
    Mr. Volpe.


    Ms. Bernier and Mr. Baggaley, thank you for your opening remarks. I have already had the pleasure of hearing this presentation or a similar one.
    What I am still troubled by is the relationship between the Canadian government and the American government. As you already indicated, there is a geographical problem. We have to cooperate with the Americans because we use a right that belongs to them, that is the right to fly over their territory.


    But the problems that I guess we still all have.... And I don't want to bash government on this because it's a necessity that our governments need to negotiate overflight, given that at least half of all flights in Canada emanate from southern Ontario, i.e. Pearson International. We will have, no matter what, a situation where approximately half the flights are going to go across American airspace even though they're not going to the States. So the negotiation is important.
    But I'd like your impression about the secure flight program, especially since the Americans can ignore our Privacy Act, everything you stand for, and everything you have indicated simply by using the Patriot Act. Once they engage the Patriot Act, everything that you say and everything that your colleague Madame Des Rosiers said from a human rights perspective goes completely out the window.
     It's wonderful to say that we need to integrate security concerns in the aviation industry or, as was said by some of the people from the airport authorities who preceded you here, that we need to integrate security as part of the customer service package that we provide.
    But if the Americans are determined to use the Patriot Act to tell you to go fly a kite, rather than a plane, what do you propose?


    We share your concerns. That is precisely why we have given such priority to this issue, going as far as to actually analyze the privacy impact assessment from our colleagues in the U.S. It is precisely because we wanted to see exactly how far the Canadian government could go in putting forward Canadian values and a preoccupation for the privacy of Canadians.
    The six recommendations that I have put to you this morning are very limited in scope, but they are limited by international law. There is indeed a limit that is beyond us, and that is U.S. sovereignty over U.S. airspace.
     What we are urging the Canadian government to do is to ensure that, in its rapport with the United States, it does secure the protection of the privacy of Canadians according to Canadian values and law. We believe that the six recommendations we have put forward this morning could lead to that.
    Madame Bernier, I found myself in the position to make precisely that argument some time ago when I had the privilege of being in government. At the time the Americans were.... I don't want to say they were fixated on their own paranoia, but it seemed that they were unwilling to listen to anything. I'm not sure that has abated today, as the industry of fear and paranoia has become a profitable exercise.
    But I look at the maps of flight patterns by Canadian and foreign airlines as they try to enter the profitable market of the Great Lakes Basin. Forget about other places, but it still applies to them too. The vast majority of them do not fly up to the North Pole and then come down and take advantage of the rotation and the shape of the Earth. Some of them actually have to go through the northeastern United States or come straight down to the United States. Otherwise, they can't make a go of their travel.
     The United States is determined to utilize this as, I guess, the 21st century gatekeeper role that we might have applied at another time, when you had a river crossing, you put up a fort, and you exacted tariffs, and now...? Now this--the concept of human rights and privacy rights from an American homeland security perspective doesn't trump the $80 billion business on an annual basis that they want to nurture.
    I think you've said it very well right at the outset. Geography works against us here, in addition to international law. The fact is that to have practical international travel between Canada and, say, South America, there is no other choice but to fly over the United States, and there is no other choice but to abide by United States law. So our objective must be to impress upon the United States the protections we want for the rights of Canadians in these circumstances.
    But if one drives down to Buffalo, let's say, from Toronto, the only information that's asked for of Canadian residents by the airlines flying out of Buffalo is limited to exactly what you say, and there's no mining of that information and no holding of that information.
    I interrupted you. Pardon my insolence in doing that. But to hold some of that information for a positive ID for 99 years suggests that somebody is going to be a threat until they're 120, at least. It just absolutely baffles anybody who has a sense of reason about him or her about the nature of a threat by any individual in this world. But it's inscribed in their act, in the Patriot Act, and how they apply it to everybody.
    How do we get around the fact that this will work for Pearson, a little bit as well for Montreal, and probably as well for Vancouver, where, from those three cities, Canadians can opt out of Canadian travel companies and drive down to the closest American provider? Are we off base here in thinking that the commercial transaction trumps privacy issues?


    What I understand from the objectives of the United States—and I did speak with American colleagues to understand the rationale, for example, behind the retention rates—is, first of all, that it is based on a very specific threat related to flying that does not exist with a land border crossing.
    Secondly, in fact, they put forward—I insist, they put forward—that some of the retention periods are actually meant to be favourable to travellers. For example, the seven-year retention for a potential match, they argue, will help the traveller who has, for example, a similar name to someone on the list to not be inconvenienced each time he or she travels.
     Certainly there is room to manoeuvre, we believe, and the Canadian government should ensure that it puts forward its own conditions that correspond to its values in relation to the privacy of Canadians.
    Thank you.
    Monsieur Laframboise.


    Thank you, Mr. Chair. Thank you, Ms. Bernier.
    I listened to you, and I have read your document. I will begin with the passenger protect program. You said some very important things about the program. After having analyzed the program, you say the following: “However, we remain concerned by the difficulty of ensuring that foreign carriers are not disclosing information on the list to their governments or other parties.” This is serious. It is important to measure the seriousness of the matter, because, in reference to the Americans, you also say that we should: “inform Canadians of the exact scope of personal information”. But you do not ask the government to tell Canadians that this information could be passed on to third parties.
    Is that because you do not have that information? When I read that, I told myself that I would never again deal with an airline that was not Canadian. Many airlines sell tickets, so let's deal with Canadian ones. That way, we can at least make sure that our information is not passed on to third parties. Have you analyzed this situation, or are you in the process of doing so right now? Please explain this to me.
    That is a finding. When we analyzed the program, we obviously examined, among other things, the way Transport Canada oversaw the airlines that have the list. We observed, and this is a neutral fact, that it is difficult to fully oversee foreign airlines, which are accountable to other countries.
    Is there anything to suggest that there have been leaks? That was not the basis of our recommendation. Our recommendation was simply based on the fact that a foreign airline is a national entity subject to foreign legislation, and it is always more difficult for Canada to monitor a foreign entity, be it an airline or a foreign national. That is the problem that we identified.


    If you took that step, and if foreign airlines wanted to do business with us, it would reassure us. Do you understand? From the moment you officially say that you are not sure and that Canadians should, as much as possible, avoid flying on a foreign airline, because we do not know where their private information will end up, it would send a clear message. If those airlines wanted to reassure us, they would tell us what they do with the information. But as it now stands, they do not. What you have analyzed in a neutral manner is that you cannot confirm that the information will not be passed on to their own government or to a third party.
    In all fairness, it must be said that Transport Canada has assured us that it is indeed carrying out this oversight. The department has accepted our recommendation on this matter, and based on the most recent updates we have received, Transport Canada is in the process of strengthening the existing oversight framework, but which will obviously be further enhanced, pursuant to our recommendations. Transport Canada has assured us that it takes its responsibilities in this area seriously.
    However, we have noted, and this is a fact, that there is a certain degree of uncertainty as far as foreign airlines are concerned.
    Perfect. I would like to come back to your analysis of the U.S. Secure Flight program. Obviously, apart from the fact that we can negotiate with the Americans—and that is what you have recommended that the government do—the Americans can do as they please on their own turf. So if they do not listen to us, we will just have to accept it. Is that what you are saying?
    Indeed, we do not have much leeway. The Americans are a sovereign nation. As I said earlier, negotiation has its limits.
    My last question is about body scanners, which you have not addressed. A little earlier, a witness told us that body scanners had to be approved by your office, of course.
    Have you analyzed this issue? I read the documents you sent us. Do the scanners pass the test?
    First, in 2008, we began working on body scanners with the Canadian Air Transport Security Authority, when it launched a pilot projet in Kelowna. In 2009, CATSA officials produced an evaluation of privacy-related issues once we knew that Canada intended to go ahead with body scanners. We conducted an extremely in-depth analysis of the necessity, proportionality and effectiveness of body scanners, as well as alternative options. CATSA and Transport Canada convinced us with their answers. They had conducted a very in-depth and serious risk analysis. They had also assured us that scanners would remain optional, not mandatory, and that complete discretion would be guaranteed. This meant that the agent who observed a passenger walking through the scanner would not be the one to see the passenger's image in the scanner. There is no correlation between the passenger's image and their identity. So the system is completely anonymous. The agent cannot transmit any images, by way of any type of technology, from the room where the images are seen. Of course, the other option is that the passenger can choose not to go through the scanner.
    That being said, although we are happy with the cooperation from our partners and with the mechanisms to protect privacy, we believe that this is an ongoing issue. We intend to monitor the situation to ensure that there is a balance between the security measures being adopted and the protection of passengers' privacy.
    Thank you.


    Mr. Bevington.
    Welcome, Ms. Bernier. It's a pleasure to have you with us, as well as your colleague, Mr. Baggaley.
    I have a question about the passenger protect program. There's one thing I'm curious about. What's the level of knowledge a passenger will have about their name on the protect program?
    A very low level, very low--
    Mr. Dennis Bevington: So you're--
    Ms. Chantal Bernier: It's a very opaque, secret piece of information. Of course—


    Don't you consider that to be a privacy violation, that someone whose name is on a list is not provided with that knowledge?
    We consider that there is a very cogent case made by the national security authorities for keeping that information secret.
    Why would that be?
    Because, we understand, letting them know in advance that a person is such a suspect to be put on the list could impair some of our national security protection measures.
    I don't see that as a cogent argument, but we'll leave that there.
    Now, what about appeal?
    There is the redress mechanism. A person can go to the Office of Reconsideration and put their case forward. Initially, when the program was set up, our office publicly asked for a stronger redress mechanism. In fact, my colleague, Carman Baggaley, was there at the time.
     Carman, would you like to expand on what we had asked for originally?
    When the passenger protect program was introduced, all of Canada's privacy commissioners, including the provincial commissioners, issued a resolution raising concerns about the program.
     One of the things we asked for was a legislatively based redress program. If you look at the legislation and if you look at the regulations, there's no reference to the Office of Reconsideration. It's only mentioned in the statement that accompanies the regulations, so we asked for a legislatively based redress program that would actually be referred to in the legislation.
    But you don't have it in these recommendations that you're giving us here today?
    No. What we focused on when we did the audit was whether Transport Canada was truly protecting the data adequately. That's what we focused on in that audit.
    The Israelis, I understand, with their trusted traveller program, have a 1-800 number that you can simply call if you find that your name is on...or if you're rejected for the trusted traveller program. Would you say that it's important to establish processes that are easily accessible for people who are on these passenger protect programs so that they can find an easy passage in there? Is that part of what you were looking for?
     That is absolutely key, which is why we've made the recommendation.
    Mr. Dennis Bevington: Okay.
    Ms. Chantal Bernier: In fact, two of my recommendations—
    I have to move on here, quickly.
    Exactly. Yes, you are absolutely right.
     With respect to the secure flight program, as an MP I get these cases where people are trying to go across the border. I had one the other day regarding a guy with his family. He wasn't allowed across the border because of the zero tolerance policy and a minor drug offence in his youth.
    Right now we share that information--we must share that information--with the United States about all our criminal offences. Will that be on the secure flight program? Is that part of their information that they will apply to Canadian travellers who are overflying the United States?
    The privacy impact assessment from DHS shows a list of what will be transmitted, and it does not include that. It includes name, date of birth, gender, document number—
    But this information is already available. It is available to customs officials at land borders right across, so why wouldn't it be part of that secure list?
    Because the secure flight is strictly intended for airline security. Therefore, all they ask for is the information they feel is relevant to that. As I said, that's the identification plus itinerary and passport number—
    So you're very comfortable that they're not going to go beyond the information they're asking for, the information they already have.
    No, I wouldn't say that. I'm saying that, technically, Secure Flight asks for very specific information. It doesn't include, for example, criminal records, but that does not mean that the American authorities would not check—


    They have that already.
    Exactly. I'm simply answering what Secure Flight is requiring.
    I have one minute.
    With the body scanners, you said there was a threat assessment provided to you about how these body scanners were going to deal with this particular threat. There was a very comprehensive report. Is that a report that would be available to this committee?
    No, that's not exactly.... I may have misspoken. What I said is that we have challenged Transport Canada as well as CATSA as to why they felt this was necessary. What they did is present to us how they had come to that conclusion, on the basis of what information, and so on.
    Is that presentation available?
    It was an oral presentation, but—
    So we don't have anything written down about why body scanners are so important?
    You may want to ask them. They may very well have documents in that regard.
    But you didn't think it was necessary to do an assessment to actually have something presented to you in terms of statistical analysis or anything like that in terms of threat assessment vis-à-vis privacy?
    What we did was ask them to show us how they had come to that conclusion. We're in the interesting situation where we cannot second-guess them, and yet we have to hold them accountable. What we asked them to show is that they have done due diligence in ensuring that the measure they are putting forward is indeed based on a true, sound threat assessment. That's what they did.
    They explained to us that they had sound intelligence--credible, sound intelligence--that the highest threat was a passenger-borne non-metal explosive. That was on October 6, 2009. Our offices worked together at my level and at the commissioner's level. We also had specific information on that. Therefore, we came to the conclusion they had done their due diligence.
    Thank you.
     Mr. Jean.
    Mr. Chair, I will be sharing my time with Ms. Brown.
    First of all, thank you very much for your attendance today.
     I want to let you know that there is another group of people out there, and I'm one of them. I'm from northern Alberta, so maybe that sets me aside a bit from normal Canadians. But I look at the passenger protect program over here and the trusted traveller program over here, and we are working from both ends to come to the middle. I don't want to talk about the passenger protect program; I want to talk about the trusted traveller program.
    Why I say there are different people out there is that I travel a lot. I'm a “Super Elite” member on Air Canada. I fly back and forth to Fort McMurray. I've travelled the world. I like travelling. I'm totally prepared to let the U.S. or any government, any democracy, have any amount of information they want on me--just don't make me wait in line. That's my position.
     I don't want to wait in line. I'm tired of lineups. I wait in lines all the time. I don't have to wait in line to get into this place. I don't have to go through any security to be here with all the cabinet ministers and all the MPs, but I have to wait in Ottawa for half an hour, and sometimes for an hour, as we heard from our friend Mr. Volpe, at Lester B. Pearson airport. It's a long time.
    I want to talk very briefly about privileges and the right or the privilege--because we don't have a right to fly. We do have rights under the charter, but the right to fly is not one of them, if I can say this. I'm a lawyer by background, so I understand that the Supreme Court has said there's no right to drive. It's a privilege to drive, and that's why you have to get a licence, and that licence can be taken away at the whim of the state.
    It's the same with flying. It's the same with going through our airports. There's no right to go through our airports and there's no right to fly, just like there's no right to go over American airspace. It's a privilege for Canadians to be able to fly our planes over American airspace, and it's a privilege for us to drive.
    From my perspective, you can just take my information and keep it as long as you want, a hundred years if you want, because I'll be gone by then. I don't care as long as it's not a VISA number or my e-mail, because I don't want to be contacted either. Just take my information and let me go through.
    What do you say to that?
    What we say is that should such a program be put to us we would do the same as we have done, for example, on the body scanners. We would require a privacy impact assessment: a full explanation of why you need this measure, why it would be helpful, and how privacy would be protected. And we would review it in that same fashion. That kind of program would in fact need to have a privacy impact assessment, just like the body scanners did, for example--
    Mr. Brian Jean: I'm sure it would. But if I may, Ms. Bernier, I don't care.
    Ms. Chantal Bernier: --and we would review it.
    To be blunt, I don't care about my privacy as long as I don't have to wait in line.
    Well, then, that would be one of the factors we would definitely consider: consent. Because what you are speaking about could be based on consent. For example, there's NEXUS, where you actually pay and you give your consent to have some private information given for the privilege, as you say, to go faster. That certainly would attenuate the privacy invasion.
    However, I would think that if such a program were to be put in place, it would be subject to Treasury Board Secretariat's policy for a privacy impact assessment.


    Of course.
    I just want to say about the body scanners, if I may, that as a person who practised criminal law in Fort McMurray for 11 years, I've never seen anything more intrusive than a body search. I think they're repugnant. I don't think they should be allowed by anybody, unless safety is a real concern. So these body scanners, from my perspective, are a great advancement forward for personal rights and personal security. Quite frankly, I think they're good. After saying that....
    Ms. Brown.
    Mr. Chair, I just need to address a comment that Mr. Volpe made earlier about the length of time for information that is collected. My great-grandmother was 104 and her sister was 110, so I think I have longevity on my side. I may be hit by a House of Commons bus this afternoon, but my information may be around for a long time too.
    Hon. Joseph Volpe: All the more reason to eliminate it--
    Mr. Brian Jean: Joe will throw himself in front of the bus.
    Voices: Oh, oh!
    Ms. Lois Brown: Ms. Bernier, thank you for the comments about the trusted traveller program. I'd like to pursue that just a little bit more if we may.
    I think what we've heard in all of the presentations around this discussion of airport security is that we need to develop a seamless process. Not only is that important for a passenger's sense of well-being, which is so important, but it's also important for the productivity of our nation. All of that has to be taken into consideration.
    My question comes in around other areas where information is being attracted by persons who are using it for ill, where people have already given their personal information on forums like Twitter and Facebook. I know you identify that there are technological threats.
    When I have consensually given my information to NEXUS and I've made my application, I do not find that intrusive. What kind of information do you think is appropriate for us to be asking for? Do you have comments on that? What direction would you give the government on how we collect that and what we collect?
    What we collect is strictly what is necessary to fulfill the objectives of the program. That's the framework. We collect not one piece of information more than what is actually needed to fulfill those objectives.
     Once you have collected the information, you must ensure that it is kept absolutely secure, which is the step about data protection. That would be our stance when reviewing, for example, a trusted traveller program.
    We are looking at engaging more and more people in the NEXUS program because that is going to provide efficiencies in the system. People have chosen to go through that program. They've chosen to give their information to the government, and the government has said that it will provide the level of security necessary to ensure that the information is not going anywhere else.
     How does a person then ensure that their information has not been taken from another source and yet NEXUS is accused? We know that there are multiple areas for people who are phishing on the Internet to find out information about individuals: where does that balance come in?
    Our office does audits, as we did for the passenger protect program, precisely for that reason. As I stated earlier, first and foremost, we will require justification for the invasion of privacy. Why do you need this information? How is it proportionate to your objective?
    Once you have collected this information, we will look into whether the government protects it absolutely securely. We all know that the government is the greatest holder of personal information and the holder of the most sensitive personal information. Therefore, there cannot be a leak. That is why we exercise our audit functions to regularly check in and look at how the technological infrastructure is protecting personal information.
    Thank you.
    We'll go to Mr. Dhaliwal.
    Thank you, Mr. Chair. I will share my time with Mr. Volpe.
     Thank you, Madame Bernier and Mr. Baggaley.
     I'm carrying a NEXUS card. Even though it's issued by U.S. authorities, I'm a Canadian citizen. Do you support a program like NEXUS to fast-track security clearance for frequent travellers?


    First of all, we would leave it in the hands of the aviation security authorities to come up with a program. They would submit to us a privacy impact assessment, which is an analysis of how their program ensures a proper balance with privacy. Our function would be to review that privacy impact assessment and make recommendations, as appropriate.
    That program is already in effect at the Ottawa international airport. They have a sign displayed that says if you are a NEXUS cardholder you go through this line, even though it takes longer than the other lineup.
    Yes, but I understood that.... Well, perhaps Mr. Baggaley can speak to that. I thought you were...of the new program.
    Well, yes, but let's just make sure that we're all clear here that what a NEXUS card allows you to do is get through customs and immigration when you're returning to Canada or when you're entering the United States.
    No, no. It's different. If you go to the Ottawa airport today, you will see a lineup and a sign that says that if you are a NEXUS cardholder, you come through this security line, even though it takes twice as long as going through the other lineup.
    And that's because in the Ottawa airport the United States has established a pre-clearance area. So that's an exception, where that's a trusted traveller program that will get you through U.S. customs and immigration more quickly.
    In terms of whether we would support a trusted traveller program to get through security more quickly to fly from Ottawa to Toronto, we don't take a position on whether that should be introduced. If a decision were made to introduce it, then, as Ms. Bernier suggested, we would look at what measures were in place to minimize the collection of information and to ensure that the information was protected if that program was put in place.
    I have a short question and then I'll pass this to Mr. Volpe.
     Do you have any concerns about the Israeli style of behaviour security programs?
    First of all, we have already been told that should such a program be instituted in Canada, it would be submitted to us with a privacy impact assessment. We would therefore look at how it's built according to Canadian law for the protection of the right to privacy.
    Thank you.
    Madame Bernier, you probably won't have any trouble with the government. We've already heard a couple of government members say that privacy issues are secondary to them as long as security is first. It's amazing, because one would have expected that an ideological position on the part of the members opposite might have strengthened their desire to protect individual rights.
    On that issue, when the government put in a passenger protected program—and I see this is noted in one of your recommendations—they neglected to establish a mechanism for taking people off the no-fly list once they are on it. So while you focus on the official who is responsible for putting names on the list and delisting people, the fact of the matter is that the Minister of Transport is the only one who can take your name off the list. And he's not asking anybody at the Department of Homeland Security to take your name off the list, because he can't.
    So what kind of privacy impact assessment can you possibly provide them when they decide--if they do--to use the Israeli system, which is predicated on knowing who everybody is who is actually going to go through Ben Gurion? It's not an impossible task, given that the population of Israel is less than that of the GTA and Toronto. Do a roll call and you'll find out who's not acceptable.
    We can only do the review of privacy impact assessments of Canadian government measures. Here, on Secure Flight, we're going further, because even though it is not within our jurisdiction, we feel that the rights of Canadians will be affected and, therefore, that Canada must do all it can to minimize that impact.
    But you correctly say that we do not have a function of reviewing privacy impact assessments of a foreign country. We read and analyzed the privacy impact assessment provided by the Department of Homeland Security, but that was simply for us to truly understand the scope of the impact on Canadians. Unfortunately, we do not have any jurisdiction to effect change in that regard.


    Thank you.
    Monsieur Gaudet.


    Thank you, Mr. Chair.
    You might not like my question, but I will ask it anyway.
    Is the office of the commissioner proactive or reactive?
    I know that you conducted an audit in the fall of 2009.
    I would say that we are proactive and reactive, depending on what it is we need to do. As far as audits are concerned, we are proactive. We decide to conduct an audit based on any risk we have identified. We decided to conduct an audit of the passenger protect program because we felt it posed certain risks to people's privacy.
    Why did you not discuss the passenger protect program with CATSA or Transport Canada? In that case, you were not proactive. You seem to be proactive only when the time comes to conduct an audit.
    I have to say that I was not around when the passenger protect program was brought in, but I was there when the full body scanners were approved. In fact, we did sit down with them and have discussions. We had a document to evaluate issues related to privacy. Indeed, if you are interested, our response letter is up on our Web site. So you can see for yourself what really happened.
    However, it is quite clear that we are not the ones who developed the passenger protect program. We are not responsible for it. Our responsibility is to make sure that, when a program is developed, it does not violate people's privacy. That is why we receive drafts of programs. We receive the evaluation conducted by the department as far as privacy is concerned, and then we make recommendations to ensure that people's fundamental rights to privacy are respected. So all we do is make recommendations.


    I'm sorry, but we are out of time.
    Thank you to our guests for being here today. We look forward to further input as we move forward.
    As a notice to committee members, on Thursday we're doing Bill C-442, the Holocaust bill, so if you do have any amendments or concerns, please contact Bonnie.
    With that, Mr. Jean.
    I'm just wondering, after Mr. Volpe's comment, does that mean he knows everybody in the GTA?
    Voices: Oh, oh!
    Thank you.
    The meeting is adjourned.
Publication Explorer
Publication Explorer