Skip to main content
Start of content

SECU Committee Meeting

Notices of Meeting include information about the subject matter to be examined by the committee and date, time and place of the meeting, as well as a list of any witnesses scheduled to appear. The Evidence is the edited and revised transcript of what is said before a committee. The Minutes of Proceedings are the official record of the business conducted by the committee at a sitting.

For an advanced search, use Publication Search tool.

If you have any questions or comments regarding the accessibility of this publication, please contact us at

Previous day publication Next day publication
Skip to Document Navigation Skip to Document Content

House of Commons Emblem

Standing Committee on Public Safety and National Security



Wednesday, November 7, 2012

[Recorded by Electronic Apparatus]



    Good afternoon, everyone.
    This is meeting number 58 of the Standing Committee on Public Safety and National Security. It is Wednesday, November 7, 2012. Today we are dedicating a meeting to the subject matter of clauses 264 to 268, affecting the 2001 Customs Act.
     These clauses, as you know, are part of Bill C-45, A second Act to implement certain provisions of the budget tabled in Parliament on March 29, 2012 and other measures. These are the clauses of Bill C-45 that are under the purview of our committee.
    Our witnesses today will help us examine these clauses. They are from the Canada Border Services Agency.
     We welcome to our committee, first of all, Mr. Daniel Champagne, director general of infrastructure and environmental operations; Ms. Kristine Stolarik, the director general of the pre-border programs directorate; Ms. Anita Henderson, counsel with the legal services branch; and also Ms. Sharon McKeen, manager of the travellers unit, advance information and programs.
     Our committee thanks these witnesses for testifying today. Once again, we have Canadian public services responding to our call on short notice to help us as the committee go through these clauses that are part of the implementation act. In our final 30 minutes, we will have a discussion of possible recommendations and amendments based on what we have heard today.
    Mr. Champagne will be bringing forward the testimony, and we look forward to that.
    I see that you have a printed text and it is not that long. We are going to try to keep it as short as possible so that we have ample time for questions and then ample time to draw up our recommendations.
    As the committee is aware, the Canada Border Services Agency is responsible for integrated border management that supports national security and public safety priorities and facilitates the free flow of legitimate persons and goods, while meeting all requirements under program legislation.


    This responsibility extends to the enforcement of immigration and refugee policy, border inspection of food, plants and animals, and providing intelligence and enforcement support to uphold our safety and security obligations under the law.
    In all, the CBSA is responsible for the administration of some 90 acts and regulations that govern the admissibility of people and goods into and out of Canada.


    Today we are pleased to be here to discuss the proposed changes to the Customs Act contained in Bill C-45. There are three amendments in total.
    First, with regard to pre-departure traveller information, the first proposed change will amend subsection 107.1(1) of the Customs Act to allow the Minister of Public Safety to require the reporting of prescribed information about persons who are expected to be on board a conveyance. This amendment would allow the CBSA officials to review traveller information earlier in the travel process—that is, prior to departure of a conveyance to Canada. This amendment is consistent with the agency's priorities to push the border out and address threats at their earliest opportunity.
    With all new or modified programs that collect, use, retain, or disclose personal information, the CBSA will assess the risk to individual privacy rights and address those risks through appropriate strategies. Dealing with large volumes of sensitive personal information on a daily basis, the agency respects privacy rights and fosters a culture of privacy throughout the organization. This is evidenced in CBSA's reputation as a global leader in its treatment of advance passenger information and also passenger name record data.


    This amendment will protect Canadians by increasing the integrity of the border, and is also expected to result in cost savings in the long term by reducing costs related to the arrival of inadmissible persons in Canada.



    With regard to advance data requirements for the pre-screening of cargo, the second proposed change amends section 12.1 of the Customs Act. It is aimed at improving the risk assessment of goods before they arrive in Canada. Section 12.1 amendments will strengthen and streamline the pre-arrival, including preload, advance information requirements for all commercial goods destined for import to Canada, including in-transit goods. They will also improve enforcement measures based on advance information provided, including new enforcement measures for failing to comply with a “do not load” notification issued by the CBSA.


    These amendments would allow the Agency to better mitigate health, safety and security threats prior to the goods arriving in Canada.


    The final amendment relates to clarifying port authority obligations with respect to the maintenance of customs facilities.
    Increasingly, owners and operators of international toll bridges and tunnels, airports, marine ports, and railways are questioning and legally challenging the scope of their obligations under section 6 of the act to provide, equip, and maintain adequate port of entry facilities free of charge to Her Majesty.
    The amendments clarify what the CBSA has always required owners and operators to provide and maintain and what owners and operators have always provided and maintained free of charge to Her Majesty since the inception of section 6, enacted in 1986.


    The changes do not impose additional obligations or requirements on owners and operators, who collect tolls and fees from travellers using their facilities. This clarification amendment regarding the scope of the term “maintain” is needed to ensure continued access by the CBSA to adequate port of entry facilities free of charge.


    The three amendments pertaining to the CBSA before you support the agency's efforts to ensure that travellers and goods will not pose a threat to the safety and security of this country.


    Thank you for the opportunity to speak to you today. My colleagues and I are pleased to answer any questions you may have.


    Thank you very much for your testimony. I also want to thank you for having it in a text for us. I think that makes it a little easier.
    We'll move into our first round of questioning, and we'll start with our Parliamentary Secretary to the Minister of Public Safety.
    Ms. Bergen.
    Thank you very much, Mr. Chair.
    Thank you to the witnesses for being here today.
    My first set of questions has to do with the amendments with regard to the advance passenger information program.
    Mr. Champagne, can you tell us if the Privacy Commissioner was consulted with regard to these amendments?
    Thank you very much for your question.
    I will, if it's okay with members, pass this over to Kristine Stolarik.
    Yes, we have worked with the Privacy Commissioner on a regular basis on the API/PNR file. Since 2003 we have actually engaged them on the API/PNR files that we have been working on.
    I do have with me Ms. Sharon McKeen, who is the file expert on API/PNR. She has worked closely with the Privacy Commissioner's office since her tenure in that file. She can also give you a bit of a chronology on how often we have consulted, and walk you through that scenario.
    In dealing with the Office of the Privacy Commissioner, we communicate with them on privacy impact assessments. We have three privacy impact assessments in place since 2003. There were two in 2003, one in 2004. We have also responded to an audit in 2006. We had a joint review of the requirements to provide API/PNR from all commercial carriers on flights bound for Canada. These are inbound flights only, not domestic, not outbound.
    We had consulted with the OPC in March 2011, and as recently as June 2012. In June 2012, when we did meet with them, we went into a lot of the...let's call them the improvements that we are bringing into place for API/PNR.
    We have the intention of meeting with them in two weeks to have technical discussions on PNR. This was a recent request that has come in from the Office of the Privacy Commissioner.


    Thank you.
    If I'm understanding you, the answer is positive: yes indeed, you have consulted on an ongoing basis. It sounds like, once these amendments were brought forward, there's been discussion with the Office of the Privacy Commissioner.
    Can you tell us what the office's response has been?
    The office is interested in the modifications to the program that are currently being discussed in another forum, in negotiations with the European Union. I won't at this time get into the negotiations, as they are ongoing.
    We have heard from the OPC that they are concerned; that if the access, collection, retention, and privacy safeguards are changing, they want to be apprised. This is why we on our own initiative requested to meet with them in June 2012 to address any of their concerns and to make sure.
    When we approached cabinet in 2010 and then also in spring 2011—we had to go back for a revised mandate—our obligation to keep the OPC informed was in the mandate. We have done so. Their main concern is the retention, access to, and collection of API/PNR data. Those are the areas we'll focus on as we continue to keep them abreast of changes that are being considered for API/PNR.
    We appreciate that. We want to ensure that the legitimate flow of trade and travel is facilitated and that anything illegitimate or illegal is not. But our priority remains the privacy of Canadians, so we appreciate so much these very proactive endeavours. Thank you for communicating this information to us.
    On that same topic, Mr. Champagne, you may wish to comment, or one of the other individuals with you. You briefly mentioned, because of the work you do, the ability of CBSA to deal with very sensitive and very private information.
    Can you talk a little about that and about what kinds of processes you already have in place, as well as how you work with the Privacy Commissioner on a number of these initiatives? I think it's important that we know about working with sensitive information, and again, the privacy of Canadians being an important part of what you do, we need to hear some of the background and some of your history on this.
     I'll defer to Kristine Stolarik on the question of privacy. Thank you.
    Thank you for the question.
    Mr. Chair, I will defer to Sharon McKeen, because her office has done a lot of work and is responsible for a lot of the sensitive information that we deal with on the API/PNR front.
    Thank you.
    To go back to the evolution to the API/PNR program, the API—the advance passenger information—is the biographical information; that program's inception was in 2002. Then we further included the receipt of information on travel, which is the passenger name record, your itinerary.
    The Office of the Privacy Commissioner was not pleased with our having access to information on everybody travelling to Canada. They had serious concerns. Because of those concerns, we have done and continue to do a lot of work to monitor the systems. We have a set of 43 commitments in place with the European Union. Those commitments have been entrenched in regulations and legislation.
    They dictate where the information is to be retained—they even name the automated system in which the information is kept—and they name who has the ability to authorize. We have authorized access related to function and to use, and on a need-to-know basis. We have commitments in place for the retention of the information, for the sharing—who we can share with—and how often we are able to access that information.
    That information, and this is a very important point, is actually depersonalized as we get it. The full information on the traveller comes in, and we have 72 hours with that information. At the 72-hour mark, we begin to depersonalize, so that the passenger's name is actually masked from the information.
    We have further access to that information from 72 hours to two years. At two years, all of the information is depersonalized, so there is no information that can be connected to the individual.
     We have further access for 18 months—up to three and a half years. At the three-and-a-half-year mark, all of the information is deleted or expunged from our system.
    We retain the information that's necessary for enforcement or intelligence activities only. We have access to that information for as long as that's an active case. When the information is no longer active, no longer needed for enforcement purposes, that too is deleted.


    Thank you very much.
    We'll now move to the official opposition, to Mr. Garrison.
    Thank you very much, Mr. Chair.
    Thank you very much to the witnesses for being here today, at short notice not because of our committee but because of the way this is proceeding in the House.
    I'm going to focus my questions on the pre-departure traveller information. I want to go back over to the question that Ms. Bergen was asking.
    You have been in consultations with the Privacy Commissioner's office, but that does not mean that the Privacy Commissioner's office has signed off on any of this material that's before us today in this bill.
    They have signed off on the privacy impact assessments that were created in 2003 and 2004. We're currently amending those privacy impact assessments to reflect the changes in the evolution of the program.
    This is the reason we are starting our briefings with the Privacy Commissioner, to address their concerns.
    So the changes that have been made in the program have not yet been assessed by the Privacy Commissioner's office, and in addition, these amendments have not yet been assessed by the Privacy Commissioner's office. Is that correct?
    With regard to the amendments that are being considered, we did begin our negotiations with them in June, and we did share with them some of the amendments that we are undertaking with the European Union.
    One thing that happened to us today is the result of unfortunate scheduling, in that the finance committee was competing for the Privacy Commissioner. Because of our restrictions, we won't be able to have the Privacy Commissioner here. That is why I'm spending some time on this. These are questions I would prefer to ask the Privacy Commissioner, so I apologize if they seem less appropriate to ask to you.
    If I understand the impact of the main amendment here, on pre-departure traveller information, it's to allow collecting both API, as you call it, and PNR information earlier in the process and have it conveyed to the Canada Border Services Agency earlier in the process. Am I correct about that?
    Yes. Today the information is sent at the time of departure. Many of you or likely all of you have flown. It's important to note that you're in your seat, your seat belt is on, the door is closed; you're coming to Canada. Unfortunately, for short-duration flights and for numerous flights coming in at the same time, there are often competing priorities for our targeting and intelligence folks to assess risk.
    The reason we're receiving API/PNR is to identify threats coming to Canada that threaten the safety and security of Canadians. For this reason, and to compete in the international forum as well, we need the information a little bit earlier to be able to assess the threats.
    Does that mean that, if you get it earlier, you'd be going back to the airline or whoever is conveying this person and would be asking them to deny boarding?
    It is certainly one of the opportunities we have. It's not something we have in place today.


    What other purpose would there be in this amendment, other than that one?
    Identifying the threats; if we don't provide a board/no-board recommendation, one of the opportunities is to identify the threat so that when they do reach Canadian soil, we're able to meet them and mitigate that threat.
    Are you anticipating there would be sharing of this information if it's required earlier with other governments or with the security agencies of other countries?
    Our sharing wouldn't be outside of what we share today. We share only under existing agreements that permit us to do that sharing and for enforcement purposes.
    But you are anticipating, then, if this was earlier, that you could.... This is providing the opportunity to potentially share that information before the person has actually boarded a flight.
    The same as we do today.
    Well, you don't do it today, because you don't have it before they board the flight.
    No, but the sharing would—
    I'm just trying to get at what the change is here that we're trying to look at.
    Yes. The change, really, is to allow us the time to assess the risk before the people come to Canada.
    We of course would like to identify the threat on foreign soil and not have them come to Canada. That would of course be the optimal situation. Even if we don't have the ability or don't get the approval to do something like that, identifying the threat while they're en route and being able to address it as soon as they land here on Canadian soil is of course one of our key objectives.
    So the advance pass information is essentially passport information, the kinds of things that would be in a passport.
    It's your biographical information.
    And in what sounds rather innocuous—the passenger name record—is actually the entire itinerary of the passenger?
    Ms. Sharon McKeen: Absolutely.
    Mr. Randall Garrison: That would include travel other than to Canada, if it's part of the same itinerary? In other words, if someone were passing through Canada en route to another country, that information would be contained in that record.
    But only if they land here.
    Mr. Randall Garrison: Right: only if they land here.
    Ms. Sharon McKeen: It's only for international flights landing in Canada.
    My understanding—we received a letter today—from discussions with the Privacy Commissioner's office is that there's a very broad range of information contained in that innocuous-sounding passenger name record. That includes everything from perhaps who paid for the ticket to the names of other people travelling with the person. The letter today raises dietary requirements, which might reveal details about religion or other personal characteristics.
    How long is that PNR currently being maintained in the system, the PNR for every passenger?
    I'd like to address two key points.
    One key point that I think is worth mentioning is that we do not have access to sensitive data. If any sensitive data, such as religion, meals, and certain preferences, whether they be.... Anyway, I won't get into the details, but if any sensitive data hits our system, it's actually deleted right upon receipt. Nobody sees it. We don't have access to it. We don't have permission to have that information.
    To your second point—
    Would that include travelling companions? You don't worry about that as sensitive information.
    No, we don't. If you have PNRs, you have where everybody is sitting in the plane. You could know half the plane. It's public information.
    The other point is that the information is retained to a maximum of three and a half years, unless, of course, that information is key to an enforcement action. With respect to depersonalization of the PNR, your name is taken off after 72 hours. At the two-year mark, anything identifying you is taken off. At three and half years, if it hasn't been accessed or used, it is further deleted.
    At two years, access to that information is very, very limited and is authorized only by the deputy minister, or the head of the Canada Border Services Agency.
    Thank you very much, Ms. McKeen.
    We will come back.
    We'll go to Mr. Leef, please, for seven minutes.
    Thank you very much, Mr. Chair.
    I guess most of these questions again will be directed to Ms. McKeen.
    Looking at current-day operations and procedures to identify threats on foreign soil, there are some means and mechanisms that already occur, correct?
    Ms. Sharon McKeen: Yes.
    Mr. Ryan Leef: As you were articulating to Mr. Garrison, under the current terms and conditions and sharing agreements you have, that information, if it's identified through the procedures and means you have today, are shared in accordance with those agreements. That's not going to change at all with this—just your ability to collect that sooner and use different techniques, as it were, or different bodies of legislation. Would that be accurate?


    It is accurate if.... Yes. It's accurate.
    If I'm an international traveller coming into Canada and then carrying on to a different destination, currently I would present myself at a point of entry. I would have to divulge my full travel itinerary if questioned by a CBSA agent at that point of entry. Is that correct?
    That's correct.
    That's not really changing anything now, is it?
    This is just as a matter of curiosity. In the initial presentation, you said it will improve enforcement measures based on the advance information provided, including new enforcement measures for failing to comply with “do not load” notifications issued by CBSA. Do we know now how often there's non-compliance with “do not load” orders from CBSA?
    Thank you for that question.
    You're talking about “do not load”. Are you flipping over to the cargo side now?
    I think that's the reference you're using in this presentation. It's the cargo aspect, yes.
    What we want to do is strengthen our existing requirements for providing preload, advance information on the cargo side. Sharon was talking about the people side. Now we're going to talk about the cargo side, specifically in the marine mode.
    We'd add a preload requirement in the air mode and strengthen existing enforcement measures as well. Currently we don't have that, so we'd like to add that. That's what it's doing right now. Currently we have it in marine. We don't currently have it in air, so we're getting that provision for air.
    Again, what we want to do there is that before the cargo is even loaded, is in a foreign port somewhere, if we get intel or information that something is not right in that shipment, it would not be allowed to load on that vessel.
    I'm sorry I'm flip-flopping back and forth, but when we go to the passenger name recognition and the advance passenger information, will it apply to people arriving in Canada by air, land, or sea?
    Air mode only.
    Airport only.
    “Air mode” only.
    Okay. Great.
     You mention on page 4 of the document that the amendment concerning API and the PNR is expected to result in cost savings.
    Is there any kind of projection for these savings, or is it just that generally you think there will be a cost savings?
    I would prefer not to comment on something that may happen in the future.
    That's fair enough. Thank you.
    Are there any other enforcement activities or strategies—and here I'm thinking maybe of the future, when you're talking about legal challenges and obligations for owner-operators of bridges and toll services—where expected pre-screening or any other means of dealing with passengers ahead of time will help the flow of traffic through the ports of entry?
    This may be future thinking...more than this current bill, but if you have owners and operators talking about having free access by CBSA, I'm sure they're more than amiable to having free access...CBSA if the flow is moving well, because of course that enhances profit for them on the toll system.
    Is there anything CBSA is looking at in terms of advance strategies to deal with our clients coming through those points of entry?
    Thank you for the question.
    Currently we have in place the trusted traveller program—the NEXUS lanes that you see, which expedite the low-risk travellers. They're pre-risked; they're trusted. They have that special lane that they can go through. This decongests the regular lanes of traffic for the regular travellers.
    On the commercial side we have the equivalent, called the FAST lanes, for commercial cargo that has been pre-cleared and has been basically designated to go through that lane as well.
    Are there future plans? Part of the Beyond the Border initiative absolutely has requirements for expansion of NEXUS lanes and FAST lanes. It's in part of the plan, so it's in progress as we speak.
    Then these amendments to this bill in the air mode component really are complementary to a greater picture of CBSA strategies to move people in and out of our country more efficiently, more effectively, and safely for Canada. Would that be an accurate characterization?


    I would say it's very accurate. We would like to focus on our high-risk goods and take the attention away from the free flow of low-risk goods and people coming into the country.
    Mr. Chair, I don't know that I have any other questions.
    There's another minute, if somebody has a quick question.
    Mr. Dechert, please.
    Thank you very much, ladies and gentlemen, for your presentation today.
    I travelled recently to the United States. There was a situation in which the airline I was travelling on lost all the passenger information—it had a computer problem—and so the information had to be re-entered.
    That raised a question in my mind. Is what we're proposing here today the same kind of process as the one the Americans use in pre-screening passengers who are inbound to the United States, or is it something different?
    It is very similar to what the Americans do. The Americans receive the information pre-arrival. They're actually up to 96 hours pre-travel, whereas today we remain at time of departure. We're looking to align ourselves with them.
    Thank you very much.
    We'll move to Mr. Scarpaleggia, please, for seven minutes.
    Just to follow up on Mr. Dechert's point, what is the distinction between the data set he was talking about and what we're talking about?
    It's advance passenger information. I don't know whether he was referring to passenger manifests, but....
    I'm just trying to understand this a little more clearly. Right now, let's say you board a plane coming from overseas.
    Well, first of all, why does this only apply to passengers coming by air travel? Is it because, if they're coming by train, necessarily they have been screened in the U.S. somewhere? I don't understand why it's only for air travel.
    If you're coming in by train, I guess you're already in the U.S., you're coming to Canada from the U.S., so you've been screened at some level. You figure that's a very low risk, is that correct? Yes.
     If you were coming in by car at the border, again, they would do the check right away, I suppose. Is that it? At the border, they'd take your name and they'd input it right away?
    And by ship, is there a need to pre-screen by ship? I know there isn't a lot of ship travel to Canada. Or maybe there is, but...I don't think there is.
     The easy answer to the question is that air mode is deemed to be a higher risk than land and marine. With land, it's not feasible to get advance information. Most people jump in their car, they want to drive over to the States to go shopping, it might be last-minute. It's not the same type of presentation of information to gain access to another country. Also you have that one on one, you have the booths set up, so the dynamic is a little bit different.
    With air mode, as of course we've all experienced in the past, there can be significant security issues to the Canadian public—
    By sea, though, it's analogous to air travel, in a way. I mean, you're coming from overseas; generally you're not coming from the U.S., although you could be.
    Is that a subsequent phase that you'll be looking at?
    Future consideration.
    Future consideration. Okay.
    At the moment is the way it works that as you get on the plane, it is at that point that your name enters the system, so that your identity is being checked while you are in transit?
    When do they start checking, verifying, if you're a risky passenger at the moment? When is this done?
    It's done at the time of departure.
    Meaning the time that you board the plane?
    You are on the plane. You are pretty well ready for take-off. The information is set. The information, if not set before the plane taxis soon as the plane is up in the air, maybe 20 minutes later, we have the information.


    Why do they wait that long? Why can't they do it at check-in or something?
    We don't have authorization to get the information any earlier than at time of departure. This is why we're seeking the amendment to section 107.1 to allow us to have the information in advance.
    Oh, I see. Okay.
    So the information you're getting is names, basically. Passport information, as Mr. Garrison said, is your name, your gender, all of that. And then this goes into a system. What does the system do? It cross-references to an RCMP database, a CSIS database? What really happens inside the computer, if you will?
    We receive the information. It's two packages of information. The API is your advance passenger information, page 2 of your passport: your name, your date of birth, and your particulars. The passenger name record is information about your travel. We take that information and we check against various Customs databases. We want to know if you have any wants or warrants. We want to know if there is an indication of criminality. We do vet the information. We do not have the ability to check every single passenger, so of course now that's when we come into scenarios and intel tips.
    So there are various things that we do with the information from an enforcement and an intelligence point of view.
    This seems all very straightforward, so I don't understand why.... You're not talking about dietary restrictions and you're not asking if the person has ever visited a psychologist, so where are the privacy concerns? And I'm asking so that I can understand. I'm not trying to suggest there aren't any. Where do the privacy concerns come in?
    Essentially the privacy concerns come in that you are receiving information for all passengers coming into Canada, so between 22 million and 25 million passengers per year, without provocation or impetus behind receiving that information.
    So I haven't said “You are high risk, I need your information”: everyone starts out at the same level of risk. It's by evaluating that information that we identify if you fall into a category of high or low risk.
    What suggestions has the Privacy Commissioner made? Again, it seems pretty straightforward: name, gender, whatever else, which is basic information. What are the Privacy Commissioner's concerns?
    The Privacy Commissioner's concerns are that we retain the information for a long period of time. We've evaluated that you've come in; why do we need the information for three and a half years? That's the current retention period for those packets of information.
    Right: all kinds of things could be done with that information.
    Now, is this information transmitted to the U.S. as well?
    The Americans have their own API/PNR program.
    So if I board a plane for the U.S. from here, do I put in my information in advance at a computer screen? How does that work?
    It's the same way that the information is here....
    I don't know if I should be commenting on the American system.
    Well, it's important. We keep reading that this information, in a future iteration of this plan, at some point will be passed on to the United States—
    Very quickly, Mr. Scarpaleggia.
    —and we don't know what the Americans are going to do with it. They could be checking it against all kinds of things.
    I don't know; to me, this is the potential black hole. Anyway, we'll stop there.
    Thank you, Mr. Scarpaleggia.
    We'll now go back to


    Ms. Doré Lefebvre.
    You have five minutes.
    Thank you, Mr. Chair.
     I would like to thank you for the information about the amendments made to Bill C-45. I greatly appreciate it and I find it very interesting.
     As my colleagues were asking questions, I kept taking notes. I am sorry, but I am going to try to sort all this out at the same time.
    You talked about the fact that the information would be reviewed earlier. As you said, at the moment, that takes place when you are already on the plane. If I am not mistaken, with this amendment, you would get the information at the check-in. It is simply a matter of the processing procedure. Nothing changes in the way the information is gathered, but that gives you the power to do it 20 minutes earlier, for example, to make sure that people do not get on the plane if there is a serious problem.



    Yes. It's simply allowing us to obtain the information in advance to be able to evaluate the risk.


    That would make it possible to gather information earlier and to extend the retention period. You will now be able to keep the information for three and a half years.
    Are those the only changes under Bill C-45 that affect your agency?


    Bill C-45 does not bring about changes for the retention period. Bill C-45 is only asking for the information for those who are expected to be on board a commercial carrier destined for Canada.


    In other words, that only affects air transportation of people and goods. Is that correct?


    No. It's air mode for people only, all modes for goods.


    So, in the case of goods, all modes of transportation are affected. That is what I was confused about. I was wondering why marine cargo was not affected.
     Has the Privacy Commissioner expressed any concerns other than the fact that you are going to retain the information for a longer period?


    The Office of the Privacy Commissioner speaks to privacy safeguards, access, collection, retention, so really the entire use and obtaining of the information. So from the Office of the Privacy Commissioner's point of view, they want to make sure that if things are changing in the future, they're not changing outside of the privacy safeguards they want to see in place, so we have to address every component.


    I would like to go back to the fact that, in the case of passenger transportation, only airlines are concerned. My colleague Mr. Scarpaleggia has briefly touched on this issue, and so did my colleague from Yukon. You said that air mode poses the highest risk. My colleague Mr. Rousseau just left, but I can tell you that, in his riding in particular, there are very serious problems with people crossing the border by car.
    So I wonder why it does not cover all modes of transportation. Is it simply because air mode involves more risks or are there other reasons?


    We need to look at the feasibility of implementing in other modes. It's just not as feasible in the land mode. Everybody who is crossing the land border is expected to present themselves to a customs official, a border services officer. At that time the border services officer will evaluate the documentation of the individual seeking entry into Canada.
    Thank you.
    We'll now move to Mr. Norlock, please.
    Thank you, Mr. Chair, and let me through you thank the witnesses for appearing today.
    I suspect very strongly that most of my questions are going to need to be answered by Ms. McKeen.
    I'm sorry to keep on this, but there are a few questions I'd like answered.
    First, can you explain and give us some examples of situations in which an officer would direct a transporter not to carry a traveller to Canada—in other words, the negative side of this?
    If the individual poses a serious and immediate threat to the Canadian public, they should be given the recommendation not to board the individual.


    Let me interject quickly that I suspect very strongly that you would have in the system in your department some good examples of how this worked. Without giving names, times, and dates, give an example of what maybe you did involving a person, if you have it. If you don't, that's fine.
     Actually, I would probably prefer not to get into the details. However, an important aspect is that we need the legislative backing to be able to do that.
    Second, have the privacy implications of the advance passenger information or passenger name record program been assessed? I think you've gone through some of this, but if could you expand on it, by whom has it been assessed? Was it just the Privacy Commissioner, or are there other agencies or departments that you have contacted? Are there certain protocols that you follow to do this?
    If you would, explain that to us—the privacy implications. Is there anyone other than the Privacy Commissioner?
    Thank you.
    When you're designing programs that collect personal information for use and retention or disclosure, what steps are taken to identify any possible risks posed to an individual's privacy rights? I think you mentioned a few, but could you go through the steps? In other words, the information goes in, people are identified—something is “flagged”, I guess is the common usage.
    How do we make sure that any possible risks that are posed don't interfere with a person's privacy rights, yet you get to protect the people on the plane?
    I'm not really sure what your question is.
    I'll repeat it: what steps do you take to identify any possible risks posed to an individual's privacy rights?
    We have very strict privacy requirements in CBSA. We follow those regardless of whether you pose a high risk or are deemed to be a lower-risk individual. This doesn't change just because we're requesting advance passenger information.
    Thank you very much.
    Let me go on to the other modes of transport. I think you answered accurately.
    For many of these questions, we use the information we would hear when we deal with our own constituents as members of Parliament. I think my constituents would be rather upset, if they were going, let's say, to the U.S. to go to someone's funeral or if it were a medical emergency and they had to phone ahead and let the Canadian border services know that they were going across the border.
    I want to thank you for bringing up the practicality of that. But since we're talking about other modes, I wonder whether your department has looked at.... We know that people travel by ship or by boat. What do you see as some of the impracticalities of obtaining that kind of information? They are somewhat contained, I suppose, if they're just going across the St. Lawrence or something like that, but I'm thinking more of cruise ships and that sort of thing. Do you gather any information from cruise lines, let's say coming from Europe or Asia, respecting passengers?
    Speaking from my perspective, we deal with the air mode only, so I don't have the type of information you're seeking on what we do with cruise ships.
    If you would like further information, I can certainly gather it and provide it.
    Would you send that to us, just as a matter of interest?
    Thank you.
    Thank you, Mr. Norlock. You had three seconds left.
    We'll now move to Mr. Rafferty, please, for five minutes.
    Thank you very much, Chair.
    Ms. Stolarik, maybe you could answer this. Ms. McKeen said a few moments ago that the whole point of this amendment—the main one, not the cargo one, though I want to ask about that later, if I have the time—is that we're talking about reducing risk to the Canadian public. That's the main idea of this amendment, isn't it?


    Yes, it is.
    I wonder if you could help me out with this. There seems to be a bit of a disconnect. Why are we sharing this information with anyone else—other countries—if it's only aimed at people coming into Canada? This amendment is aimed at people coming into Canada, so if it's to protect the Canadian public, why are we even sharing any information that we get with other countries?
    I'll defer to Sharon, because she basically is the expert on the API/PNR file.
    The reason we would share with another country would be to mitigate an international risk.
    I'm sorry; I don't quite understand. Let's say that someone is leaving England, flying to Canada. When this bill passes—and this amendment, I'm assuming, is going to go through—you would get advance information, perhaps 96 hours in advance, about who is on that plane and the information that you've indicated here. They would come to Canada. The whole point is to protect the Canadian public.
    So why would you share any information that you have for someone coming to Canada with anyone else? I mean, I don't know how that mitigates risk for other countries—citizens in other countries.
    The individuals who are coming to Canada are seeking entry onto Canadian soil. If they are already deemed to be a threat—they are terrorists, or maybe they are human smugglers, or they are involved in serious transnational crime—that's what we're talking about here; we're talking about mitigating terrorism and serious transnational crime.
    In the case of serious transnational crime, you may reside in another country but you may pose a threat to us. It's in our best interest, from an international forum, that we share information in order to protect the airways, to protect the Canadian public, and to ensure that we are identifying a threat.
    In the case of somebody coming from England, if we have the information early and we have analyzed that they're a threat, it's in our best interest to share information with the authorities—
    So you're collecting this information, and then you share it with other countries. This information is really CBSA's responsibility.
    How do you ensure that other countries use this information—that you pass on to them—in a proper manner? How do you ensure that they use it as it's intended?
    Let me be clear: whenever we share with another country, we have an agreement or arrangement in place. The specifics in the sharing—the use, the retention, all of the privacy safeguards—are itemized in the agreement.
    So it would be unlikely that someone would arrive in Canada, or just pass through Canada, for example; land in, let's say, New York; get taken off the plane; and be put into a Syrian prison for a year—that sort of thing?
    I'm just trying to understand how others will use this information.
    Again, we don't share outside an arrangement or an agreement. The essential information and the privacy safeguards—access, collection, retention.... Use of that information is outlined in the arrangements.
    So you can't guarantee that other countries are going to use it as intended, then. You have an agreement, but there's no real guarantee.
    Mr. Rick Norlock: You can't guarantee it—
    Mr. John Rafferty: I have a question for you, Mr. Champagne. I hate to see—
    Very quickly, Mr. Rafferty. You have 20 seconds.
    Oh. I'm sorry.
    CBSA is losing lots of staff. This whole thing sounds quite labour-intensive. It may not be, but maybe you can explain that to me.
    If you're losing staff, aside from front-line staff—other staff—how are you going to sort out the extra work that's required with this amendment? Or perhaps it's not extra work.
    Very quickly, Ms. Stolarik.
    Basically, we have existing resources that will be doing this, and a lot of it will be automated as well. The computer systems will be doing a lot of this for us.
    Thank you very much, Mr. Rafferty.
    Mr. Hawn, please.
    Thank you, Mr. Chair.
    I'd like to follow up on Mr. Rafferty's line of questioning with perhaps the opposite take on it. These questions might sound a little rhetorical, but I'll ask you to answer anyway.
    Ms. McKeen, why wouldn't we share information with allies with whom we have long-standing agreements? Can you think of any reason why we would not do that?


     I didn't think so.
    If it's in our best interest and to protect the Canadian public, absolutely, we have everything to gain.
    If we have information earlier about somebody who is boarding an airplane in London's Heathrow to come to Canada, and we could prevent that person from boarding and potentially blowing up the airplane with Canadian citizens on board, doesn't that make sense?
    Yes, I think so.
    What guarantee do our allies have, from whom we are getting information, that we are going to use it properly? What guarantee do they have?
    A written agreement—
    They have the same kind of agreements that we have. I realize these questions are rhetorical and the answers are obvious, which makes me wonder why some of the questions before were asked. I just wanted to clarify that.
    More specifically, you talked about identifying information of interest for retention based on potential enforcement action or whatever. Who makes that decision on what information is retained? Is that CBSA? Is it another law enforcement agency? Who makes that decision that allows you to retain that information for a longer period?
    It's actually entrenched in our regulations. We have the ability to do that.
    Okay. So it's the CBSA folks themselves.
    We do have a treaty in place with the European Union, and the commitments are actually outlined. The 43 commitments that I alluded to earlier are in the 2006 agreement with the European Union.
    So there are fairly specific guidelines about the kind of information that can be retained, and why, and so on.
    It's very specific.
    Okay. Good.
    On the privacy, there was some discussion about making a judgment call on protecting somebody's privacy. Who makes that call? Is that the CBSA agent who is dealing with it on the spot, or is that, again, by protocol, by pre-authorized circumstances kind of thing?
    We have privacy safeguards in place. It's very controlled. The systems are accessible only by authorized officials. It's very clear in the 43 commitments what CBSA is going to do with the information—where we're going to place it, who is going to access it, how long we're going to retain it, when we begin to depersonalize it, the reason we're accessing it.
    The reason we're using it is related to terrorism only. We're not looking at that information and analyzing somebody for driving under the influence, for example. It's for the specific purpose of combatting terrorism and terrorism-related crimes, and transnational crimes specifically.
    For my last question, the answer may seem obvious, but it is important for the record.
    Could you outline the potential consequences if we don't pass these amendments?
    If we don't get the information early, we're not able to mitigate threats before they arrive on Canadian soil.
    This may seem like a bit of a silly question, and it may be, but would we have caught the underwear bomber or the shoe bomber under the current two systems?
    We may or may not have. I know that a tip came in from his father. When did the tip come in? If we had the information earlier....
    I mean, we're talking timelines. It's possible.
    The point is that it's all about having information as early as possible.
    Absolutely. The more we know, the better armed we are.
    I rest my case.
    Thank you very much, Mr. Hawn.
    Mr. Rafferty, you have final say on this.
    Thank you very much, Mr. Chair.
    In any kind of sharing and gathering of information, there's bound to be incorrect information that is input or comes from somewhere, whatever the case may be. With this amendment, how can Canadian citizens—if they get flagged, for example—ensure that the right information is there? Is there a mechanism for people to say, “Oh, wait a minute now; I shouldn't be flagged”?
     I will tell you why I ask that. I am regularly flagged at the airport. Now, it's probably because I ask questions like this in committee—
    Voices: Oh, oh!
    Mr. John Rafferty: —but there's obviously a bad boy with the same name as I have somewhere. At least that's all I can assume.
    For a regular, ordinary Canadian citizen, if they get flagged or stopped, what recourse do they have to sort out what's happening?


    Well, I see two aspects of your question. Anybody can be referred at any time for any reason. It doesn't mean you are a higher-risk or lower-risk individual. That's one aspect.
    Is there anything you can do? Not really. We reserve the right to question anybody coming to Canada. Again, it's public security.
    If you are concerned about what type of information was transmitted to Canada for your flight coming to Canada, and any API/PNR, anybody can go on the CBSA website and access their own API/PNR data at any time. There is a form. You can make the request.
    So you can make a request and you can also ensure that there are changes made, if things are incorrect.
    It depends, right? If the information is factually incorrect, you can request a correction and we'll evaluate it.
    The reason I say this is that, you know, you could have maybe divorced and you don't want to see your husband's name or your wife's name on your information, and you ask to have that taken off. We wouldn't, because it was factually correct.
    I use that as an example. We need to evaluate the request for correction or notation as it comes in.
    You gave us the timelines on when the information becomes inactive. I know you have agreements with other countries. How do you ensure the other countries' information also becomes inactive in the same timeframe that it would in CBSA files?
    Are you asking if CBSA checks other countries' retention periods?
    Well, how do you ensure that the information you're passing along gets deleted or whatever when the timeframe is up?
    We have arrangements in place that dictate what they should do. Do we go and audit other countries' systems? Likely the answer is no.
    Are there countries that you don't have any agreements with and don't care to have any agreements with?
    It's not for me to answer.
    One of the problems the Privacy Commissioner had with this particular amendment was whether it is regularly reviewed to ensure that measures being taken are appropriate. I wonder if you could just make a comment on that.
    Absolutely. I would defer to Kristine to add to anything I say.
    We have regular audits in place. We have a joint review with the European Union. We regularly respond to questions from the Office of the Privacy Commissioner. We regularly respond to access to information requests.
    Can I get a quick cargo question in here on that amendment? Who would I ask?
    Have I run out of time?
    You have another minute.
    I don't know who will answer this question.
    Am I to take it from this amendment that there are now going to be safeguards in place? I'm thinking of Canada-U.S. here and travelling by road. Someone could pack freight in Winnipeg and have it checked by customs, which I think used to happen years and years ago. Then it would be locked or sealed. They could travel south of Winnipeg and come through Minnesota, and then into my riding, which is on the other side of Minnesota. Would this amendment allow that to now happen, as it used to I think years and years ago?
    I ask that because it's been a problem. We've lost a number of services in my part of Ontario because they can no longer do that. So Greyhound, for example, no longer services any of our area. I wonder if you could comment if that's what's going to happen now. Is that what this amendment...?
     No. The amendment for the cargo is to allow CBSA to collect the information about cargo, again, destined for Canada in advance. So we can basically...sorry, the preload information, so that we can make the decision to—
    This is leaving Canada and redestined for Canada.
    Yes. That's in transit.
    That's something else. Okay.
    Thank you.
    I think these were all good questions. It's been educational, I guess, for us to sit here.
    Thank you for the very good work that you do. We appreciate your appearing here before our committee today.
    Perhaps, because we don't have the Privacy Commissioner, we will suspend momentarily and move in camera to deal with the other portion of the letter we received from Mr. Rajotte, the chair of the finance committee, to come forward with some recommendations.
    thank you very much for appearing before us.
    [Proceedings continue in camera]
Publication Explorer
Publication Explorer