Skip to main content Start of content

ETHI Committee Meeting

Notices of Meeting include information about the subject matter to be examined by the committee and date, time and place of the meeting, as well as a list of any witnesses scheduled to appear. The Evidence is the edited and revised transcript of what is said before a committee. The Minutes of Proceedings are the official record of the business conducted by the committee at a sitting.

For an advanced search, use Publication Search tool.

If you have any questions or comments regarding the accessibility of this publication, please contact us at accessible@parl.gc.ca.

Previous day publication Next day publication
Skip to Document Navigation Skip to Document Content






Standing Committee on Access to Information, Privacy and Ethics


NUMBER 008 
l
1st SESSION 
l
42nd PARLIAMENT 

EVIDENCE

Thursday, April 14, 2016

[Recorded by Electronic Apparatus]

  (0845)  

[English]

     Good morning, ladies and gentlemen. Welcome to our meeting here in One Wellington. It's been a long time since I've been in this building. I trust everyone found their way here okay. We have a one-off meeting today.
     I would like to welcome to the committee the Honourable Diane Lebouthillier, our new Minister of National Revenue.
    Of course, Madam Minister, you're here to discuss with us business arising out of a motion passed by the committee just before the Easter break to discuss the transfer of files from your department to the United States according to the tax agreements and so on that we've signed as countries. I very much look forward to this discussion.
    The way we'll proceed, Madam Minister, is that we'll have opening comments from you. We have one hour with you, I believe, as we agreed to, and then we'll hear from the Privacy Commissioner afterwards.
    We'll have time, Madam Minister, for about 10 minutes of opening remarks, if that's okay. Feel free to introduce those who are assisting you at the table today. After your remarks, we'll proceed to as many questions as we possibly can.
    We thank you for making yourself available, Madam Minister. The floor is yours.

[Translation]

    Thank you very much, Mr. Chair.
    I welcome this chance to address the committee.
    I am joined today by senior officials from the Canada Revenue Agency: Ted Gallivan, the Assistant Commissioner of the International, Large Business and Investigations Branch, and Marie-Claude Juneau, the Director of the Access to Information and Privacy Directorate in the Public Affairs Branch.
    Mr. Chair, as the world becomes increasingly globalized and cross-border activities become the norm, tax administrations need to work together to ensure that taxpayers pay the right amount of tax to the right jurisdiction. Cooperation with other tax administrations is critical to protecting the integrity of Canada's tax system and revenue base. In fact, Canada is part of one of the world's largest treaty networks, with no less than 92 tax treaties and 22 tax information exchange agreements in force.
    In 2010, the U.S. Congress passed the Foreign Account Tax Compliance Act, or FATCA. FATCA requires non-U.S. financial institutions to enter into agreement with the Internal Revenue Service, the U.S. tax department better known as the IRS. This act, therefore, requires the reporting of information on accounts held by U.S. residents and U.S. citizens, including U.S. citizens who are residents or citizens of Canada.
    If a financial institution, Canadian as far as we are concerned, is not compliant with FATCA, FATCA requires U.S. payers, that is, corporations and other entities that pay amounts such as interest or dividends, making certain payments of U.S.-source income to this financial institution, to withhold tax equal to 30% of the payment.
    This 30% FATCA withholding tax can also be levied in respect of a compliant financial institution, on individual account holders that do not provide documents showing that they are U.S. residents or U.S. citizens. In some circumstances, FATCA could even require financial institutions to close the accounts of certain clients.
    In February 2014, Canada and the U.S. signed an international intergovernmental agreement, an IGA, under the longstanding Canada-U.S. tax treaty. We should mention that the first fiscal agreement between Canada and the United States dates back to 1942. While our countries have been exchanging tax information without any problems for decades, this 2014 agreement provides for an enhanced exchange of financial information to improve compliance with our respective tax laws.
    Less known is that the agreement is reciprocal. So, the IRS is required to provide the CRA with enhanced information on certain accounts of Canadian residents held at U.S. financial institutions. The intergovernmental agreement was signed in February 2014 and legislation to amend the Income Tax Act to reflect the agreement was passed by the Canadian Parliament in 2014.
    Canadian financial institutions that comply with the IGA and related Canadian legislation are now exempt from the 30% withholding tax. Further, Canadian financial institutions report to the CRA the financial accounts they maintain for U.S. citizens. We, in turn, securely transmit that information to the IRS.
    Concerning privacy, the CRA is committed to administering this agreement, and all of Canada's tax agreements, in good faith. During the drafting process of the agreement with the Americans, the CRA, together with the Department of Finance, took great care to consult with the Office of the Privacy Commissioner (OPC). We received valuable input and adopted our approach accordingly as the negotiations progressed.

  (0850)  

    The CRA completed a privacy impact assessment in August 2015. The goal of this assessment was to identify, assess, and mitigate privacy risks. We then submitted this assessment to the Office of the Privacy Commissioner for review. These communications with the OPC and the resulting actions were undertaken with the specific intent of protecting taxpayer privacy.
    Information can be disclosed only to persons or authorities who assess, collect, administer, or enforce the taxes and tax laws to which the convention applies. This information can be used for income tax purposes only.
    The IGA further stipulates that the information exchanged is subject to strict confidentiality and other protections provided for in the convention, including the provisions limiting the use of the information exchanged.
    The CRA exchanged information with the IRS on September 30, 2015. This exchange was done while the CRA followed all of the confidentiality protocols of the treaty and the IGA. Just over three months ago, on January 4, 2016, the CRA received the OPC's recommendations pertaining to the agreement.
    My officials have provided to the committee both the OPC recommendations and a copy of our response to them for your information. It is important to mention that, following our submission to the OPC, none of their recommendations suggested that we were not to share this information last September. The next annual transfer of records with the IRS is scheduled for September 30, 2016.
    I want to reassure Canadians that all tax treaties and exchanges of information are subject to strict confidentiality requirements. Mr. Chair, this is a priority for our government.
    These information-sharing agreements are very important because they allow us to better combat tax evasion and tax avoidance. Canadians are telling us that they want us to crack down on tax evasion and tax avoidance, and the government is committed to do so, as I mentioned earlier this week. This sharing of information is critical to allow us to follow through on that commitment to Canadians.
    In conclusion, I emphasize that Canada and the international community continue to move ahead towards greater tax transparency. But rest assured that confidentiality of taxpayer information remains a fundamental cornerstone of Canada's tax system.
    Thank you for your attention.

  (0855)  

[English]

     Thank you very much, Madam Minister. That was very thorough, very well thought out, and very well articulated.
    We now move to questions.
     Mr. Lightbound, for seven minutes, please.

[Translation]

    Thank you, Mr. Chair.
    First of all, my thanks to the Minister for joining us today.
    I would like to ask you to expand a little on the recommendations you received from the Office of the Privacy Commissioner of Canada.
    Could you tell us what his recommendations contained in terms of the transfer of documents?
    I am going to ask Ms. Juneau to answer your questions and give some comments on that.
    Mr. Chair, the recommendations we received from the Office of the Privacy Commissioner of Canada focus on three areas.
    The first recommendation deals with collecting information. It is to make sure that information collection does not go beyond what we need for the management of our program.
    The second recommendation deals with the retention period. It is to make sure that data are not retained longer than we need for the management of our program.
    The third recommendation is to update our privacy impact assessment. It is to add information about other programs that may use that information.
    A final recommendation dealt with the threat and risk assessment. It was to also include a part of that report in our privacy impact assessment report.
    Did exchanging information before obtaining the commissioner’s recommendations have an impact on the document exchange?
    It had no impact on the document exchange. According to the Treasury Board Secretariat’s directive on privacy impact assessment, we have to make sure that the assessment is complete before the transfer takes place.
    In our case, we completed the assessment in August 2014 and it was sent to the Privacy Commissioner. I am sorry. I said that it was in September 2014, but it was 2015. The first transfer took place in September 2015.
    My last question deals with the Foreign Account Tax Compliance Act, or FATCA.
    Madam Minister, you told us about the reciprocity between the Americans and the Canadians. How many documents do you estimate we could receive from the Americans in this regard? What kind of reciprocity are you talking about? I believe this was one of the matters raised when FATCA was negotiated, because it was not perhaps very reciprocal. I would like to hear your opinion.
    Currently, that information cannot be publicly released because it was obtained under a treaty. It is the prerogative of the country sending the information to authorize public release of the information.
    Those are all my questions for now, Mr. Chair.
    Thank you.

[English]

     Mr. Long is next.
     Thank you, Mr. Chair, and thank you, Minister, for coming today. You gave a great presentation.
    My background is business and I come from a sports background, but sharing of information is something I know is of great concern. For example, the Saint John Sea Dogs have a season ticket base, and we always guard that base. It's very sensitive.
     Do you not concede that, in the public, there is an air of concern or a perception that the transfers of files are a breach? I live in a world where sometimes perception can be reality. In that world, what steps is the department taking to reassure Canadians that their privacy and security are being protected?

  (0900)  

[Translation]

    Mr. Long, our government takes the matter of privacy protection very seriously. All the information exchanged with the United States is subject to very strict confidentiality rules. The Canada Revenue Agency makes sure that tax cooperation with its partners is fully consistent with the privacy rights in effect in Canada. Information exchange is done electronically, through a dedicated, secure and effective transmission system.
    All information that the IRS receives must be kept secret in the same way as information obtained under its own tax laws. All information can only be released to individuals and authorities in the American tax administration and can only be used for tax purposes.
    Protecting the confidentiality of all transmissions is a major requirement for the agency. Protecting privacy really is a priority for the agency and for our government.

[English]

    Go ahead, Mr. Bratina.
     Is the information we share the information we fill out in our tax forms? Is that the CRA information? What is the specific information and where is it gathered?

[Translation]

    I will let Mr. Gallivan answer that question.

[English]

     No, this is information held by financial institutions. The type of information that would be collected would be the name, the bank account number, the address, and information related to income deposits.
    That's information the financial institution collects from their American clients and transmits to the CRA. The CRA then transmits it to the IRS. I would describe it as financial information related to the bank accounts.
    We weren't aware of this until recently, but it's been going on for some time, and that's fine. Are the financial institutions aware of the practices of the sharing of information? Was it a surprise to them?

[Translation]

    The financial institutions are aware of this kind of information exchange. I must emphasize that, if the agency had not signed an agreement with FATCA, the information exchange would be done by the banks. The fact that the agency is involved and that agreements have been reached with FATCA, allows us to protect the information even more and to respect confidentiality and privacy.

[English]

     Thank you very much, Madam Minister.
    Those were great questions. We'll now move to our next member of Parliament to ask questions, and that would be Mr. Jeneroux for seven minutes, please.
     Thank you for being here, all three of you. It's great of you to take time out of your day to be here with us. Also, thank you for taking the time to debate this motion brought forward by my colleagues on this side of the table, the New Democrats.
    In that, I'm hoping I'm not scooping some of their lines of questioning. Perhaps I shouldn't care as much, but we'll go along this side of the table together, I guess.
    I have a quote here from the member from Nova Scotia for Sackville—Preston—Chezzetcook, and he says:
We also have concerns that the agreement reached with the U.S. may not stand up to a Constitutional challenge given that it forces the banks to treat clients differently based on their national origin, something forbidden by Section 15 of the Charter of Rights and Freedoms.
    I'm hoping you might be able to comment on that, elaborate on that, seeing that it's a member of your own caucus.

[Translation]

    I must tell you that, clearly, we would have done things differently from the previous government when the time came to get the approval of Parliament. We would not have rushed the agreement into effect by hiding it in an omnibus bill more than 400 pages long. We would have taken the time to explain clearly to Canadians and to Parliament why the agreement was being adopted. We would have taken the time to discuss it in a much more open and transparent manner in order to provide parliamentarians and Canadians with all the information, as is right and proper.

  (0905)  

[English]

    I appreciate that explanation, Minister; however, those are views of a member of your own caucus. I'm curious as to how your being open and honest with Canadians, as you expressed, still doesn't address his concerns over whether it stands up to a constitutional challenge. Would you care to comment?

[Translation]

    After we had obtained all the information about FATCA, we clearly would still have entered into agreements with the United States. FATCA is an American act. The position that was taken at the time really allowed the Canadian banking system, and Canadians with dual citizenship, to be protected.

[English]

    So we're satisfied, then, that members of your caucus are in support of this legislation now? I guess we'll hear more from them here, but you're satisfied that they are?

[Translation]

    Yes, I am satisfied that I have the support of my colleagues on this.

[English]

    Okay.
    The one last quote I just want to bring up before I pass on my time reads:
We believe that the deal reached between Canada and the U.S. is insufficient to protect affected Canadians.
    That is also from a member of your caucus. It is attributed to the Right Honourable Prime Minister, back on June 25 of 2015.
    Is he now satisfied that the deal, which is the same as the previous deal, is now sufficient to protect Canadians?

[Translation]

    The current agreement adequately protects the rights of Canadians. As I mentioned, the action needed would have been more about the process of implementing the agreement with the United States. We would have worked differently by involving all parliamentarians in open and transparent discussions and by providing information that was fair and equitable for all Canadians.

[English]

    Okay.
    You have a couple of minutes left on this side, if you have anything else; otherwise, we can move on.
    I'm good. I can keep going.
    I do believe that these are important questions that we're asking on behalf of Canadians, on behalf of our constituents. I just want to make sure that we're putting on the record that previously a number of members of your caucus—and there are a few others that I won't go into now—and the Prime Minister were earlier not supportive of this legislation. Now what you're indicating is that because you've had more time to review it, you, the Prime Minister, and members of your caucus are now supportive of this legislation.
    Is that a correct synopsis of your statements?

[Translation]

    That is true, but I must repeat that the difficulty was much more related to the process. If the process had involved all parliamentarians, we would probably not be here today discussing FATCA.

[English]

     I guess that would allow me to question your positions, then, on other legislation that you may have opposed in the past. I guess if this is an example of where we're going in the next four years, I will be eager to see how much of the previous Conservative legislation you now support.
    With that, Mr. Chair, I am done.
    Perspectives do often change when roles change.
    Now we'll move on to members of the NDP. I believe Mr. Dusseault will lead us off with questions.

[Translation]

    Thank you, Mr. Chair. Just to let you know that I will be sharing my time with Mr. Boulerice.
    Madam Minister, thank you for joining us today. I am happy that you are here this morning to discuss this very important matter.
    The transfer took place on September 30, meaning that the previous government was still in power. So that was before you took office as the minister. That said, I am happy that you are here to assume your responsibilities. I hope that that will also be the case at 11 o’clock, at the Standing Committee on Finance, about another matter.
    I have a lot of trouble understanding that you asked for an assessment or recommendations from the Privacy Commissioner about the transfer of information to the American government, but that you did not wait until you found out what the assessments were. In my opinion, that was why it was worth studying this matter.
    What drove the Canada Revenue Agency to action even before it received the recommendations and assessments from the Privacy Commissioner?

  (0910)  

    I think that Ted Gallivan will be able to answer that question.
    Protecting Canadians' personal information is really a process. The Privacy Commissioner confirms in his letters that meetings took place in December 2012, in August 2013, and in January 2014. Other unofficial discussions certainly took place before the document was produced. So the document, submitted in August 2015, was not made public overnight. Extremely cooperative work had been done to adequately protect the information.
    The agency then checked files that were before the courts to make sure that no legal injunction had been issued to prevent the information being exchanged. I also want to make it clear that the agency and the United States have exchanged information for a very long time and it fits well with Canadian legislation. So we were comfortable with the situation.
    I would like to go back to the commissioner’s assessments.
    On February 10, 2016, Forbes magazine reported that 700,000 IRS files, files of American citizens, but of Canadian citizens too, had been hacked. The IRS has major and recurrent problems in terms of the confidentiality of information. Some came to light recently.
    What mechanisms have you put in place to make sure that, once the transfer is done, the information remains confidential and that the United States will comply with what Canada and the Office of the Privacy Commissioner have established?
    This whole situation is dangerous. We have to be able to protect that information once it is in American hands.
    I’m sorry, but I am going to answer in English so that I don’t make any mistakes in my remarks.

[English]

    We conduct what's called a threat and risk assessment, which is a very technical information technology-driven document that looks at the specific IT systems encryption protocols that are in place from an information technology perspective. That was conducted specific to the information we are exchanging under FATCA.
    In addition, there's something called the global forum on information exchange. It's a global network of over 100 countries that focuses on exchange of information and also the protection of the privacy rights of the people whose information is being exchanged. That group uses third-party evaluations. There are three levels of maturity in terms of protection of information, level 1, level 2, and level 3 being the best. Canada is very careful in terms of who it exchanges what information with in terms of that grading. Those gradings are provided by independent peer review; they're quite detailed, somewhat like an OAG audit. We therefore feel all reasonable steps are being taken to ensure the protection of Canadians' private information.
     Mr. Boulerice is next.

[Translation]

    Madam Minister, thank you very much for joining us this morning. It is a pleasure to be able to ask you questions in French.
    I have before me a letter dated June 25, 2015, that states that the Liberal party of Canada believes or considers that the Conservative government’s efforts to guarantee the privacy of Canadians have been inadequate. The letter is signed by Justin Trudeau, leader of the Liberal party of Canada.
    Since there have been no legislative changes since you came to power, can you explain to us why you have completely changed your mind about the legislation that the Conservatives adopted?
    As I mentioned a little earlier, we clearly would have done things differently in terms of what the previous government did when the time came to have the agreement approved. There would have been discussions in Parliament in which everyone would have been involved.
    Previously, you disagreed with the content of the act. I even have a tweet from Marc Garneau, dated July 3, 2014, saying that he and Scott Brison had spoken out against the measures on several occasions in the House of Commons and that they were going to continue to do so.
    Besides the process and the inclusion of parliamentarians, why are you not changing the basics of the legislation, given that you were previously opposed to it?

  (0915)  

    The NDP is loudly clamouring for measures to fight tax evasion and tax avoidance. However, the automatic exchange of information such as we have with the United States allows us to cross-reference information.
    This is about tax avoidance for the Americans, Madam Minister.
    We can also identify inconsistencies in tax avoidance and tax evasion internationally.
    Are you telling me that you are against measures that allow us to fight more effectively against tax evasion?
    I want there to be measures to fight tax avoidance and tax evasion in Canada, but I am pleased that the Americans are doing their part.
    In terms of tax avoidance, I would really like the opportunity to ask you questions about the bilateral agreements with tax havens, such as Barbados, where avoiding Canada tax is legal. I hope that you are going to look at that again.
    I am here today to talk about protecting personal information.

[English]

    Yes, that is the scope of the study today.
    Mr. Boulerice, your time is close to its end. I don't think there's enough time to ask another question.
    We'll now move to Mr. Erskine-Smith, please.
    First, thank you, Minister.
    Second, I do want to shift gears a bit, but I want to stick to access to information, which is the mandate of this committee.
     Specifically, I want to turn to the work of Senator Percy Downe. I commend him for his work in bringing attention to the tax gap. That's the difference between what the CRA is owed and what it actually collects or, in other words, how much is lost to tax evasion.
    My question relates to a previous dispute between the CRA and the Parliamentary Budget Office. Has that dispute been resolved? Has the CRA agreed to provide the Parliamentary Budget Office with the documents that it has requested?
    It's not technically relevant to the study, to the motion that's before us; however, Madam Minister, if you're comfortable providing an answer—
    The answer could be in writing to me later, but it is relevant to this committee. It is an access to information issue, I think, for Canadians to know the tax gap.
    Certainly, but we do have a very focused motion here, and I would appreciate it if we could keep on that track. I'll allow members a certain latitude when it comes to asking questions because these are parliamentary privileges that we all have.
    Madame Minister, feel free to answer if you wish, but if you're not comfortable, you don't have to.

[Translation]

    On Monday, we made a historic announcement about an investment of $444.4 million. We certainly responded to Senator Percy Downe, who has also taken a public position saying that he was in agreement with our direction. So we are now going to work in collaboration with the senator on the tax gap.

[English]

    Thanks very much.
    Was that your only question?
    That was my only question.
    All right.
    Mr. Saini, do you have some comments?

[Translation]

    Madam Minister, thank you for taking the time to come and appear before the committee this morning.

[English]

    There's a question I have for you. Could you could maybe highlight the main points in the Canada-U.S. intergovernmental agreement and also confirm whether there are any U. S. Patriot Act implications with this tax treaty that we have?

[Translation]

    I will ask Mr. Gallivan to answer your question.

[English]

     In terms of the agreement, the exclusion of RRSPs, TFSAs, and those kinds of accounts from the exchange and limiting certain small deposit-only institutions was an important narrowing of the scope of the exchange. Also, the mechanics of the exchange in terms of the timing of when the CRA would receive the information from the banks and the scope of the information we would receive were important aspects of the exchange itself.
    Could you repeat the second part of your question?
    It was whether there were any Patriot Act implications.
    Right. The intergovernmental agreement with the U.S. confirms that the information would only be used for tax administration purposes, so any use under the Patriot Act would be a breach of the agreement the U.S. signed with us.

  (0920)  

    You're confident that any tax information that's conveyed to the United States would only be used in that specific area and would not be shared with other U.S. departmental agencies?
    The U.S. government agreed not to, and we have a long history of exchanging significant volumes of information with the U.S. government, and so I have no reason to doubt their word.
    In your opening remarks you mentioned, Madam Minister, that the next release of information will be on September 30, 2016. Is there a reason that date was specifically chosen? Is it because of the U.S. fiscal year-end, or was it just an arbitrary date that was assigned? It's just for my own interest.

[Translation]

    I have no answer to that question. I will make a note of it and get back to you about it because I do not know whether there is any kind of regulation. My apologies.

[English]

    That's okay.

[Translation]

    Perhaps I could—

[English]

    It won't be the first time an arbitrary date was set for some reason or some purpose. I'm sure the answer can be found to your question and submitted to the committee.
    I'm sorry; I didn't mean to cut you off, Madam Minister.
    Just quickly in terms of context, data is being exchanged on the preceding tax years; in other words, in 2015 we shared tax data relating to 2014. The delay to September is to allow people to file their tax return, get it into the system, get it cleaned up. The banks need time as well. That was part of our work with the Canadian financial institutions: to minimize the burden on those businesses. If we're asking for information about a year, we're leaving time for the banks to clean up their data and get it to us and time for us to make sure that it's protected, and then get it off to the Americans.
    However, we can get back with a more specific answer on the date.
    Certainly.
    That ends our first round of questions. I'm sensing that the momentum around the table to ask more questions is fading, unless others have some questions.
    Go ahead, Mr. Bratina.
    Thank you.
    What does the act say about a breach? What would happen in the case of a breach of the agreement on either side? Is that stated clearly in the document?
    What kind of breach? By the financial institutions or by the U.S.?
    If some of the information gets out there, would that be a breach of this agreement?
    In the past Canada has had a treaty partner breach an agreement, and we cut off all future exchanges with that jurisdiction. I think in the global community, when a jurisdiction has that kind of serious breach, other jurisdictions respond by ceasing to exchange information until they're satisfied that government has put the necessary controls in place.
    Would the aggrieved party likely seek compensation through the courts? Would you envision that someone would sue someone because this information had gotten out? It's a hypothetical situation, but we have a lot of agreements with other countries. We have the agreement with Saudi Arabia that the government is required to follow through on, and hopefully there would not be a breach of the act. I'm just curious about what the remedies are or what the circumstances would be in case of a breach.

[Translation]

    I would like to emphasize that FATCA is an American act and more than 100 countries have to comply with it in terms of Americans with dual citizenship, wherever they are in the world. As far as constitutionality is concerned, all agreements have been and are vetted by the Department of Justice.

[English]

     Thank you.
    I'm coming back to another issue, which is the Investment Canada Act, and an occasion that we have information and they have information, and we'll share it but they don't want to. The pressure on the government is to release information that is considered confidential, so I gather from what you're telling me that it's a serious business to breach an agreement like this, on either side.
    From a tax authority perspective, exchange of information is becoming increasingly important and reciprocity is increasingly important, so at the G20 level, a direction is being given, coordinated by the OECD, for jurisdictions to share information.
    The most recent budget talked about country-by-country reporting for multinational corporations. You have certainly seen in the coverage of the Panama papers that the CRA has engaged its treaty network with other jurisdictions to share information. For those global networks to work, everybody has to play by the rules. As a tax administrator, I take Canada's role very seriously, as do my colleagues in other countries. It's by all of us respecting our legislation that we can make the regime work globally, because global tax concerns are what we're faced with.
    To go back to the question of whether there is there a breach, the most serious consequence from a tax administration perspective would be on our ability to apply the law. The question of a lawsuit isn't a tax authority question. The tax authority question is that we would be cut off globally from sources of information, and that would be very damaging to our ability to operate.

  (0925)  

    Thank you very much.
    Thank you very much.
    We did move into the second round of five minutes, so that kind of takes care of.... I got it out of order. I should have gone over here first, but that's my fault.
    That's on me, so we'll go now to Mr. Kelly.
    Thank you, Mr. Chair.
    Under the intergovernmental agreement, have any Canadian institutions failed to comply with the IGA, the intergovernmental agreement, to date and been subject to the 30% withholding tax from FATCA? Have there have been instances where there has been failure to comply?

[Translation]

    No, not at the moment.

[English]

    Have there been incidents reported of information that is not subject to the agreement, such as Canadian-held RRSPs, TFSAs, or whatnot, being disclosed to the IRS? Are you aware of breaches of that nature?
    I'm not aware of any breaches.
    What I'd underscore is that Canadian financial institutions have done a lot of work to administer this in an effective manner, so what is happening is that these institutions are reaching out to the CRA for clarification before the mistake happens. They've done a tremendous amount of work to make sure this regime works. We have had a lot of calls from financial institutions making sure they don't make a mistake. The Canadian financial sector is very focused on not making an error in administering this law.
    I certainly don't doubt their eagerness to comply and the diligence and priority they would put on compliance, but given the millions of potential files and pieces of information out there, it's surprising that one could say with that degree of certainty that such mistakes and such breaches don't happen.
    Institutions under Canadian law have tremendous responsibilities to protect their clients' information, and it would be surprising, with these two conflicting forces on an institution, that breaches don't occur, so I think we always have to be concerned that information isn't improperly handed over.
    I don't have more questions, Mr. Chair, if you have one you want to jump in with.
     Certainly, if you don't mind, and if that's okay with our colleagues.
    Other than myself, Mr. Boulerice, and Mr. Dusseault, I'm the only member of Parliament at the table who was actually here when these debates were happening in the last Parliament. I'm not going to ask political questions in my capacity as chair. I'm going to be as neutral as I can, but if you'll allow me....
    Madam Minister, in my recollection, the change came about with the change in the U.S. government's administration and with their legislative compliance with their legislation that we came into an agreement with. We've had a long-standing tax treaty with the United States government, but it was about four or five years ago that they started to actively enforce their tax policy, whereas earlier they didn't actively enforce their tax policy.
    The tax policy is that the United States of America taxes citizenship and not residency, which is a difference between Canadian tax policy and the United States tax policy. Would you agree with my assessment?
    In coming to compliance, the Canadian government of the day had to enter into an agreement, as you've aptly pointed out, in order to protect Canadians; otherwise, the banking institutions or financial institutions in Canada would be directly dealing with the U.S. government. There would be no government intervention to provide that bottleneck for the purposes of protecting Canadians' information, had the Canada Revenue Agency not stepped in.
    While you and I may disagree on whether or not the process was done in a way that it should have been done, we both agree at this table that the result that was needed was actually accomplished because the current government seems to be okay with the legislation and the changes that were made by the previous government.
    I'm not here to debate that with you, but during the debates in the House of Commons in the past Parliament, I remember that one of the arguments put forward was that Canada fared very well in its agreement to come into compliance with the American change in policy compared to how other countries did in their negotiations with the United States.
    I would just like some clarification from you, Madam Minister. Do you think that still holds true?

  (0930)  

[Translation]

    As I mentioned a little earlier, Canada had to come to an agreement on FATCA. We had to sign an agreement with the United States. The problem was the process in the House. There should have been open and transparent discussions with all parliamentarians.

[English]

    If you don't have an opinion on this, that's fine. I'm asking for your opinion, or I can have a technical opinion if you're comfortable with your staff answering the question. I'm looking for some clarification.
    Did Canada fare very well in updating its tax agreement? You said, Madam Minister, that there were over a hundred other countries that had to come into compliance.
    Did Canada fare relatively well compared to those other countries, when it comes to our protection of privacy and the nature of the agreement?
    The answer is yes, in terms of limiting the scope.
    For example, excluding TFSAs, RESPs, and the smaller financial institutions that may not have the capacity was important.
    I can assure the committee that senior-level intervention, one level below the commissioner, was necessary to wrest these compromises from the Americans. At more junior levels, they weren't as willing to compromise.
    I do feel Canada got an agreement that works for Canada.
    Thank you very much. I appreciate that answer.
    We can go now to Mr. Lightbound for a few minutes. We've got the minister for about 10 more minutes, and then Mr. Dusseault, and that will finish off our rounds of questions.

[Translation]

    Thank you, Mr. Chair, my question is somewhat along the same lines as the one that Mr. Calkins asked.
    In some countries, banks transmit the information directly to the IRS. What kind of filter does the Canada Revenue Agency have before it sends the information it receives from the banks to the Americans? When a bank decides to transfer information to the Americans, does it go through automatically? Is information sometimes withheld? If so, to what level and to what extent?
    I will ask Mr. Gallivan to answer your question.
    We have established a formula, a kind of filter that determines what we accept. If it does not conform to the data in the filter, we do not accept it. It has to comply with that definition. We make sure of the identity of the financial institutions. We confirm that such and such a financial institution is indeed sending us a request. We want to know the identity of the institution, but we do not check the social insurance number of any people or any business numbers. The information goes to the United States as is. Our work consists in protecting the envelope without looking at what is inside and asking questions about all the details.
    Is there not a risk that a Canadian citizen, for example a citizen with no links to the United States and who is not subject to these factors, may end up in the filter?
    We believe that all the controls are in place. That is why we worked with the Office of the Privacy Commissioner of Canada. It is why we have also established a process of feedback with the banks.
    It is hard to say that it cannot possibly happen. However, as the minister explained, the agency has done a great deal of work and established measures to make sure that it is not going to happen and, if it did, that it could rectify the situation immediately. That is why the agency became involved in the process.

  (0935)  

    The agency still has some manoeuvring room. We know that the agreement was signed previously, under the previous government. Now, the agency could tighten its criteria if it thought that there could be gaps in the future or if there were ever any failures.
    I see that you do not seem to want to express an opinion on that, so I have another question for you.
    At the time, the banks mentioned that it was essential that we have this agreement with the Americans because they were imposing this withholding tax of 30% on the banks. Do we know what that 30% withholding tax, which the Americans threatened to impose on transactions, represents for Canada?
    No. We do not have those figures at the moment.
    I would add that it is not just the money that concerns the banks, there is also the burden of administering the withholding tax on all those funds. Basically, it is about the money, of course, but there is also a lot of work to do in making those deductions.
    That’s all for me.
    Thank you.

[English]

     Mr. Saini, there's about a minute left.
    Mr. Gallivan, I'll direct this question to you. In the minister's opening remarks, she said that there were 92 tax treaties and 22 other tax information agreements in force around the world.
    We have a robust system of information and declaration. When you're dealing bilaterally with other countries and they're asking us for tax information within these agreements, I'm confident that the information that we would provide would be second to none.
    When the CRA asks another country for bilateral information, what guarantee do we have that the information that they're providing to us meets the same high standards we apply when we convey that information to them? That is my concern.
    Do we have a standard that we can apply? The information going out probably meets a high standard, but the information being received from other tax regimes may not meet our standard. How do we assess that the information we're getting is clear and transparent?
    The best way to answer your question is that we don't just take that information and issue a notice of assessment to the taxpayer. The kind of information we're talking about is called risk assessment.
    We're getting a list of people's names and we're saying, “Aha, maybe we should take a second look at these people.” Often what happens in tax authorities is that those lists are compared to other lists. We look for inconsistencies; in other words, we may see significant bank accounts connected to very low incomes. That puts you on a list for a closer review. We'll do a closer review of the information to actually confirm what's going on.
    The assurance I could give you is that we don't blindly take that information and change people's tax returns, but it's one ingredient in helping us decide who to take a closer look at. Then we would work with that taxpayer to kind of confirm the information.
    Is that an inconsistency?
    We've already gone over the five minutes. I hate to be a stickler. I was looking for people to take up time earlier, and now I have to cut people off.
    Go ahead, Mr. Dusseault, for up to three minutes, please.

[Translation]

    Thank you, Mr. Chair.
    Once again, I will be sharing my time with Mr. Boulerice.
    Madam Minister, I would like to ask you a quick question. I would like your opinion. Do you believe that it would be helpful or reasonable to warn Canadians who also have American citizenship in this case, that their information has been transferred to the United States and to give them a copy of that information? Do you think that would be a good idea?
    Do you think that would be a good idea, Madam Minister?
    Do you want to know whether it would be a good idea to send all the information?
    Under our current agreement, people who want to receive information about what has been transferred can get in touch with the agency or with their financial institution and the information will be provided to them.
    Do you not think that it should be automatic?
    As well, on the Canada Revenue Agency website, there is a special section on FATCA and everything that is involved.

  (0940)  

    Do you not believe that people should be automatically informed when the Government of Canada transfers data about them?
    If you want to amend the agreement, you would have to talk to the Department of Finance. That is the department that negotiated the agreement.
    In your opinion, would it not be a good idea to do that?
    The Department of Finance negotiated the agreement. So you would have to check with that department to see if it is possible to change it.
    You have no opinion on it?
    Let me repeat the answer I gave. The Department of Finance negotiated the agreement. The Canada Revenue Agency implements the agreements negotiated by the Department of Finance.
    Thank you.
    Madam Minister, you said that there are very strict measures that protect the confidentiality of private information about Canadian citizens.
    How can you explain the news item today on iPolitcis saying that the TD Bank had sent a letter to some parents because the bank account for their little eight-month-old daughter could possibly be transferred to the Canada Revenue Agency and then sent on to the United States? Is that what we call strict measures that protect the citizens of our country?
    I will let Mr. Gallivan answer that question.
    I believe you are referring to a financial institution that contacted one of its clients to confirm her citizenship. I feel that it is perfectly normal for an institution to communicate with its clients. I believe that, further on, the article in question referred to funds in a registered education savings plan. Our agreement with the Americans excludes those amounts. The article says that any future money in the child’s name for education purposes would come under the agreement, but that really is one of the exclusions that we negotiated with the Americans.

[English]

     We've gone over the time there.
    Thank you very much, gentlemen, for your questions.
    When we came through the rounds... We're almost there, Minister. I hope you can stay. We've got about three minutes left, and I owe the Conservatives four minutes now and the Liberals a minute and a half. How do you guys want to do this? If we have one question here and one question there, is that okay?
    Thank you.
    Minister, yes, we're almost done. There are a few more minutes left here.
    I just want to bring one additional example to the table. In 2012, the hon. member for Bourassa, who's joined us here today, who is also your parliamentary secretary, mentioned—again, that was in 2012—that he'd vigorously fight against a similar change.
     Again, for the record, we have the Minister of Transport, we have the Treasury Board president, we have yourself to an extent, we have a member from Nova Scotia, we have the parliamentary secretary, and we have the Right Hon. Prime Minister who have said that this is something that they do not want, something they do not want to support. However, on October 19, 2015, they had a complete reversal of opinion on it, and again, just to be clear, your position is now that it's because you have had a chance to read through the legislation in more detail than you had before, and that's why there's this reversal of opinions that have been long held going back to 2012.
    Again, Minister, could you just clarify for me one more time this is the position that you take?

[Translation]

    As I said a little earlier, if our government had been in place at the time, we would have taken the time to explain clearly to Canadians and to parliamentarians the reasons why this agreement was being adopted and to discuss it in an open and transparent manner. The problem really is with the process, and the fact that an agreement was rushed through in an omnibus bill more than 400 pages long.

[English]

    It sounds eerily similar to the answer to my last question. It was word for word, almost.
    Is that my time, Mr. Chair?
    That's your time.
    We have time for one more question.
    Mr. Saini, I wanted to make sure I got back to you so you could finish.
     Thank you very much, Mr. Chair.
    I just have a quick question. It's another arbitrary question.
    When the United States under FATCA asks a Canadian institution about a particular bank account, is there a threshold? It can go from zero to whatever, so is there a certain threshold? You talked about the administrative burden for banks, so I'm just wondering what the administrative burden is in terms of the level they're seeking and whether you believe it's an appropriate level.

  (0945)  

    There is an administrative threshold of $50,000 Canadian in aggregate, I believe, from all accounts—chequing, savings, and so on. If somebody were below that threshold, the bank would have the option not to transmit the information.
    Are there guidelines as to what those reasons would be, or is it just the request from the U.S. government? Is it an arbitrary sort of...?
    The threshold I'm familiar with is $50,000.
    I mean below that, though, if there's a question below that. Are there particular points that have to be requested, or is that just...?
    I'm not sure I have an answer to the question. We'll take it back and then try to get you a written response.
    Thank you very much.
    Thank you, Madam Minister, Madam Juneau, and Mr. Gallivan, for coming.
    I want to correct something. I made an incomplete statement earlier when I identified just me, Mr. Boulerice, and Mr. Dusseault as being here from a previous Parliament. Mr. Dubourg was also here in the previous Parliament, and I want it to be clear that I failed to recognize that in my comment.
    We thank you very much for your time and your answers. It was very helpful, I think, not only to us around this table but for Canadians who watching this at home.
    We're going to suspend for a moment, and then we'll hear the Privacy Commissioner's opinions on this matter.
    Thank you very much.
    The meeting is suspended.

  (0945)  


  (0945)  

    We are now resuming, colleagues. Could I have a little order at the table?
    We are continuing on with the motion that was passed a couple of weeks ago to examine the transfer of information and the tax agreements between Canada and the United States. We just heard from the minister, and now we're very pleased to have Mr. Therrien, the Privacy Commissioner, with us here.
    Commissioner, you may open with a statement, and we'll proceed to a round of questions, as I'm sure you're all too familiar with.
    Thank you for being here today, sir.

[Translation]

    Ladies and gentlemen of the committee, thank you for inviting me to provide my views on certain aspects of the tax information exchange agreement between the Canada Revenue Agency and the IRS in the United States.
    The minister explained a little about the legal framework under which this transfer is made. I do not want to repeat what she said, except to remind you that there are two important documents in this matter. We have an intergovernmental agreement, an agreement between the two governments, and we have the provisions of the Income Tax Act that were passed in 2014.
    Under the IGA, the Canadian government agrees to collect certain information on accounts held by Americans in Canadian financial institutions and report that information to the United States.
    This happens in two steps. First the Income Tax Act sets out requirements for Canadian financial institutions to report information with respect to those accounts to the CRA. In turn, the CRA shares this information with the IRS. The IGA is reciprocal in that the CRA also receives information from the IRS.
    In previous appearances before Parliament on FATCA, my office has recognized the long-established practice of information-sharing between nations for purposes of taxation enforcement. For example, the Convention between Canada and the United States of America with Respect to Taxes on Income and on Capital, which lays the foundation to exchange information under the IGA, was signed in 1980. In more recent years, there have been international efforts by the OECD for the automatic exchange of tax information. However, we also conveyed our expectations that information-sharing activities be undertaken in a way that respects privacy rights of individuals. This holds true both for the CRA and for financial institutions
    As we said in our appearance on Bill C-31, which amended the Income Tax Act, as well as in our review of the privacy impact assessment submitted to us by the CRA, we expect there to be limits to the collection, use, and disclosure of personal information, defined retention periods, and appropriate safeguards. For example, all parties involved must limit the collection of personal information to what is necessary and not collect data elements that are not required. This applies not only to the CRA, but also to reporting institutions governed by PIPEDA.
    The use and disclosure of personal information must likewise be limited. The IGA specifically notes that information received under the IGA is subject to protections provided for under the Convention between Canada and the United States of America with Respect to Taxes on Income and on Capital, which limit the use and disclosure to only the collection, administration and enforcement of taxes.
    With respect to retention, as we understand it, the CRA retains its records for seven years, which is consistent with CRA's retention of individual returns.
    With respect to safeguards, we note that the IGA states that exchanges are subject to confidentiality and protections under the Convention between Canada and the United States of America with Respect to Taxes on Income and on Capital. The convention mentions that information received shall be treated as secret in the same manner as information obtained under the taxation laws of that state.
     The CRA is expected to protect personal information from unauthorized uses and disclosures of personal information, especially considering the sensitivity of financial information and the reasonable expectation of individuals that it generally be kept confidential.

  (0950)  

[English]

     My office received a privacy impact assessment from the CRA in August 2015.
     We are pleased that the CRA has adopted all our recommendations: first, reducing its retention period from 11 to seven years; second, educating financial reporting institutions to guard against the risk of over-collection; third, committing to safeguarding information, including the use of specific measures to mitigate risks identified through its threat risk assessment; fourth, updating the privacy impact assessment to reflect all proposed uses and disclosures of personal information and ensuring that these are strictly limited to purposes of tax administration.
    While my office acknowledges the need to combat tax evasion, it is important for the enabling legislation to be clear in the obligations it imposes on all reporting entities, including the CRA and organizations that have FATCA reporting obligations, such as financial institutions.
    For example, the IGA states that unless a reporting institution elects otherwise, accounts under certain thresholds, such as deposit accounts under $50,000—U.S., I believe, although perhaps Canadian—are not required to be reviewed, identified, or reported. However, part XVIII of the Income Tax Act seems to require reporting on all U.S. reportable accounts unless the financial institution specifically designates an account to not be a U.S. reportable account. This leads to a concern: given the apparent discretionary nature of the threshold exemptions, it may not be clear when accounts under $50,000 will be reported to the CRA.
    My office has written to the CRA with follow-up questions following their response to our earlier comments of December 2015. These questions included the number of accounts under $50,000 U.S. they have received and transferred, clarification on how threshold exemptions are applied, clarification with regard to the level of review the CRA performs on records that are transferred to the IRS, and notification of how many records it received from the IRS about Canadian persons. We've also requested clarification as to why the first round of records sent to the IRS was larger than originally estimated.
    In conclusion, FATCA reporting requirements are an example of co-operation among states on tax enforcement. In that respect, FATCA is neither unusual nor objectionable. That said, privacy principles have to be respected and provide balance in the implementation of the arrangement. The IGA and implementing legislation create legal effects vis-à-vis privacy law by creating an obligation to share information without the consent of the individual under the Privacy Act or PIPEDA, the private sector legislation.
    There's also some lack of clarity around questions on reporting threshold exemptions. To this extent, we are again following up with the CRA. We wrote to them earlier this week on these issues as part of our privacy impact assessment review process. Protecting the privacy rights of individuals and advising on improving protections under information-sharing agreements are key parts of my mandate. Given that Parliament has chosen to pass implementing legislation to support FATCA reporting requirements, we continue to strongly recommend that these obligations not be over-broadly applied but appropriately balanced against privacy rights.
    I'll be glad to take your questions.

  (0955)  

    Thank you very much, Commissioner. Those are some interesting points that you've brought up, and I'm sure we'll have some interesting discussion.
    We'll move to the Liberals.
    Mr. Saini is first.
    Thank you, Commissioner, for appearing here again. We appreciate your input in our discussions.
    I want to go back to a point I asked the previous witness. It is with regard to the $50,000 amount. It is not necessarily the amount that concerns me but the discretionary nature in which information can be provided to another entity.
    Do you believe there should be strict criteria? If $50,000 is the threshold, and that's been agreed to, then anything above $50,000 can be parlayed according to the act, but anything below that suggests there should be something in the act to stipulate the criteria that should be in place before this kind of information is parlayed. In your opinion, is that something we should look at?
     The short answer is yes. I would start from the fact that agreements between states to avoid tax evasion are obviously desirable and necessary. A certain amount of information will have to be shared between states to prevent tax evasion. However, the type of information, the clarity of the criteria for sharing of information, the measures that should be taken to guard against privacy breaches—all of these are the privacy conditions under which what is a reasonable agreement in principle would properly balance tax information purposes and privacy purposes.
    Here, the threshold is presumably an accommodation that Canada was able to negotiate with the U.S. government in terms of exemptions to reporting, so the threshold of $50,000 exists. However, point one is that it's not clear how it's applied. There seems to be a discrepancy, in that the IGA, according to our reading, appears to say accounts under $50,000 need not be transferred, while the Canadian federal Income Tax Act seems to require that all accounts be provided except as determined by the reporting institutions.
    Therefore, how firm the $50,000 threshold is and how it's applied is not clear. That leads to ambiguity and the risk of over-reporting of information.

  (1000)  

    My second question is similar to the one I asked the previous witness.
    According to the minister, Canada has 96 tax agreements around the world. My worry always is that when someone asks us for information, we have a robust regime of making sure the information is privately maintained or will not be disseminated widely. What guarantee do we have on this aspect when we're dealing with other tax regimes in other countries, where privacy may not be as robust? Do we have some sort of mechanism whereby we can measure that for Canadian information that is being sent somewhere else around the world? Do we have some genuine confidence that the information cannot be disseminated? How do we determine that? Do we have any gaps?
    Do you mean sent from or to other states?
    I mean information sent to other states.
    Under this arrangement, the information that is sent to another state is sent to the U.S. There may be other arrangements whereby Canada sends tax information to other states in order to gain reciprocity. In terms of the information sent to other states, the guarantees are the guarantees that would be offered by the CRA, I would assume.
    In terms of the adequacy of the information received by Canada from other states, the official from the CRA told you that this information is then checked to determine whether or not—and the answer may be not—there's a tax assessment against the Canadian. As to what kind of information the CRA receives in return from the U.S., or, to your question, potentially from other states, that's a question we've actually asked of the CRA: what kind of information do you receive, and is there over-collection of information in relation to tax agreements that Canada may have with either the U.S. or other states?
    We don't have that information at this point, but it's a question we have asked of the CRA: what measures do you take to ensure that the information you receive in return from other states is not over-collection?
    I have just one final question.
    What obligations, if any, do other countries, such as the United States and the U.K., have when it comes to protecting foreign data? How are these obligations created and monitored? Do we have some sort of comparison with other countries in terms of what our regime is like?
    There are no formal international rules on these questions. All institutions, public and private, have an interest. To the extent that there's legislation in these countries and in the countries you have mentioned, there are legal requirements to protect information. It's a question of the legal regime that's in place. In the U.S. there are provisions that require institutions to protect information properly.
    It certainly could be part of an agreement between Canada and another state to ensure that once the data is sent to the other state, it is properly safeguarded. It's a question of either national laws or potentially the content of an agreement reached between Canada and another state.

  (1005)  

     There's still about a minute left.
    Go ahead, Mr. Bratina, please, quickly.
    Can I ask a question on the follow-up that your office has written to the CRA? You asked how many accounts are under $50,000 U.S. and you requested clarification as to why the first rounds were more than originally estimated. Have you received the information yet? When did you ask for the information? Are you still...?
    The sequence of the correspondence is that the CRA sent us their privacy impact assessment in August of 2015, and we responded in December. They adjusted their rules about two weeks ago. We received that letter two weeks ago, and we wrote earlier this week to ask these questions. Among the questions are clarification around accounts below $50,000.
     On the other point you were mentioning, when we were having earlier discussions with the CRA on their estimate of how many accounts would be sent by Canada to the U.S. under this regime, the estimate of the CRA was for slightly under 100,000 records. The number of records actually transferred was more in the order of 150,000, so we have no way of knowing what are the reasons for this and whether they're accurate, legitimate, or incorrect. Among the questions of clarification, we've asked them to please explain why their estimate did not turn out to be true—was it simply because they were underestimating, or are there other reasons to explain the difference between their estimate and what actually happened in practice?
    Mr. Bob Bratina: Especially in the order of the numbers—
    Mr. Daniel Therrien: Yes.
    We're well over the time now. I'm sure we'll have a chance to follow up, Mr. Bratina.
    Go ahead, Mr. Kelly, please, for up to seven minutes.
    Thank you again for coming to our committee once more.
    You mentioned that you expect there to be limits to the collection, use, and retention of personal information and that all parties must limit the collection of personal information to what is necessary. Do you have examples, or can you provide some examples of personal information that might be collected for tax purposes that you do not consider necessary to collect and that you would like to see excluded from information-sharing agreements?
    An example would be these accounts under $50,000.
     Again, you start from the principle that it is legitimate for the two states, Canada and the U.S., to share information to avoid tax evasion. In order for Canada to obtain information from the United States, we have to provide some information to the United States in reciprocity.
     The purpose of the whole scheme is to ensure that the tax regimes of both Canada and the U.S. are applied properly, yet the arrangement provides for certain exceptions. You've heard tax officials refer to some of them having to do with TFSAs and so on and so forth. Even though the rule is exchange of information for tax purposes, the arrangement provides for certain exemptions, including this question of whether or not accounts under $50,000 should be reported.
    The rules should be clear. What happens to records under $50,000? If the rule is that they should not be reported, then that would be an example of information that theoretically would be relevant to a tax assessment and that should not be and would not be necessary to be transferred, because the arrangement so provides.
    With respect to retention periods for information, do you have any suggestion on how to require that these or any other aspects of our agreement be enforced? We heard from the minister that ceasing the reciprocity of our agreements is the one threat that we have. Are there other means, though, other than that, to ensure, to require, or to enforce respect for retention periods—for example, from the IRS—for information that's been shared under the agreement?

  (1010)  

    From the privacy perspective, the retention issue relates to, again, the ultimate purpose of the arrangement, which is to avoid tax evasion. The two governments share information for that purpose and should only retain that information for a period that is necessary for the other government to actually take tax enforcement action.
     Normally in Canada the information is retained for seven years. Originally, the information shared between Canada and the U.S. was retained for 11 years. We asked the CRA to justify that period. They have agreed, in their response to our comments of December, to reduce the period from 11 to seven years. We think seven years is a reasonable period.
     My question was more about ensuring reciprocity. Do we take any steps to verify or assure ourselves that the IRS respects our notion of an acceptable retention period and that they in fact destroy or otherwise not have use of information for a period that exceeds what we would consider to be appropriate for retention and use of the information?
    I don't believe we have asked for clarifications along those lines, but they are certainly relevant. We will check on the content of the IGA. If the agreement does not speak to this aspect, we will ask these questions of the CRA.
    What remedies or recourse do Canadians, whose information has been shared with the IRS under the IGA, have if the IRS breaches their privacy through improper disclosure? Is there any remedy or recourse available to Canadians?
    I would start with what recourse there would be for improper disclosure, either by Canadian institutions or the CRA. Canadian financial institutions normally would have to keep the information of their clients secret, but the arrangement provides the legal basis for them to share information with the CRA with a view to sharing it with the IRS.
    If there is something wrong, and if there's oversharing of information, PIPEDA would be a ground to invoke. In terms of oversharing by the CRA to the IRS, the Privacy Act could be invoked.
    If on the American side, there is something untoward that is happening, again we will have to look into this question.
    In July 2015 there were reports of a cyber attack on the United States government's computers that contained the records of some 20 million current and former holders of United States security clearances, as well as their friends and families, which was a disturbingly large breach of privacy in the United States.
    Can you comment on whether any Canadians had their privacy breached in this incident and what recourse...? I guess you've answered that question in that we're not sure what recourse a Canadian would have under American law, but is there one under Canadian law, perhaps? Is this an area where the IGA and other information-sharing agreements address security of information adequately?
    We have asked along those lines for the CRA to give us information about the threat assessment or the risk of breach assessment that they are conducting. We have not received that information yet, and it will be part of the next round of information that the CRA has promised to give us by the fall of 2016.
    So we don't know yet.
    That's seven minutes, Mr. Kelly.
    We are now moving on to another seven-minute period. We'll start with Mr. Dusseault.

[Translation]

    Thank you, Mr. Chair.
    I'd also like to thank the commissioner, Mr. Therrien, for being with us this morning to discuss this important issue.
    As I told the minister at the beginning, what really caused us to question this was the fact that your assessment and your recommendations came out after the information was transferred.
    So, right off the bat, I'm going to ask you the same question. Do you think it was an appropriate practice for a government agency who asked you to provide your opinion and recommendations on the issue to go ahead and transfer the information to a foreign government, without waiting for them?

  (1015)  

    I'll start with some general comments and, then, I'll speak specifically to the transfer of information that occurred.
    In his answer earlier, Mr. Gallivan told you that, in addition to the correspondence that was exchanged, a certain number of meetings between the CRA and my office were held before the PIA was actually passed on. That is entirely true. We had two or three meetings prior to our correspondence.
    Treasury Board policy on PIAs does not state that the commissioner's office has to have given its approval or input before a new program can come into effect. I think the CRA acted in accordance with the policy in effect, in doing what it did. We did meet a number of times and we did correspond in August, one month before the information was transferred. Three months after our correspondence, we provided our comments. All of that is acceptable under the Treasury Board policy.
    Generally speaking, is that the best way to proceed? No, it's not ideal for departments to be able to adopt and implement new programs before receiving a formal opinion on the privacy implications from the commissioner's office. But that's the system we have in place.
    I would add that the commissioner's office recommended amendments to the Privacy Act, as the members of this committee are well aware. And one of those recommendations sought to make the obligation to conduct PIAs a statutory requirement, as opposed to a policy one. The idea was to give the process more teeth and, ideally, ensure that the comments of the commissioner's office are taken into account before any new program comes into effect.
    Thank you. That's an informative answer.
    During that process, did you ever have access to a copy of a file or all 155,000 records? If not, you had to take the word of the CRA officials who explained the content of the records to you. Is that correct? Did you get a copy to make sure that the CRA was indeed following the rules on the protection of personal information?
    The question we asked was of a general nature. If we had reason to believe that the regime was not properly applied, we could conduct an audit under the Privacy Act, but we aren't there yet.
    I'll have another question a bit later, but right now, I'm going to turn the floor over to Mr. Boulerice.
    Thank you, Mr. Therrien, for joining us this morning.
    A little while ago, my colleague asked a very interesting question about the limits around the collection of information. During your opening remarks, you talked about limiting the information collected. You gave the example of accounts under $50,000 possibly being exempted, if I understood correctly. Other than cases where dollar thresholds are used, can you give us any examples where information should not be transferred? I don't mean when it comes to dollar amounts but, rather, in terms of the protection of personal information.
    Technically speaking, the Privacy Act authorizes the sharing of information for all the purposes listed in the agreement between the two governments. Once again, the purpose of the agreement is to combat tax evasion. Provided, then, that the information is shared for the purpose of preventing tax evasion, the CRA can transfer that information to the American government under the agreement. Because an agreement exists and because the Income Tax Act provides for that, the sharing of information is allowed under the Privacy Act. I mentioned accounts under $50,000 because the rules around that are not clear.
    To pick up on an earlier discussion with the minister and the government officials, I would say that, although the sharing of information is allowed to verify that tax evasion was not committed, it is also important to make sure that the two governments do not share information beyond what is set out in the agreement. That's one of the things we've asked the CRA about because there still isn't a clear answer on the matter.

  (1020)  

    I was just going to ask you about your oversight or auditing authority over the content of the information that is shared.
    What you're telling us is that you ask the questions, but the answers aren't clear.
    We haven't yet asked that question, specifically, but the developments we've seen in the situation overall have led us to do so now. We will receive information from the CRA, and, once again, if the answer is satisfactory, we will say so. If, however, the answer isn't satisfactory, we do have the authority to take a deeper look at things.

[English]

     We only have about a half a minute left, but I thank you for your good use of time.
    Mr. Bratina is going to start us off now.
    Thank you.
    Coming back to the questions that you had for CRA and so on, we had the Swedish ambassador discussing access to information in Sweden, and the generally accepted response time there was today. I understand that the questions that you've asked don't involve data on a piece of paper and just handing the paper over—someone's got to think it through—but what would you anticipate?
    I'm thinking of the public trying to get access to information. We have the Privacy Commissioner trying to access information, so I'm just curious to know what you anticipate would be a timely response to your inquiries.
    It would be a few weeks, or months at the most.
    I loved the clarity of your presentation. You note that part XVIII of the Income Tax Act seems to require reporting on all U.S. reportable accounts unless the financial institution specifically designates an account to not be a U.S. reportable account. There are financial institutions like the Lehman Brothers and others I could mention that may not have been exactly clear on how they conducted their business. In this case, they don't forward accounts under $50,000. They just say that it isn't reportable. How would we ensure that a zero wasn't accidentally left off an account so that it could escape the scrutiny of the process?
    I guess my direct question is—and it goes back to “seems to require”—why the Income Tax Act would be so grey and unclear in its wording. One would presume that a lot of very smart people work on these things and review them. Someone should be able to see that there's a soft area in this reporting. Is it a recommendation that you would have that we review and revise these matters to ensure clarity?
    From a privacy perspective, there's no question that clarity would be be extremely desirable here. If I can speculate on how we got where we are, I would go back to the fact that the purpose of the agreement is to avoid tax evasion, and it may be that tax evasion will occur for accounts under $50,000. That's possible, so an agreement was negotiated between Canada and the U.S., and the sum total of the agreement and the Income Tax Act is unclear. From a privacy perspective, that's highly undesirable, because citizens do not know, if they have accounts totalling less than $50,000, whether their personal information will be transferred or not to the CRA and, ultimately, to the IRS. From that perspective, clarity would be extremely desirable.
    Thank you.
    It baffles me that we have so many resources within the government, yet we constantly have to review. That's what we're doing here to achieve a better outcome. We hear from other jurisdictions that seem to have solved some of these problems.
    I have to go back to the fact that just simply having another third party determine whether something is reportable or not should be a simple matter, especially in view of so many of the financial scandals that have occurred around the world and so on. You may not need to answer this, but wouldn't it seem to you to be a simple matter to review the information and apply the correct remedies in terms of the wording so that we don't have to sit here and have these discussions at this level?

  (1025)  

     I don't have anything more to say.
    There are still two and a half minutes.
    Go ahead, Mr. Saini.
    Mr. Therrien, I have a quick question for you. So far this morning we've concentrated on individual personal accounts, but the FATCA also includes commercial accounts for commercial enterprises. Because that information is also privy to the agreement, in your estimation, do you feel that commercial information that is sent to the United States would be secure? Do you think that's the proper route, or should there be some other provision made for those accounts that are business accounts or commercial accounts?
    I'm afraid that goes beyond the scope of my jurisdiction. Commercial information is not information about individuals. The jurisdiction I have is to look at the personal information of individuals in Canada.
    What is your opinion?
    Obviously, there should be rules to ensure the safety of the information, whether it's commercial or personal information.
    Mr. Lightbound is next.
    One question I asked the minister earlier is her assessment of the risk for Canadians who are not in any way, shape, or form linked to the U.S. to be caught up in that agreement. What's your assessment of that?
    I think that's a tax policy question at the end of the day. Certainly from a privacy perspective, the fact that information is shared with the U.S. is an exception to the rule, but the exception to the rule is justified by the desirability of avoiding tax evasion. In terms of privacy, what I expect is for the objective to be clear and legitimate.
    Avoiding tax evasion is legitimate. How do you define the information that will be shared with the U.S. for that purpose? A certain choice was made. You've heard from the minister and officials on the fact that there was some negotiation with the Americans on what information would not be sent to the U.S. government despite the general objective. I note that according to the rules and the compromise reached, there are people whose link to the United States is, I would say, tenuous, such as people who are dual citizens, citizens of Canada and of the U.S. whose U.S. citizenship may be due to their parents. They may never have worked in the U.S. You can imagine the number of circumstances in which the link of a U.S. citizen subject to this reporting requirement is tenuous.
     From a privacy perspective, once the agreement is reached, it's all right for the information to be shared with the U.S. Would it be desirable that a different agreement had been reached? Probably, but this is the agreement we have.
    Thank you very much.
    We've gone upwards of eight minutes in that round. We now move to the five-minute rounds and Mr. Jeneroux. We only have about 15 minutes left. If we can get through these relatively quickly, we can make sure that every party has an opportunity to ask a question.
    I guess that's my first question to you, Mr. Chair. We're quickly encroaching on our time towards the end of the committee. In the last committee meeting we also went right to the end. I'm hoping that we still have some time at the end. Is that the plan?
    The clerk has asked me for a few minutes at the end to get some motions from the committee. There is some committee business that we have to do. I suggest that if we have useful questions, we ask them, and if we don't have useful questions, we should wrap it up as quickly as possible. I'll leave it up to your discretion whether or not the questions are useful.

  (1030)  

    All right. I have some very useful questions, Mr. Chair.
    I honestly have just a quick question for clarification. September 30, 2016, is the next transfer of records between the IRS and the CRA. Some of the concerns that were raised here are that a number of Canadians whose banking records were transferred were not notified. Is that possible at all between now and that date? Do you see it as being possible to notify these Canadians, or is the current legislation such that there's not a chance that they'll be notified?
     I would distinguish between two stages in this information sharing.
    Normally, in terms of privacy, the information that a government institution receives should be directly from the individual concerned. Here, there is an intermediary, which is the financial institution, but that is provided for under the arrangement and the agreement. Although an exception to the general rule, it is an exception that is authorized by law. Should information on funds owned by a U.S. person be collected by somebody other than a U.S. person? By law, the answer is yes, it can be collected from a financial institution.
    The question that was asked earlier this morning was this: assuming this regime, should the CRA inform the individuals in question that their information has been shared with the IRS? I think there is no reason why not. What we heard is that under access to information provisions, if somebody makes an access request, he or she will be entitled to that information, and that is absolutely true. If that is true, then why not provide a mechanism that provides for more systematic information being given to individuals?
    Mr. Kelly, do you have anything? There is a bit of time left.
    Keep it moving.
    I am going to keep it moving, then.
    We'll go back to the Liberals. Is there anybody here who has any questions?
    No? We're good.
    Is there anybody from the NDP who has any questions?
    Mr. Dusseault, go ahead.

[Translation]

    Thank you, Mr. Chair.
    I wanted to come back to automatic disclosure.
    We asked the minister and the officials for clarification through a question in the order paper. The only answer we got was that concerned Canadians should already be aware of this because their banks should have informed them. We were told that if people needed more information, they could consult the FAQs on the Canada Revenue Agency website. We were also told that one of the only ways for Canadians to obtain information and have access to their file was by making a request directly to the agency.
    We think that Canadians are fully justified in having access to their personal file.
    Do you think it would be possible to put in place a mechanism that would automatically inform the people concerned that information about them had been sent to a foreign government? I'm talking about a foreign government because, in a case like this, it's important to know.
    Is that possible? Currently, there are 155,000 files, but there might be 200,000 by September 30, 2016. We don't know. Is it reasonable to do that?
    It's a matter of discretion. The agency is not required to do anything other than what it did, meaning, to inform the population in general through its website and to respond to access requests under the Privacy Act. The agency meets the minimal requirements of the act.
    Would it be possible? That certainly requires some effort, but we know that the government wants to make it easy for Canadians to obtain access to information. It's something that might fit in with this objective.
    Is it easy to institute, technically speaking? You'd have to speak to the Canada Revenue Agency about it. I imagine that there are electronic ways so that once the information is sent, the agency could inform the individual concerned without it being too complicated. The matter should be studied in more detail.

  (1035)  

    Could you confirm that you will provide the committee with a written submission on the legal protections of Canadians in the United States? As mentioned, there have been privacy breaches in the United States. Files have been hacked.
    We would like to see you again to find out about the recourse for Canadians whose file might have been compromised.
    Absolutely.
    Thank you.
    Mr. Chair, does Mr. Boulerice have time to ask any questions?

[English]

    We are pretty much right there, Mr. Dusseault, as far as the three minutes are concerned.
    I am just going to ask one point of clarification from the commissioner.
    Commissioner, you said that because of the discrepancy in the $50,000, there was a concern that there might be over-reporting. However, that same discrepancy might also result in under-reporting, would you not agree?
     The fact of the matter is that the rule is unclear, and that leads to uncertainty as to whether the information should be disclosed or not. I think this is undesirable.
    Yes, perhaps it could lead to under-reporting in the sense that if the threshold did not exist, all financial institutions would be reportable, so you're correct from that perspective. Still, Canada negotiated an agreement whereby this threshold was adopted. I'm suggesting we should follow through and clarify and ensure that information under $50,000 is not shared.
    I'm certainly not going to dispute that with you, but there could be a better-case scenario rather than always the worst-case scenario in certain circumstances. Either way, Mr. Commissioner, we thank you very much for your time here today and for clarifying this very important issue.
     I know that as an MP previously, my office was inundated with many concerns. I was surprised to find out how many U.S. citizens I had living and working in my riding. Some people who had never even worked, as you aptly pointed out, for one minute in the United States were getting tax assessments. It caused a lot of confusion, and there was a lot of frustration on their part.
     I'm glad we had some more clarification today at this committee. I thank you for your time, sir.
    Colleagues, that ends the part dealing with the motions that brought about this one-day study.
    I need a couple of motions to be approved in order for us to continue our studies on the access to information and privacy legislation. I need somebody to move that a proposed budget in the amount of $22,500 for the study of the Access to Information Act be adopted. Could I have somebody move that, please?
    Mr. Alexandre Boulerice: I so move.
    (Motion agreed to)
    The Chair: In the same vein, with the Privacy Act study, we need a motion that a proposed budget in the amount of $22,500 for the study of the Privacy Act be adopted. Could I have somebody move that motion, please?
    Mr. Bob Bratina: I so move.
    (Motion agreed to)
    The Chair: Thank you very much. I appreciate that, colleagues.
    I think that takes us to the end of our work for today. I'll just simply advise—
    Go ahead, Mr. Smith.
    As we know from the President of the Treasury Board and our previous discussion of the ATI Act, changes are seemingly going to be made in the fall with respect to some items in the mandate letter and in our election platform, and there will be a broader review of the act going forward.
    I suggest, so that we have a greater impact at this committee, that at the very least we aim to issue an interim report on the ATI Act by the end of this sitting in June. I propose we stand down any further studies and focus completely on the ATI Act so that we can get something out the door that may then be of use to the President of the Treasury Board when he goes to make changes in the fall.
    Mr. Erskine-Smith, I take it you are proposing a change in our current work plan involving both studies. Did I hear you move a motion?

  (1040)  

    I will formally move that this committee study only the Access to Information Act going forward and that we issue a report, be it an interim report or a final report—we can make a determination at a later date—in June to assist the President of the Treasury Board in his amendments to the Access to Information Act in the fall.
     I would further move that the subcommittee meet next week to establish a work plan and amend the current work plan to get that done.
    Just so I'm clear, you're moving a motion to change the work plan now, and at the same time you're suggesting that the subcommittee meet to do the same thing.
    It's to establish a work plan and come back to this committee with a complete work plan for the end of June.
    Your motion is, then, to instruct the subcommittee to meet at its earliest convenience to revamp the work plan and then report back to this committee and adopt it.
    We're not going to be able to do that before Thursday of next week, I don't think, which is a slated day, according to motions we already have to do this.
    My advice to the committee is that since we have a few minutes here, maybe we don't need to meet as a subcommittee.
    I'm fine with that.
    Let me just ask the question. Is there general consensus at the table to do this?
    Go ahead, Mr. Jeneroux.
    Yes, I'm glad you guys are on the page today with.... It seems to have scooped us, the budget there.
     However, we do have the President of the Treasury Board coming before us. Before we go down that road, I personally would like to hear at least from him. We have invited him. He's planning to come.
     If at that point we see that, yes, he's open to our feedback.... I'm not, I guess, entirely convinced that he is at this point. If that's the case, if he is, then at that point I think we'd unanimously support focusing entirely on what we could do to help him, going forward.
     What I'm hearing, Mr. Erskine-Smith, is that there's support for either a friendly amendment to your motion or support for the motion whereby the subcommittee would meet and review this motion, with some folks at the table wanting to hear from the Treasury Board president first before we make a determination.
    We have general consensus but some technical differences.
    Go ahead, Mr. Boulerice.

[Translation]

    Although I accept the proposal that we focus our efforts and time on the Access to Information Act, in the NDP, we don't think we need to put on a straitjacket and remove all flexibility in the coming weeks, between now and June.
    I would leave it to the committee to make its own decisions without limiting itself.

[English]

    Mr. Lightbound.
    Essentially the only thing we're proposing is that until June, instead of having the Thursdays dedicated to the Privacy Act, we study the Privacy Act next session when we return in September. We would allocate our time instead to ATI, because it could be more useful to the government to have recommendations or at least an interim report when we return in September.
    I don't think we're changing a whole lot here. We'd just be focusing on ATI so that perhaps we can get something done that is going to be useful in informing the government and the House as it moves forward.
    For the edification of members of the committee, I have the schedule before me.
    We were going to the end of June. We will likely meet 16 more times, providing we sit until the end of the session, which means we potentially have eight more meetings on access to information and potentially eight more meetings on the Privacy Act.
    The committee has given me great flexibility, but sometimes we don't get the right witnesses and we move things around. We still have estimates to do as well. I propose that we do the estimates in the week after we come back from the next break week.
     I would propose that on one of the days, the Tuesday, we have the two commissioners come in and we'll go through the estimates with those two commissioners. Then on the Thursday we could bring in the other two commissioners and go through the estimates with those commissioners.
    Is everybody okay with that? They are booked for the 3rd and the 10th. Both happen to be Tuesdays.

  (1045)  

    Just to be sure, are we still working on having witnesses for the 19th and the 21st of April?
    Sorry; you're right, Mr. Lightbound. Yes, on Tuesday, April 19, we have witnesses coming for the Access to Information Act. We do not yet have any more witnesses for the Privacy Act on the Thursday.
    The motion would be easy to adopt, because we wouldn't have to adjust an existing work schedule and we wouldn't have to cancel on anybody.
    That's even better.
    We do have the Privacy Commissioner coming back, but that's understandable.
    Mr. Jeneroux.
    I'm not trying to be difficult here by any means, but I feel that if we do adopt the motion now, we lose that flexibility.
    Say, for example, the President of the Treasury Board comes in and gives us the sense that he's going full steam ahead with this, and we're not comfortable that our opinion is going to be heard. At that point I would think it would be more beneficial to us to move on to the Privacy Act versus staying on with the Information Commissioner.
    We're only debating about one Thursday. You're saying it's only one Thursday when we're not looking at the Privacy Act, but from our side it's one Thursday that we're giving up the flexibility for the rest of this session and we're not going to look at the Privacy Act at all. On our side of the table, we just want to keep that flexibility open.
    By my records we're giving up Thursday the 21st, Thursday the 12th, Thursday the 19th, and then Thursday the 2nd, 9th, 16th, and 23rd of June.
     I'm saying in between now and when the minister comes.
    Yes, sorry; that's true. I'm trying to do four things here at once, colleagues. Bear with me.
    The other thing that I'll advise you is that if we're going to do this, then we need to provide time and instructions to our analysts so they can prepare an interim report. If we were to reschedule the workload, I'd suggest to you that if we met until the 7th or 9th, we would probably exhaust our witness list anyway and we would be looking at a final report. We would probably be much closer to a final report than an interim report.
    That's my opinion. I don't know if that will be the case.
     That's why I say I would aim for a final report, but if we determine at the time that it's to be an interim report so that we can provide something to the minister, so be it. I think the goal should be to have a comprehensive report.
    We have a motion on the floor. We're running out of time, colleagues. I don't want to drop the gavel and end the meeting.
    Let's have a vote.
    Do you want to vote on it, or shall we meet as a subcommittee and come back with a proposal?
    I think we should vote on it now, given the short time and given we have to get going on this matter.
    To be clear what we're voting on, we're voting on an actual motion to change the work schedule rather than to meet as a subcommittee. The motion is that we suspend the study of the Privacy Act Review and we dedicate all future meetings until the end of June to the Information Act review.
    Are we clear on what we're voting on?
    Some voices: Yes.
    (Motion agreed to)
    The Chair: Colleagues, we have to go. I will look forward to seeing you.
    The meeting is adjourned.
Publication Explorer
Publication Explorer
ParlVU