Skip to main content
;

CIMM Committee Meeting

Notices of Meeting include information about the subject matter to be examined by the committee and date, time and place of the meeting, as well as a list of any witnesses scheduled to appear. The Evidence is the edited and revised transcript of what is said before a committee. The Minutes of Proceedings are the official record of the business conducted by the committee at a sitting.

For an advanced search, use Publication Search tool.

If you have any questions or comments regarding the accessibility of this publication, please contact us at accessible@parl.gc.ca.

Previous day publication Next day publication
Skip to Document Navigation Skip to Document Content






House of Commons Emblem

Standing Committee on Citizenship and Immigration


NUMBER 022 
l
1st SESSION 
l
41st PARLIAMENT 

EVIDENCE

Thursday, February 16, 2012

[Recorded by Electronic Apparatus]

(1530)

[English]

     Good evening. This is the Standing Committee on Citizenship and Immigration, meeting number 22. It is Thursday, February 16, 2012. Pursuant to Standing Order 108(2), the orders of the day are a study of “Standing on Guard for Thee: Ensuring that Canada's Immigration System is Secure”. This meeting is televised.
    For the first hour, we have three witnesses.
    We had the Canada Border Services Agency people here earlier in the week. I understand that Mr. Geoffrey Leckey, who is the director general of intelligence and targeting operations for the Canada Border Services Agency, will not be making a presentation. It has already been done, I guess.
    We also have the representatives from the Canadian Security Intelligence Service. Mr. Tom Venner is executive director of the general security screening branch. I will be asking you shortly, sir, to make a presentation, for up to 10 minutes. We'll try to stick to that.
     Finally, we have two representatives from the Royal Canadian Mounted Police. We have Ms. Shirley Cuillierrier. Is that close?
    She is the director of immigration and passports. We also have Mr. Todd G. Shean. I suppose I should be calling you officer. You probably have some other title. You are the assistant commissioner of federal and international operations.
    I'd like to welcome you all to the committee for this study, which we have basically just started. We thank you for coming and contributing to the committee.
    I will ask Mr. Venner to make his presentation. Thank you, sir.
    Mr. Chair and honourable members, good afternoon. I am pleased to be here today to explain the role of CSIS in supporting Canada's immigration system.
    As part of our mandate, CSIS assists the government in preventing individuals who pose a threat to the security of Canada and Canadians from entering or obtaining status in this country. Maintaining the integrity of our immigration system is a vital part of strengthening Canada's security environment. The service's security screening program serves as a first line of defence against threats such as terrorism and espionage.
    Using the security-related provisions in the Immigration and Refugee Protection Act, or IRPA, we assess whether visitors, refugee claimants, prospective immigrants, or potential permanent residents are, or are reasonably believed to be, foreign agents involved in terrorist organizations or people engaged in other violent activities. Advice on individuals of concern is then provided to our colleagues at the Canada Border Services Agency to help inform their recommendations. Our aim is to ensure that those who are inadmissible to Canada for security reasons are identified as early as possible in the process and are prevented from entering Canada.
    To be clear, we do not make or enforce immigration decisions. That is left to our colleagues at CBSA and the Department of Citizenship and Immigration. Our job is to identify potential threats and to provide related advice to government.
    To give you a scale of our activities in relation to Canada's immigration system, during the last fiscal year alone, CSIS received close to 200,000 citizenship screening requests, approximately 79,000 permanent residence screening requests, over 71,000 visa vetting requests, and over 17,000 refugee screening requests.
    Many national security reasons can disqualify individuals from entering Canada. Activities such as terrorism and espionage, for example, are undeniable threats to our national security.

[Translation]

    Terrorism—especially Islamist extremist violence—remains the greatest threat to the security of Canada and Canadians. Some individuals with ties to terrorist organizations may attempt to come to Canada, whether it is to export their extremist ideology to Canada, carry out violent attacks within our borders or use this country as a refuge while they plan attacks against other countries.
     Canada is also an attractive target for espionage activities—be they of a political or economic nature—and foreign agents continue to seek to enter Canada to conduct covert activities detrimental to the country.
(1535)

[English]

     Perhaps less well known, activities related to the proliferation of weapons of mass destruction are also conducted in Canada. Individuals may seek to come to Canada to acquire knowledge or procure material that can then be used to develop illicit weapons programs in other countries.
    Finally, the service also investigates illegal migration networks where there is a suspected nexus to terrorism. Ultimately, the objective of these investigations is to prevent illegal migration ventures from reaching Canadian shores, but when they are successful, CSIS then plays an important role in screening the new arrivals against admissibility criteria.
    To summarize, Mr. Chair, there are real threats from abroad to the security of Canada and Canadians, and individuals who represent such threats need to be prevented from gaining entry or status in this country. We at CSIS play an important role in identifying these threats early and in supporting decision-makers at CBSA and CIC in determining admissibility and status.
    Together with our partners, we work diligently to improve the efficiency and effectiveness of Canada's immigration system in order to ensure that it is not exploited by people acting against the interests of this country.
    With that said, Mr. Chair, I will end my remarks. I will be pleased to answer any questions.
    Thank you.
    You'll be very popular with my colleagues, sir, because your remarks were short. Thank you.
    We now have Assistant Commissioner Shean.
     I thank the committee for allowing me to appear before you today and for your efforts to enhance and improve the integrity of Canada's immigration system.
    My name is Todd Shean. I'm the assistant commissioner of federal and international operations for the RCMP.
     I will focus my brief remarks on the RCMP's role in helping to protect the integrity of Canada's immigration system, including supporting Citizenship and Immigration Canada and the Canada Border Services Agency in determining the admissibility of foreign nationals who wish to come to Canada under the provisions of the Immigration and Refugee Protection Act.

[Translation]

    As Canada's national police force, the RCMP works closely with Citizenship and Immigration Canada, the Canadian Security Intelligence Service, the Canada Border Services Agency, as well as domestic and international partners, to secure Canada's borders and to protect the integrity of our immigration system and maintain public safety.

[English]

    One of the ways this is accomplished is through the investigation of immigration offences. This is a shared responsibility between the RCMP and the CBSA. The CBSA is the lead agency responsible for investigating most offences under the Immigration and Refugee Protection Act, including general offences, misrepresentation, counselling misrepresentation, smuggling, and document fraud.
    The RCMP has a responsibility to combat serious and organized crime by developing and implementing strategies to disrupt organized crime threats.
     As part of the continuum of investigations into immigration-related offences, the RCMP has primary responsibility for the investigation of offences under the Immigration and Refugee Protection Act involving criminal organizations or national security, such as organized human smuggling, trafficking in persons offences, and those investigations requiring the employment of special police techniques.
    The RCMP is also responsible for investigation of Citizenship Act offences and Criminal Code offences, such as fraud, forgery, uttering forged documents, trafficking in persons, and conspiracy.

[Translation]

    However, the investigation of criminal offences is only one of the ways the RCMP is involved in protecting the integrity of Canada's immigration system. Security screening helps prevent persons who are, or have been, involved in serious criminality, organized crime, war crimes or criminal activities related to terrorist offences, from entering or remaining in Canada. If allowed to enter or remain in Canada, those individuals threaten the integrity of the immigration system and represent a potential threat to public safety.
(1540)

[English]

     The RCMP is a service provider to CIC for security screening and immigration applicants across the spectrum of immigration streams. The RCMP Canadian Criminal Real Time Identification Services provides security screening in support of permanent resident, citizenship, and refugee immigration programs. Applicants are checked to see if they have a criminal record in Canada that renders them inadmissible under the provisions of the Immigration and Refugee Protection Act.
    There are two kinds of screening activities undertaken by the Canadian Criminal Real Time Identification Services. One is name-based checks, where applicants' name and date of birth are compared against the Canadian criminal name index to see if they have a criminal record. The second is fingerprint analysis. In support of the name-based checks, the Canadian Criminal Real Time Identification Services also conducts fingerprint-based criminal record searches. If, after a name-based check is completed, there is a possible match to a criminal record, the individual making the application is required to submit fingerprints. The fingerprints are compared with those associated with the criminal conviction to confirm or verify the identity of the individual making application for permanent residency or citizenship.
    In the fiscal year 2010–11, over 24,000 fingerprint submissions were processed in support of permanent residency applications. Of these submissions, approximately 24% hit a fingerprint record. In fiscal year 2010–11, over 19,000 fingerprint submissions were processed in support of Canadian citizenship. Of these, approximately 31% hit a fingerprint record. A hit occurs when the fingerprint or name-based check matches an existing record.

[Translation]

    The RCMP also works with security partners to help ensure the integrity of the refugee determination system. The RCMP currently conducts fingerprint analysis for criminal records on all refugee applicants referred to them by Citizenship and Immigration Canada. In 2010, there were hits on 16.6% of refugee fingerprints. For the first 10 months of 2011, the hit rate was 18.9%.

[English]

    The hits noted above include refugee applicants' fingerprints that match an existing fingerprint file during the initial or front-end screening process, as well as instances where criminal fingerprints, such as latent fingerprints found at the crime site, hit to an existing refugee file subsequent to the applicant being in Canada for a period of time.
    Under the Balanced Refugee Reform Act, the RCMP receives resources to conduct a security screening pilot project in partnership with CIC and CBSA. When the Balanced Refugee Reform Act comes into force, the RCMP security intelligence background section will begin screening a percentage of refugee applicants by conducting law enforcement record checks against a number of law enforcement databases to which it has access. The value of conducting law enforcement record checks resides in the fact that this type of screening goes beyond just checking for a criminal record. To better illustrate this, the RCMP security intelligence background section conducted law enforcement record checks for Transport Canada on an existing maritime port employee whose clearance was due for renewal. While the subject had no criminal record, the law enforcement record check revealed that the port employee was an active member of an outlaw motorcycle gang.

[Translation]

    Without this more in-depth screening, the applicant would likely have undergone the traditional security checks, commonly referred to as criminal record checks, which are very limited in scope. The subject would have come back as a “no hit” to the requester and conceivably would have received their security clearance.

[English]

    In partnership with the CBSA and Citizenship and Immigration Canada, the RCMP also conducts visa vetting on select temporary resident visa applications. Visa vetting is an enhanced criminal screening process that provides feedback to CBSA and Citizenship and Immigration Canada concerning business and visitor visa applicants and their sponsors. It was originally set up to deny attempts by eastern European organized crime from coming to the greater Toronto area on visitors' visas.
    The RCMP visa vetting program is managed under the immigration and passport branch at national headquarters. The RCMP receives information from CIC and CBSA on select visa applications. Investigators conduct database checks of the individuals making application and they conduct field interviews and investigations with the goal of verifying the information on the visa application.

[Translation]

    This activity has been found to be very successful because it serves to prevent the travel to Canada of persons involved in criminality. As it specifically targets individuals associated with organized crime, visa vetting directly supports Government of Canada priorities. Currently, the program team only screens a small percentage of visa applications from three locations: Moscow, Kiev and Mexico.

[English]

    The RCMP also conducts screening on applicants wishing to come to Canada through special Government of Canada public policy initiatives such as the Afghan special measures project and the Haiti humanitarian project.
    In conclusion, the RCMP recognizes the importance of maintaining the integrity of Canada's immigration system. For this reason, I wish to assure the committee that the RCMP will continue to work with its partners to help protect the integrity of Canada's immigration system, both through investigational activities and also providing intelligence information related to immigration applicants so that CIC can make informed determinations on admissibility.
     Thank you for the opportunity to appear before you today. Superintendent Cuillierrier and I are available to answer any questions you may have.
(1545)
     Thank you, Assistant Commissioner Shean.
    We will now proceed with the first seven-minute round.
    I might say that I've had some comments that I've been too lenient with you all in allowing you to go well over the time, so I'm going to try being tough. If you don't finish on time, I'm afraid, unless things change, I'll cut you off.
    Mr. Menegakis, you have seven minutes.
    Thank you, Mr. Chair.
    I'd like to thank our witnesses for being here today. Thank you so much, and thank you for your informed presentations. I'd also like to thank you for the important work you do for our country, not only you personally but your departments, on a day in, day out basis. It's very important.
    I have a few questions prepared that I'd like to ask you.
    The first couple have to do with names. How culturally sensitive are your departments when it comes to information such as names? I'll tell you what I mean by that. When we translate someone's name from another language into English, especially when they don't use our alphabet, how secure are we that we're doing that correctly? Can you comment on that?
    It's an excellent question, and the problem of transliteration of foreign names—names originally written in foreign alphabets—is a very serious one and a very difficult one that all organizations such as ours have to grapple with.
    I'm sure I can speak for the others when I say that we're all aware of the existence of transliteration software that helps to do what's called a fuzzy match. If a name is transliterated incorrectly—or it may be transliterated correctly but there may be 20 different correct ways of transliterating it, whether it's from Russian or Arabic or another alphabet—then we have software today that can check every possible variant that we can conceive of, or that the software is aware of, in an attempt to identify the correct individual.
    Thank you.
    Mr. Venner, would you care to comment?
    I would only add that my CBSA colleague is correct, certainly, in terms of our attempts to maximize our use of technology and software to assist. We also place a considerable effort on ensuring thorough training of our people to make sure they are best equipped to deal with the challenge of transliteration and are making appropriate use of effective search techniques—stored searches and things like that—to make sure that we're not missing anything we should be getting hits on. But it is a challenge.
    Commissioner.
    Thank you.
    Similar to my colleagues, we rely upon the training of our membership. As well, we rely upon the assistance of our liaison members, who are located across the world, as we enter upon certain investigations to make determinations to assist us in ensuring we have the proper information and are providing the proper advice.
    Thank you.
    What about multiple names? It's common in many countries.
    My riding is Richmond Hill. It's one of the most diverse ridings in the country, and I quite often have constituents come in who have a number of names in their name. It's very common.
    Is it not the case that if we miss one of the names, or put them in the wrong order, that would potentially result in our not picking them up in a database?
    I'll start first.
    It's a good question, and you're correct. I can speak for the RCMP as well, and I believe the other services have a lot of members with different cultural backgrounds, so we have access to ensure that we bring those members forward to assist us in that.
    Again, we can rely upon our partners, and we can rely upon our liaison officers who are located in those other countries to make certain that we're.... In all aspects of our business, you're absolutely correct, accurate information is important, so we go to great lengths to ensure we're looking at accurate information.
    Our systems have been designed to try to deal with that as well in terms of aliases and making sure there are data fields for aliases, as well as the capacity to invert names. So whether the first and last names are inverted, it is still caught by the system or by the researcher.
(1550)
    I'd like to assure you that our analysts are also culturally aware, and are aware that in some cultures it's perfectly acceptable, for example, to reverse names.
    But let me add to what my colleagues have said. The fact is that the name alone is only one element that is checked when we're trying to establish a person's identity. Of course, we have date of birth, address, the complete history on the file, and, in the near future, biometrics to make sure we're dealing with the person who we think we're dealing with.
    I guess what I'm trying to get at is this. How confident are you that we're searching the correct name in the correct order with your systems now? Are you satisfied with the tools you have to be able to do that?
    Again, I'll say we're confident we're doing everything that can be done to ensure we're searching the correct name.
    Okay.
    I'd have to agree. I think that's one of the indicators, plus you look for other information to narrow that field as well—date of birth and other information you have about the individual.
    One of the things we're discussing and studying, of course, is the whole question of biometrics. I'd like to hear your comments as to whether that would help you identify them, particularly with countries with which we have agreements and we have easy access to their information back and forth. What do you think about that?
    Do you have a comment on that? Do you think biometrics would help us?
    We believe biometrics will be a great help in establishing definitive identity.
    From the services perspective, it will have less of an impact because of our role in providing advice about the person, but we certainly see it as being of great utility to our CIC, CBSA, and RCMP colleagues in making sure that we're checking the right person and that the person we're giving advice on is the person they're interested in.
    I would speak similarly. I think I see the benefit to our partners at CIC and CBSA, but we see the advancement of any new and improved law enforcement tools as beneficial to all types—not simply law enforcement, but to all looking to ensure the security of Canada.
    Thank you, Commissioner.
    Mr. Davies.
    Thank you, Mr. Chairman.
    On behalf of the official opposition, I would also like to thank each one of you and your departments for the vital services you provide in helping to keep our immigration and security system functioning well.
    Where I want to sort of probe is not in the things you're doing well, because I think that's good; I want to probe where we may be able to make improvements.
    There was quite a comprehensive and I think somewhat critical report by the Auditor General that came out this fall. The Auditor General's report found what he called “disturbing weaknesses” in the way Canada's border and immigration officials issue visas. He noted that CBSA analysts in particular, in his view, were not getting the training they needed. He found that their work was rarely reviewed, in his view, and that he could find no evidence that mandatory checks were completed.
    I wanted to give you a chance to respond, particularly you, Mr. Venner. I think you're from CBSA....
    No, that's Mr. Leckey. Let us know what your response is to those points by the Auditor General.
    Yes.
    Thank you for that question, Mr. Davies.
     We've prepared a comprehensive response to the recommendations coming out of the OAG's “Issuing Visas” report. There were four recommendations that touched on CBSA. The first one was that we should complete and update reference information that should be provided to visa officers in a timely manner. Coming out of that recommendation, there were three deliverables on the part of CBSA, and I can go through those in detail if you'd like, but I think the headline here is that we're on track to deliver on all those deliverables by the target date.
    That first recommendation dealt with supports to visa officers overseas, making them better and more efficient at their job, and in particular at selecting the right people to refer for closer examination by CBSA and my colleagues.
    The second recommendation was that CBSA should ensure that all information that can be obtained from security partners is relevant and is provided in advice to CIC. Essentially, that is about making CBSA, and how we do our work, more efficient.
    Coming out of that were four deliverables. One of those has been completed and the other three are on track.
(1555)
    Can I maybe just ask if a detailed action plan to implement those recommendations has been prepared? It sounds as if it has.
    It has.
    Is it possible to get that plan presented to this committee?
     Yes, absolutely.
    Okay. Thank you. And then we can review that.
    Could you send that to the clerk, please?
    Mr. Geoffrey Leckey: I will do that.
    Another item of concern, according to the Auditor General, was a lack of consistency in initial detention decisions. It was identified as a problem in reports of the Auditor General in 2003, when it was CIC's responsibility, but that concern was also re-expressed in 2008.
    Can any of you give us any testimony as to whether or not that consistency has been addressed?
    I'm sorry, that was a lack of consistency in initial...?
    In initial detention decisions.
    That's not my particular area of expertise. One of my colleagues was here on Tuesday, Mr. Peter Hill, and that was his area of expertise.
    I'll just respond on his behalf by saying that I can't specifically address what's been done since 2003, but I'm confident that appropriate measures have been taken.
    Mr. Leckey, is the initial detention decision a CBSA decision? Would a CBSA officer make that decision?
    Yes. It's initially a CBSA officer's decision. It's reviewed, as you know, by the IRB within 48 hours, within seven days, and then every 30 days after that.
    Okay. Would you be in a position at all to give us any kind of feedback on whether or not you think the initial detention decision process is working well?
    I'd prefer not to venture outside my own particular area of expertise.
    Fair enough.
    I want to just turn for a moment to biometrics. I will express some dismay. This committee decided to study security issues in the immigration system, and one of the specific items we wanted to discuss was biometrics. We commenced this study two days ago and are going to continue for the next eight meetings or so. Today, the government came down with a bill that already has committed to a biometrics program, which I think is regrettable, because I don't know how our committee is going to give meaningful impact at this point to a decision that's already been made. But I may as well ask you about biometrics.
    The Privacy Commissioner has stated that biometrics can be used in at least two ways. One is to verify someone's information, their identity, to make sure that they are who they say they are, and the other way is to match that person's identity with entries in a database. The Privacy Commissioner has indicated that she much prefers the collection of fingerprints to be used for identity verification, not for comparison to a general database. It's my understanding that the biometrics program announced by the government is going to do exactly that: it will collect people's fingerprints and then match them to a database.
    I'd like you to confirm that is the case, and, if so, tell us if you have any concerns about privacy in that regard.
    From an RCMP perspective, I can say that I believe that was tabled this morning, and I'm not quite familiar.... I'd have do a little bit more research, I think, to give you a thoughtful answer. I wouldn't be able to venture into that area at this particular time.
    Fair enough.
    I have one last question.
    On Tuesday, one of the assistant deputy ministers said that the biometrics program would be rolled out first with respect to certain nationalities, but was unable to tell us which nationalities have been identified.
    Do any of you know which nationalities are going to be identified for the initial fingerprinting and biometrics program?
    I don't think any of us are aware of whether that decision has been made, but that would be a decision for Citizenship and Immigration.
    You're saved by the bell. Time's up.
    Mr. Lamoureux.
    Let me make it unanimous by saying that whether you're Liberal, Conservative, or New Democrat, we do think you do a wonderful job and we appreciate your efforts.
    Having said that, biometrics is, generally speaking, a live picture and fingerprints. Is there anything else you would think would be beneficial to incorporate into the discussion that goes beyond that, in terms of biometrics?
(1600)
    The other possible biometric that has been proven to be reliable is retina scans. Of course, they're already being used in, for example, CBSA's NEXUS program, which speeds up or facilitates the crossing of the border. I'm not aware of whether retina scans were ever considered by CIC in setting up their biometrics program, or, if so, for what reason they might have been rejected.
    I have five minutes, so I don't mean to be rude if I kind of jump in.
    The RCMP do a tremendous amount of work in regard to checks. In fact, now what we're suggesting is that anyone who has a temporary visa—refugees and everyone—would have to go through this biometric test or provide fingerprints and so forth.
    Do you have the resources or the technology to be able to implement that on that type of a scale?
     As I stated earlier, I believe it was introduced this morning, so I expect we'll be back before this committee for further discussion on this. We have to have a lot better understanding of what is contemplated, and then I think we'll be in a better position to answer your question, but I couldn't give you a fair response right now.
    Currently, what percentage of refugees do you have fingerprints for?
    I wouldn't know that percentage off the top of my head, sorry.
    I guess a guesstimate would be a poor thing to ask.
    Yes.
    Could you anticipate? Let's say if you're talking about 35,000 refugee claimants a year, administratively is that something that's doable, or are you going to need six months or a year to be able to implement something of that nature? What type of timeframe are you looking at?
    It goes back to my earlier comment. Depending on what's contemplated, I think anything is doable. However, it's what's being contemplated and then it's to determine if it's viable, if it's something we should be doing. I guess anything is doable, but I feel it would require further dialogue and further thought.
    In terms of addressing the security issues, fingerprints and the live picture are all we need at this stage, from your perspective. They would address the issue of refugees who leave the country and then attempt to come back with a different ID. That would put the issue to rest, just by having those two?
    I think the answer is that the government—and other parts of the government in consultations that certainly have included CBSA—has come to that conclusion.
    We've heard from other agencies. Individuals who come here under temporary visas in particular, let's say visiting visas...does the RCMP play a role in any fashion in terms of the deportation of individuals who overstay visiting visas, or are there any checks done by Immigration of people who might be overstaying...?
    We would be involved in doing the checking and then providing the information to our partners in the visa vetting process.
    But the actual removals are conducted by CBSA.
    You do get contacted today by CIC with regard to requiring fingerprints and so forth, regarding visiting visas and working visas, student visas, that sort of thing?
    We don't at the moment because the program hasn't been set up yet.
    I'm going to go back to the backlog idea. I understand the RCMP put a new system in place whereby they do have the date of birth and the name, and if there's a match, they require fingerprints. It's really slowed down the process for a lot of volunteer organizations to be able to get people in the door. I was told by the RCMP that they're going to a new system. Has that happened?
    We have a time problem, Mr. Lamoureux. I'm sorry. You'll have to go another time.
    Mr. Weston, you have up to seven minutes.
    Let me just ask, adding to the comments of my predecessors, how many countries in the world have as their national icon a police officer? We're pretty proud that you're here today. I only have one concern about your presence. Our chair has never acted as much like a police officer as today, and I think he's obviously subject to your influence.
    Thank you for being with us. I'm going to get disciplined later.
     We've seen the numbers in your presentations about the numbers of checks you're doing, but I didn't see the numbers of people who are intercepted. In other words, what percentage of people are denied access because of your security checks, and then how often does this lead to some sort of an incarceration in our country or in another country, due to your vigilance?
(1605)
    We would receive a request to check our databases and then we would provide the information to our partners at CBSA, up to CISC, so those numbers would rest in my colleague's area, I believe.
     Are you saying, “It's not my dog?”
    We do the checks and are involved in it; however, we pass what we discover as a result of the checks to our partners.
    Mr. Venner.
    Out of just under 300,000 requests to the service—immigration-related, permanent resident, refugee determination, citizenship—in the last fiscal year, 667 briefs were provided with that information to CBSA. That translates into a different number in terms of what they do with it, but it gives you a sense of the rate at which we are finding information we have to provide to CBSA.
    Can you repeat that?
    Roughly 300,000 requests came in to the service, and 667 times we responded to those requests by going to CBSA and saying, “Here is a brief with some concerns about the individual in question”. So it's a very small number in relation to the total volume that we do checks on.
    Let me repeat back to you what I've heard to see if I have it right. Out of 300,000 requests, 670 were considered worthy of a review, an interception, or a denial based on security concerns.
    We had information that meant they could have been inadmissible under IRPA.
    Over what timeframe was that?
    That was in one year.
    The 300,000 doesn't represent all of the applications, or does it?
    That's just the share that are referred to the service. That's just a slice of the overall immigration process.
    So to be a contrarian, there have been criticisms of our country by our friendly neighbour to the south that we're not tough or vigilant enough. How do you respond to those concerns? I'm sure you're more aware of them than I am.
    Let me provide you with some statistics, if you don't mind.
    CIC receives approximately 1.7 million visa applications per year from visa-required countries overseas. The visa officer does the first triage of them. The visa officers in missions overseas decide which ones need to be referred to CBSA for further examination because of suspicions of security concerns. So we get about 75,000 of them and conduct our examinations, together with the two partners at the table here with me.
    Last year, out of those 75,000, some 692 resulted in inadmissibility recommendations that went back to the mission. They were drafted by CBSA. As you can see, that's very close to the number Mr. Venner mentioned. That is the number that CSIS provided in recommendations or advice to us. It's a very small percentage, but we believe it's an important percentage.
    I'd like to mention some other statistics. Our CBSA liaison officers overseas—there are 60 of them in 46 locations around the world—are involved in denials of boarding of flights to Canada 4,000 times a year. So 4,000 times a year, advice is given to airlines that individuals should not be boarded because they're improperly documented for travel to Canada. There's that as well.
    I'd also like to mention one last statistic. Last year, 54,549 people who showed up at the border were turned around—they were “allowed to withdraw”, is the term we use. In 29,900 cases, the reason was non-compliance with IRPA. In other words, they were not properly documented. They didn't meet all the requirements of IRPA for admission to Canada. For lesser criminality there were 17,000, and for serious criminality there were 5,800.
(1610)
    If I can follow up concerning the biometric study, it's no surprise to me, because two years ago we knew that was coming. It was in the budget. I'm surprised that my colleague Mr. Davies was surprised by that.
     Do you have any other things on your wish list that you would like to have to make your tool kit more effective in keeping security-risk people out of our country?
     The only thing I'll mention is that there is an interdepartmental effort now to review the inadmissibility provisions of IRPA. Although that process hasn't been finalized and recommendations haven't been presented yet, I think that will lead to some improvements.
    Thank you, sir.
    Ms. Sitsabaiesan.
    Was there anything else that you wanted to add to that dream tool kit, since you ran out of time there? Do you want to add anything?
    No.
    Okay.
     I'm going to switch a little bit to the Auditor General's report. In the report on visa issuance they made many recommendations, including service standards for the timeliness of the security screenings that were being processed. There is much casework that comes into my constituency...people who are waiting for their application process, where processing delays rest in the processing of the security clearance. When we call CIC and ask them to provide a timeline as to when things may be processed, they say they don't know, they are waiting for the security clearance.
    How many staff does the security screening program actually employ for immigration-related purposes to ensure that these responses are done in a timely way?
    I'll start.
    In the CBSA national security screening division there are approximately 60 employees. Within the last year we have moved to what we call a tiered service standard to ensure that the speed with which we process applications is in line with the priorities of the Government of Canada. So we've moved to a service standard of a turnaround time of 48 hours in the case of urgent and VIP processing, 5 days in the case of China. In tier 1 countries, which are Russia, India, Saudi Arabia, Pakistan, Mexico, and Haiti, our service standard is 10 days, and for all other countries in the world it is 20 days. The security assessment part of the visa processing continuum does not take more than 20 days. In fact, I checked just recently and we're averaging for those other countries about 18 days.
    Okay. That's very useful to know. If we're being given a longer timeframe than CIC, we know it is not actually in the security screening process. It's somewhere else.
    It's not all in the security screening.
    Okay. That's good to know.
    Another recommendation made by the Auditor General was to know if the effectiveness of the security screening is being measured. What efforts have actually been made to follow through with the recommendation the Auditor General made?
    We have set up a performance measurement system very recently, since the OAG report. It was one of our highest priorities. We've done that together with our partner, CIC, because part of the performance metrics we want to introduce is an assurance that CIC, our client, is satisfied with the service they're getting.
    Are there any times, any circumstances, when CIC issues a visa to an individual who has been flagged or for whom CBSA's final recommendation was against actually issuing him a visa?
    That does happen, and we need to remind ourselves that CBSA recommends that the final decision-maker is CIC, and CIC has the prerogative to factor in other elements such as national interest.
    Okay. And is there usually a rationale that is provided back to CBSA that says why your recommendation was overlooked?
(1615)
    I think that is a good way to put it. Usually, but not invariably, we do work very closely together.
    Then are additional steps put into place afterwards as to moving forward and how we can integrate your recommendations?
    I think, if I may say so, our recommendations are as fully integrated into the decision-making process as they can be. They are taken very seriously by CIC.
     Do I still have more time, Mr. Chair?
    You have less than 30 seconds.
    In that case, I just want to say thank you to all of you for the hard work you do. I also have a personal understanding of some of the work you do, as family members of mine are with a couple of the agencies represented here. Thank you.
    Thank you, Ms. Sitsabaiesan.
    We'll go to Ms. James.
    Thank you very much, Mr. Chair, and welcome to our guests as well.
    I'm especially happy to see a representative from CSIS here today. In the last committee, I actually spoke to CBSA. I was trying to understand why membership in certain groups or member affiliation with certain groups deems someone inadmissible, whereas affiliation with or membership in other groups does not. I wasn't able to get a definitive answer from CBSA. I think they actually referred me to CSIS; therefore, I'm very happy that you're here today.
    I'm going to give an exact example. I've had a number of constituents speak to me and ask me why it is that some are deemed inadmissible and some are not. I'm going to use an example. I have it written down, actually. Membership in the South Lebanese Army or the Armenian Revolutionary Front, from 40 years ago, would still make a person inadmissible in Canada today. In comparison, members of the Communist government in Cuba who were involved in the Cuban missile crisis are not. I'm trying to figure out what the process is. Why are some people deemed admissible and some are not?
    I'm hoping, Mr. Venner, that you can explain that to me.
    Thank you.
    I can start the answer, but I'm sure my CBSA colleague will want to chime in when I'm finished, because it does cut across our interests.
    I referred earlier to the effort under way to look at IRPA and IRPA's current approach to inadmissibility provisions. Of course, when you're looking at the national security section—subsection 34(1) of IRPA—it talks about terrorism, espionage, subversion, danger to Canada, or membership in organizations. One of the challenges in relation to that is what we would call temporality, which is the timeframe. It's the challenge of membership in an organization. What role did that person perhaps play in an organization that may be of concern? When did they join? How has that organization changed or evolved? Part of the interdepartmental effort under way is to look at whether there should be a different approach to dealing with the issue of membership.
    As I said, that process hasn't landed yet in terms of what might be a better approach. Without specific reference to the files or the organizations you talked about, that difficulty is recognized. It is being studied to see if there's a better way to deal with what those apparent anomalies—
(1620)
    Thank you.
    Mr. Leckey might want to add to that.
    Do you have a quick response? The other gentleman from CBSA could not give an answer, but if you have one, I would appreciate hearing from you.
    Thank you.
    I'll do my best. Sections 34 and 35 of IRPA are what we're dealing with principally here: membership in terrorist organizations; membership in foreign intelligence services that don't espouse democratic ideals; and membership in regimes suspected of systematic war crimes or crimes against humanity.
    There are lists we consult. There's, of course, the list of terrorist entities that have been so designated by the Government of Canada—
    Actually, that was another question we asked. We asked if we could have a list of the different groups that may be deemed inadmissible. Is that possible? I just need a quick answer, yes or no.
    In terms of designated terrorist entities, it's yes, and for designated war crimes regimes, it's yes.
    I'm just going to switch the question. My colleague, Mr. Weston, touched on this.
     I noticed that in your speech, the member from CSIS, you talked about the number of screening requests. Mr. Weston touched on that. You said there were about 300,000 in the last fiscal year. I'm looking at your speech, and unless I'm incorrect, it looks as if it was 370,000. I'm not sure whether you're including the visa requests.
     Visa requests were separate. If you add visa requests, which in our case were about 71,000, the numbers add up.
    Okay. I just wanted to make sure.
    Thank you.
    Mr. Leung.
    Thank you, Mr. Chair.
    My question has to do with the screening tools employed by CBSA, CSIS, and the RCMP.
    When we look at the physical attributes—the name, fingerprint, date of birth, place of birth—that only identifies the person. How do you gather the intelligence or the information to screen them for potential terrorist activity or security issues that could be an issue for admissibility, or for previous war crimes?
    I refer to this because we have had a couple of cases recently of two or three individuals who have come to Canada and were here for 10 years before we identified them, and then it takes us another 10 years to get rid of them.
    Perhaps you can elaborate on what your screening tools are. And how is this information shared with our counterparts worldwide, at least within those nations that are friendly to us?
    It's about the screening tools beyond the obvious physical attributes.
    The first and most important screening tool, of course, is the application form. We have to start with what the applicant tells us about himself. If that hits against certain security screening indicators of concern, then we have the option of asking CIC to go back to the applicant and conduct an interview or request more detailed information from the applicant.
    Once that information is as complete as it can be, then the information is shared with our Government of Canada security partners. They may hold information on the individual; we may hold information ourselves. Depending upon what trail we come across in the databases, it may lead us to other government departments or to foreign governments who may hold information on an individual.
    Is this across the board, for all three branches of the service?
    In the case of the service, we would take those data fields and run them through our classified intelligence databases looking for hits, whether on the name or on other data that may have been provided as part of the application.
    Is it the same for the RCMP?
    We would run the indices to check on the names that were provided to us. Depending on the indices check, it could lead to a fingerprint verification. As I said in my speech, under the Balanced Refugee Reform Act, in certain circumstances we'll check it against our intelligence databases. That's projected for future.
(1625)
    Correct me if I'm wrong in my thinking, but why are there three sets of databases to contain this? It seems that this is what can sometimes cause us some confusion or misidentify a person or let some people slip through, depending on which database is used.
    Do we also share this information internationally with the United States and Interpol or other security services?
    I think the place to start is with the three distinct mandates of the three organizations sitting here today.
    CBSA tends to have the most detailed information on immigration and war crimes; the national security agency of Canada is CSIS; and the police agency is the RCMP. In preparing security assessments and writing admissibility recommendations, it's CBSA that plays the coordinating and integrative role.
    I see.
    Let's change our thought a bit. If a person has a deliberate intent to come in and he files down his fingerprints or changes his name, how easily are we able to catch these inadmissible elements? Do we have the tools to cross-reference with other security services around the world those who have multiple identities or...?
     We're out of time, sir.
    Ms. Sitsabaiesan.
    Thank you, Mr. Chair.
    Considering the agents who are making these decisions with respect to visa decisions and inadmissibility of people, what types of training do our agents go through, the border agents or the people who are making these security decisions? I'm not saying give me the full seven-year detail of the training they go through, but could you elaborate a little bit on the type of training the agents here and abroad go through, please?
    The members of the national security screening division, who I referred to before, those 60 people—
    There's a training package that is being developed specifically for their duties. It has been upgraded recently, and we're taking a close second look at it in the wake of the OAG report.
    Okay.
    As to overseas, the overseas officers you're referring to I think would be CIC employees. We're talking about visa officers. We wouldn't be able to comment on their training.
    Do you mean the 40 people in 26 countries?
    Oh, okay. Our liaison officers overseas tend to come within the agency from intelligence or criminal investigations backgrounds predominantly, not exclusively. So they start off with a certain amount of training, and they receive quite an extensive training course before they are posted overseas. Off the top of my head, I can't remember whether it's four weeks or six weeks.
    You said that a training package is being developed for that...I'm going to call it a task force.
    It's the national security screening division.
    Thank you. So is that not in place already?
    The package is in place already. It's delivered to all our employees when they join the division, but we are looking at enhancing it, as it was one of the recommendations of the OAG report.
    By the AG, okay. Thank you.
    Do I still have time?
    Says the clock, it's almost....
    We have a minute.
    How accurate are biometrics for identification? Are there cases where it may not be accurate and you get the wrong people?
    Sorry. That's certainly out of my area of expertise. I'm not certain. I wouldn't know the answer. I apologize.
    Do you often exchange this type of information with our international partners—biometrics data that we collect?
(1630)
     The service isn't involved in the exchange of biometric evidence. It's primarily between law enforcement and our partners at the service.
    Thank you.
    I'm sorry I've rushed you, but we have rules.
    I want to thank the four of you for coming. You've been very helpful to the committee. Thanks very much.
    We will suspend.

    We'll now proceed with the second part of our meeting today. We have two witnesses. The first is the Office of the Auditor General of Canada. We have Ms. Wendy Loschiuk, the assistant auditor general. We also have Gordon Stock, who's a principal, and Suzanne Therrien, who's a principal.
    We have the Office of the Privacy Commissioner of Canada. Commissioner Stoddart, it's a pleasure to see you. I haven't seen you since my days on the ethics committee.
    We have Andrew Patrick, who is the information technology research analyst. Good afternoon to you.
    Finally, we have Lindsay Scotton, who is the manager of privacy impact.... This is a long title. I'm not going to read it; it's too long. You should have Ms. Stoddart shorten it down.
    Each group will have up to eight minutes to speak.
    Ms. Loschiuk, thank you for coming.
     Thank you, Mr. Chair, for this opportunity to appear before the committee as you begin discussions on the security of Canada's immigration system.
    In chapter 2 of our most recent report in the fall of 2011, we looked at the processes followed and the information made available when checking to determine if a person applying for a visa is admissible to Canada. Joining me today is Suzanne Therrien, who was the principal responsible for this audit.
    We've also examined the detention and removal of individuals from Canada and reported those findings in chapter 7 of the May 2008 report. Joining me as well is Gordon Stock, who was the principal responsible for that audit.
(1635)

[Translation]

    Mr. Chair, when persons are being admitted into Canada, the health, safety and security of Canadians remain paramount. This is made clear in the Immigration and Refugee Protection Act, which sets out the rules for determining whether visa applicants are admissible, and provides the authority to detain and remove those who are not.
    There may already be people in Canada who are in breach of the act and are therefore here illegally. In such cases, a removal order may be issued. In 2008, we saw that the Canada Border Services Agency had made improvements to focus on removing higher-risk individuals, but resources were limited.

[English]

    Our 2008 chapter had several key messages that I would like to go over. First, although the Canada Border Services Agency had adopted better techniques to track persons who had been ordered removed from the country, the growing number of persons in Canada illegally was jeopardizing the integrity of the immigration system. In addition, the whereabouts of some of these persons was unknown.
     We also found that more work was needed to ensure that persons who were detained but released on bond complied with the conditions of their release. There was little information available on the costs of detaining and removing persons or on whether policies and standards for detention were applied fairly.
     Finally, the Canada Border Services Agency and Citizenship and Immigration Canada needed to focus on better coordinating their efforts.
    We recommended that the department and the agency implement processes to improve the quality assurance of their joint program dealing with temporary resident permits. We also recommended that they ensure that all individuals are treated in a consistent manner and that data capture and analysis be improved to better monitor detention and removals.

[Translation]

    In our 2011 audit on issuing visas, we saw that visa officers overseas had a very challenging job. However, they are well-supported—with good training before going overseas and, once there, a network that they can access for advice. Visa officers told us they use this network often.
    However we found that there are some gaps in the process for managing risks and getting assurance that the system is working as intended. Of course, it isn't realistic to expect the system to be perfect. Nevertheless, we find that it is important to have information on how well the system is working so that gaps can be identified and appropriate remedial action taken. In our opinion, these gaps can be narrowed by improving quality assurance practices and by monitoring performance.

[English]

    Specifically, we noted the following. First, in order to properly identify persons not admissible to Canada, visa officers need to know what to look for. However, the tools they use to help them do this were not being reviewed regularly to ensure they were up to date. Even though medical professionals were reviewing the health documentation from applicants, it remains difficult to assess danger to public health or public safety or to assess excessive demand.
    Second, timely and reliable information is not always available when assessing admissibility. Information on visa applicants mostly comes from the applicants themselves, which is to be expected. It can be difficult to validate this information, and therefore any help from security partners is valuable. However, there may be little helpful information available from security partners, and a security screening for a permanent resident visa can take more than three years.
    Third, quality assurance practices—in other words, checks to make sure the system is working—need to be strengthened for the admissibility determination process. We found that there are reviews and good documentation in cases where an applicant is found inadmissible. But those cases make up a small portion of the volume of visa requests. Most people coming to Canada may not pose a risk. But in a system that is there to help protect Canadians, in our opinion, it is just as important to review the decisions to grant visas as it is to review the decisions to deny them.
(1640)

[Translation]

    Both Citizenship and Immigration Canada and the Canada Border Services Agency have been working to make their practices better. Some progress has been made since 2000, when we first noted a lack of quality assurance in the system. The two entities have drafted a new memorandum of understanding and, at the time of the audit, were developing a joint risk management approach.

[English]

    Finally, an area that could still benefit from improvement is measuring performance by developing performance indicators. Despite attempts to develop a joint framework on performance measurement, there has been little progress. The challenge has been getting good information to measure performance and demonstrate how effective the admissibility determination process has been. Both the department and the agency have agreed to focus on performance measurement as part of a current review.

[Translation]

    We also noted that the two entities have prepared action plans to address our recommendations and have been working toward firm timelines.

[English]

    Mr. Chair, this concludes my opening statement.
     We'd be happy to answer any questions.
     Thank you.
    Thank you.
    Commissioner Stoddart.
     Thank you for inviting me.
    This is a technically complex area, and that is why I've asked two experienced officials from my office to accompany me today.
    Dr. Andrew Patrick has studied and written extensively on the issue of identity management, verification, and the use of biometrics. He also represents my organization in matters of privacy oversight at Interpol.
    Also with me today is Lindsay Scotton, who has been managing the review of privacy impact assessments of federal government programs in my office for nearly a decade.

[Translation]

    As the honourable members of the committee probably know, the Privacy Act imposes obligations each time the federal government gathers personal information. Among those obligations, the federal organizations are supposed to establish certain protection measures, limit the use of information for secondary purposes and establish the list of their databases publicly, regardless of the citizenship of those affected.
    In addition, in the case of legislative or regulatory amendments to the immigration system, I expect the relevant institution to provide us with detailed assessments of private life factors.

[English]

    This is why it's particularly important to strike the right balance between a necessary scrutiny to weed out the bad apples and a commitment to uphold our democratic rights and freedoms, including the right to privacy, when we process information on individuals who will be visiting our country or who are on their way to becoming Canadian citizens.
     I will now ask Dr. Patrick to discuss some of the key technologies involved and their privacy implications.
     I want to talk about technology, so I've surrounded myself with some technology. I have some slides to illustrate some of the concepts as we go along.
    First, I want to make it clear that I love technology. I live it and work with it all the time, but my job is to understand both the strengths and weaknesses of technology—and that's what I want to talk to you about today—and to understand what technology can do and what it can't do, with a particular focus on biometrics today.
    When talking about immigration and immigration safety, the key issue is identity. Who is this person entering our country? What have they done in the past, and are they admissible? Is this person who's now at my border the same person I gave a visa to perhaps months before in some foreign mission? Did that other visitor leave the country when they said they would?
    Establishing identity is hard, and it's particularly hard when some people try to deceive. Technology has an important role in establishing identity and addressing this hard problem, but technology is not a panacea. An increasing reliance on technology often implies increasing privacy risks, and that leaves us concerned.
    We have a profound ability now to collect vast amounts of information. For identity programs, such as immigration, this means developing large databases that contain sensitive, valuable personal information. Large databases have proven to be very powerful, but also to be a source of serious privacy risks, including security breaches, misuse of information, function creep, and data errors. Unfortunately, our ability to develop or purchase technology is often ahead of our policies, our procedures, and our ability to manage these systems.
    Let's turn to biometrics. Biometrics involves measuring characteristics of the body, either physical or behavioural, in order to aid identification and verification of people. Some popular characteristics that are used in biometric systems are the face, the eye, the fingerprint, and so on.
    Biometrics are a powerful tool to help solve the identity problem, but if you allow me to quote from two great philosophers, Voltaire, and Stan Lee, the creator of Spider-Man, with great power comes great responsibility.
    The way biometric systems work is to compare two samples; one sample that was collected usually earlier in time, at a time of enrollment, and a second sample that's then compared against the enrollment sample when a service is being used. Biometrics are only useful when you have two viable samples to compare against each other. The value of a biometrics system is completely dependent on the integrity of that enrollment process, the time you create the first sample.
    If an enrollment procedure is weak, perhaps relying on weak foundation documents that you can't trust, then they don't really help to solve the identity problem. You still need good biographical information, and you still need good intelligence about people, their history, and their intent. Using biometrics with a weak enrollment system would increase the security and privacy risks without providing any real benefits.
    When considering biometrics, it is important to distinguish between identification and verification. Identification refers to the task of finding out who someone is out of the entire population of who they might be, and this often involves large databases, perhaps involving millions of records to be compared against. Verification, on the other hand, is a much simpler task of figuring out if this is the one person that this person claims to be. Verification involves comparing two biometric samples instead of millions. Verification is an easier task than identification, and it does not necessarily have to have large databases.
    It's also important to realize that biometric systems are not perfect. There can be failures. There can be failures to capture samples, for example, which might be caused by bad lighting for a photographic system or worn fingerprints. There can be false matches and false non-matches.
    The total failure rate of a biometric system is also related to its scale, that is, the number of people in a database that you're comparing it against. As databases grow and more and more databases are searched, the chances of making wrong decisions increase.
(1645)
    Let's turn to the temporary resident visa program, which is a program that I know you've been considering. CIC will be introducing biometrics into this program, collecting both fingerprints and face photos.
    The real value of the program comes in verification, in verifying the applicant when they arrive at the border. The biometric sample that's collected in enrollment when the visa is granted can be compared at the border with the person who presents themselves. This is a good use of biometrics, in my opinion, but its value is limited to verifying if this one person is the person who was given the visa a while ago.
     We have had extensive consultations with CIC about the temporary resident visa program. We have raised some privacy concerns about safe collection, storage, and transmission of sensitive personal information, including biometrics. We have also been discussing the role of private sector companies in the visa application process.
    Another issue related to visas is the tracking of visitors while they are here in the country. Biometric samples could be used to compare a sample collected at arrival with a sample collected at departure to determine who has left and who has not. This is a difficult task. There are multiple means by which someone can enter and leave a country, and being able to compare those samples can be difficult. There will likely be privacy issues if third parties are involved in collecting the information at entrance.
(1650)
    Could you wind up, sir? We're over eight minutes.
    I thought maybe you had a few pages there that you could—
    Yes. So in conclusion--
    Yes, please conclude. Thanks.
     In conclusion, we've been working with our partners in government departments, and stakeholders, and we look forward to continuing to work with them to build a safe and secure immigration system.
    Ms. James.
    Thank you, Mr. Chair.
    Before I start, I want to ask for a point of clarification. I notice there are five members of the NDP opposite me, and I'm wondering if that's permitted.
    Oh, they're just trying to over.... Don't worry about it.
    Okay, thank you.
    Thank you to our guests for the second hour. My questions are actually directed at the officials from the Auditor General's office.
    The purpose of the report itself is to make recommendations and uncover certain areas that need improvement. One of the things that was in that report, and I believe this is a quote, was unsatisfactory progress on commitments in response to the 2006 recommendations, in particular in the areas of governance and project business case.
    What I am talking about in this particular case is GCMS and the biometrics projects. In that report GCMS was rated unsatisfactory, whereas the biometrics project was rated satisfactory.
    I'm wondering if you can give me specific examples of what is lacking in both of those systems, in particular why one was rated satisfactory and the other one was obviously not.
    Certainly. I will probably have to get back to you on that. I believe you are referring to a report that I actually don't have.
    We have in front of us today chapter 2, “Issuing Visas”, from 2011. You were referring to chapter 7?
    Which chapter are you referring to, and from which report?
    I'm actually referring to the response that was made from the 2006 recommendations that things had not been done appropriately or fulfilled.
    You're not prepared to talk about those issues today?
    Are you talking about systems, or are you talking about the detentions and removals chapter?
    I'm talking about the actual biometrics project and GCMS. One was rated unsatisfactory and one was rated satisfactory. I'm trying to determine what was lacking in both and why one was a much better project.
    Right. I think you're referring, though, to chapter 2, “Large Information Technology Projects”, from June. That was an IT chapter that looked very much at systems and how the systems were being developed and whether or not they were progressing as planned.
    I'm sorry, I don't have the details on that particular chapter. But certainly it's very easy for us to get the information you are looking for and get back to you on that.
    Thank you. I would really appreciate it.
    Hopefully you can answer this question. The actual report—
    Excuse me. Could you provide that to the clerk when you get it, please?
     Absolutely.
    The report also states that CIC and CBSA do not have systematic quality assurance practices or performance measures in place. Hopefully we can talk about this.
    Could you clarify to the committee what the benefits are of having both of those, the quality assurance practices and performance measures? I just want to have it clarified for the committee.
     Certainly, I'd be happy to.
     Mr. Chair, the reason we looked at quality assurance was that we noticed.... It's a very difficult job that the visa officers have to do. The job relies very much on the information they have and then the judgments they have to make with it. Based on what is in front of them, they have to decide whether or not to request security screening on individuals. They use the tools that are available to them—indicators, etc.
    But we noted in our analysis that actually very few of the requests they make come back with any information that would help the visa officer make a determination. It became clear in our reviews that in some cases they were not sure whether they were applying the indicators correctly or whether the indicators were the right indicators or whether they were up to date.
    In that particular instance, while there's nothing to suggest that the individual should perhaps not have been allowed into the country, it's an admissibility determination. But going back to saying—
(1655)
    Why is it so important? What are the benefits?
    Exactly; we need to go back to ask whether we made the right decision. We need the quality assurance so as to come back and ask, when you applied these tools, when you looked at the information, did it work for you? Did the system work? Without that quality assurance, it's hard to know.
    Thank you.
    Do I have more time? I was cut off in the first session. I would really love to ask this next question.
    Yes, you have more time.
    Thank you very much.
    Going back to the safety and security and the health of Canadians, obviously for any government that's the main priority: the safety and security of their Canadian citizens.
     I've had a number of constituents write to me or call in to my office concerned about tuberculosis. There were recommendations in the Auditor General's report related to medical screening, and I assured my constituents that I would ask this question.
    I want to know what currently is the medical screening that we focus on and how we can improve—and not necessarily with relation to the tuberculosis issue. Obviously, the health of people coming into this country is a main concern to the Canadians who already live here in Canada.
    Could you answer that question, please?
    Certainly, I'd be happy to, and I'll ask Suzanne Therrien to add a bit of the detail.
    Right now, when an individual is applying to come.... Any permanent resident must have a medical screening—anyone applying to come to Canada permanently. There will therefore be a situation in which they go and get their medical screening, according to criteria laid out by Canada, in the country they are applying from. That is subject to review by medical officers at the missions. They will make a determination and then provide their assessment to the visa officers so that they have that information to determine whether the person is admissible.
    Given that there were recommendations in that report that there had to be improvements, can you specifically say exactly what we're lacking right now whereby we could make those improvements?
    What we found in our audit is that physically the medical screening has three criteria: danger to public health, danger to public safety, and excessive demand.
    What we found for the criteria regarding screening for danger to public health is that basically we're screening only for tuberculosis and syphilis. Those criteria have been used for the last 50 years, and we strongly recommended that CIC look at its strategy to protect public health to see whether it is sufficient to screen for syphilis and tuberculosis, when we note that in Canada a doctor has to report on 56 different diseases that could be a threat to public health.
    Thank you.
    Ms. Chow and Mr. Trudeau, welcome back to the immigration committee. We've missed you.
    Ms. Chow, you have up to seven minutes.
    To the Auditor General's team, I've read your two reports. It's quite stunning. This is dealing with the Border Services Agency. The decisions for detention and removal are arbitrary, there are no performance measures, no quality assurance. Because there is inadequate tracking of failed refugee claimants, CBSA doesn't know where a good number of them are, and this is partially because of a failed information technology program. There is inadequate training, and they're not managing the detention costs effectively.
    This is the body that is supposed to deal with those who are failed refugee claimants, to detain them and remove them. It seems to me it's not the law that's the problem; it's the implementation of the law.
    I recall that close to the end of last year I was asking the staff from CBSA how many people they could deport per year. They said it was 8,000, or thereabouts, and they couldn't do any more than that because they just don't have the information technology program in place. As a result, they can't keep track of people, etc. It seems stunning that we have both your report and their admission that they just can't manage. We know this from experience and from your report, which indicates there is no timeliness to the security screening and you don't know precisely how long it might take. Sometimes it takes months; sometimes it takes years. I know of a case that has taken eight years, and they're still trying to screen the person to decide whether the person is really at risk or not.
    Have you noticed any improvement, especially in the information technology area? They have been saying for years that they would be able to have the global case management system, that it is all going to work out, and that it's almost there. That was as of mid-year last year. Can they actually track people now? Do they know where people are?
(1700)
    I'm going to ask Mr. Stock to get into the details to provide you with more of an answer.
    At the time of the audit, the question really was that they had no way of knowing if persons were still in the country or not, and I think the number was quite high. Even with GCMS, I don't know that it would answer the question of whether or not the person is still in the country.
    I think what you're asking me is whether or not that would solve the problem.
    Can I just narrow it down? It's not just that. The key thing that was most disturbing is that the decision for detention and removal seems to be arbitrary, in your report. That was key, that sometimes they make types of decisions...and because there are no performance measurements, you don't know how they are making the decision. If there is not a consistent application of the law, then there is a really big problem.
    As a result, I noticed in that report that because a detention cell is too small, they're cramming eight people in one place that is designed for one or two people and that kind of thing.
    Is the decision-making process now better? Is it more consistent? Do they have performance reviews? Do they train their staff adequately? Do they have the kinds of things that need to be done in order to have good management practices?
    I'd have to say that we really have not audited that area since 2008, so it's very hard for me to say whether or not there has been an improvement without good audit work.
    Gordon, do you want to add to that?
    As Ms. Loschiuk pointed out to begin with, we don't know how many are still in the country, first of all because of the lack of exit controls for individuals.
    In terms of quality assurance on the decisions being made by agency officials, they need to be able to make a decision to admit someone based on the information in the individual responses, when they present themselves. If a person is perceived as a threat, or the agency cannot determine the person's identity, then the person is detained.
    The real point is that this is being done across the country at many ports of entry, so the ability to be consistent across the country depends on proper procedures and controls, and also on monitoring afterwards and the quality assurance program. That was what we pointed out in 2008; it was not in place to be able to give that assurance.
    Since then, they have had an action plan to respond to the audit. We have received information from them as far as their progress, but we have not done any further audit, as Ms. Loschiuk said. So based on that, there is more in place now. Also in 2008, we noted that they did put more effort on high-risk individuals and being able to remove them. So we saw that as something good as well.
(1705)
    Right, because that was one of your key points. About 10% of them are criminals, or less than 10%—that should be what people are focusing on. So they are doing that.
    They literally cannot deport the number of people they want to deport. Are they still at that same place? As of nine months ago, they were still having trouble deporting people because they just can't manage it. Is that still the case?
    Unfortunately, I would not be able to answer on behalf of CBSA, as our audit work is somewhat dated.
    Thank you, Mr. Stock.
    Mr. Trudeau, go ahead.
    Thank you very much, Mr. Chair. It's a pleasure to be back at the immigration committee with so many old friends.
    I have a couple of questions. For the Auditor General's Office, first of all, throughout your recommendations, it keeps coming back that there are weaknesses in data collection and monitoring. Is that being addressed by GCMS coming in, or is it just not there yet? Is it something that is going to be improved, or is it something that wholeheartedly has been missed in the implementation of GCMS? Or are they completely different things?
    Mr. Chair, GCMS is a system that CIC is putting in place that is supposed to be a much more robust system to manage its information. The audit that was done earlier to look at the implementation of GCMS noted that it was behind and that there were delays. But how GCMS is going to replace the current FOSS and the NCMS—there will be some improvements, I understand, from what the department has said. However, there are some things that it will not be able to do.
    It seems to me that, particularly for a department that is so wrapped up in life-altering decisions for people, we have to go to a higher standard of monitoring what our processes are. It particularly concerns me that there isn't much data on acceptances. One can understand where there would be more appeals for refusals and therefore they have a system there. But the potential for corruption or for favouritism on acceptance is obviously, unfortunately, there. Is that something that was simply an oversight because of lack of resources, or was it a deliberate decision to not monitor? Or is it just something that has fallen through the cracks, even though it represents the largest part of what is done?
    We looked at the protection of health, safety, and security and how that information is provided. There are other areas that we didn't look at, one of them being the fraud aspect. That is a completely separate area that would require a lot more work. So we made a scoping decision at this time to just focus on those three aspects of the act.
    You mentioned, Mr. Stock, that there are no exit controls to allow us to see who has left the country or not. I understand that's for Canadian citizens and people who live here in any case. But for people visiting on a foreign passport with a visitor's visa, when they leave the country, is it not registered anywhere that they have left the country?
     I'll pass that one over to Ms. Therrien.
    In fact, no, there is no exit control in Canada unless somebody is under removal order and they are asked to report to CBSA to indicate that they have left the country. Otherwise, we would not know. For any visitor who has come to Canada, we don't know if they have left or not.
    That's even though, in order to travel outside of the country to another country, one has to use a passport. One is only showing it to an airline agent and not obviously a Canada Border Services Agent for it to go in.
    Has anyone looked at having airlines actually register foreign passports and whether or not they come through on visas?
(1710)
    That's something you'd have to ask the airlines about.
    Thank you very much.
    Moving over to the Privacy Commissioner, it's a pleasure to meet you. You've been very important of late in many different areas, but it's nice to see you here on this.
    I very much understand and am fascinated with biometrics and the difference in using them for identification versus verification. Is there a movement towards using them for identification, with all the concerns doing that brings in? On the verification, how are we doing in terms of collecting the data necessary to make sure that the enrolment system is strong enough, particularly in parts of the world where the documentation is often very sketchy?
    Thank you, honourable member, for that question.
    I'll answer the second part, and the first part I'll turn over to Dr. Andrew Patrick.
    Several years ago we did some audits on Canadian consulates abroad and their handling of passport applications. We noted some weaknesses in the system at that time. I believe we're currently following up, but I think we could still strengthen the obtention of what my colleague referred to as the foundation documents, which means that the person who is actually giving you the face or the thumbprint is the person that he or she claims to be. I think we can never be too vigilant about that part of our system.
    As for the evolution of trends in biometrics—
    I'm afraid we'll have to move on.
    Mr. Dykstra has up to seven minutes.
    It's interesting to have both the colleagues back, Ms. Chow and Mr. Trudeau—although as I recall, they were sitting in opposite positions the last time they were here.
    You were over there.
    Somehow I ended up over there. Anyway, I'm glad to have you guys back.
    I want to pick up on Ms. Chow's comments. I think they're quite insightful, and I also think they stem from some of the comments Mr. Davies made on Tuesday with respect to the tightening up of the system. We called for this study because of your report and your recommendations, and we hope to come out of this study with some recommendations for both the minister and the ministry, which will give them the ability to take up those recommendations, and not just perhaps to implement the recommendations you made but to further enhance the system we have.
    Mr. Davies spoke somewhat at our last meeting about the leniency that was in the system. There's a bit of a conflict here, because on the one hand, I hear from the folks on the other side of the House and they think the system is too slow, the system should allow more people in, and the system cuts people out of their particular ridings when they think they shouldn't be cut. On the other hand, part of the reason they would like this study to be done is that they felt there were possible gaps in the system.
     I wonder if you could sort of bring that together, in the sense that the desire to expand the system and allow more folks in doesn't make the system tighter. In fact, it may require or push the system in the opposite direction. Based on your recommendations, I really would like to hear what you have to say with respect to that.
    Thank you very much.
    We looked at this from the point of view of “What do we know about how well the system is working?” and “Where are the weaknesses?, so that we could address them. We found that there just weren't a whole lot of metrics out there to really tell us that. We don't have the quality assurance and the different decision-making to determine whether or not we're using the right indicators, and all of that information.
    Any change to the system I wouldn't really comment on, except to say that as long as we know that we're accomplishing what we want to accomplish and we're putting in the quality assurance and putting in the performance measures, then those things go a long way to letting us know that the system is working. Those were really the key messages we wanted to get out, that we don't have that kind of assurance, that we're getting the results we want, or that we're accomplishing exactly what the system is meant to do, which is to protect health and safety and security and to not allow in persons who are inadmissible.
     You obviously researched some cases when you were making your recommendations. Could you give us a couple of specific cases that stood out for you, in terms of saying we've got a problem we need to address?
(1715)
    Most of the cases I could relate to would be based on information we received during a survey we conducted with visa officers and what they would have told us.
    As an example, visa officers need and want to have assurance that they're doing their job right. In some countries it's extremely difficult to know if they are applying the indicators correctly. For example, one that we were talking about earlier is, how do you know if you should deny a person on human rights violations, because what may be a human rights violation or may not be is sometimes very difficult to determine? Often we found in the system that when in doubt, it's hard to say no. So there may be cases such as that. The difficulty is trying to decide when it's a grey area.
    I'm going to turn the rest of my time over to Mr. Shipley, but it's interesting that your assessment or the analysis led you to that conclusion: when in doubt, how do we say no? In most circumstances, when in doubt, you always say no. So we've got a check and balance that we obviously need to work on here.
    That's right, yes.
    Thank you.
    You have two minutes, Mr. Shipley.
    I want to follow up a little.
    Madam Loschiuk, you talked in your deficiencies about the diseases. You only mentioned TB and syphilis. I understand there's a list, which I don't have. They go on a waiting list. My colleague has tried to identify the situation; it's not so good out there, but what criteria then stops them? If they're on that list, do they not just come in? Are they sent back? If they're in a screening area, how long does that screening take? From across the way, we've had eight years, so if there's some doubt, where is that person?
     I guess that should raise some flags in terms of not being sure whether they've got an issue in terms of health, and yet they're in the system, in public, for a long period of time. Where are they?
    Let's take the case of an individual who is applying to come to Canada permanently. We're looking at a permanent resident visa; therefore, we're going to be going through all the health checks. A person has to go through a lot of different checks, and their medical could take time. Sometimes we've found that the medical takes time because of the individuals themselves; they don't get the medical checks they need to have done. If it's not that, it may be that they are waiting for security clearances.
    There are many different spots in the process when an individual's application is pending. It depends on an individual case; it could be for security, for health, for criminality checks—any of those.
    If they've got a health issue there seems to be some uncertainty, and yet it's contagious. Where are these folks all the time we're worrying about them? As my colleague said, if you're in doubt, they shouldn't be here until they get cleared. I'm wondering how we deal with that.
    In the case of a medical, a person will have their health check, but you can refuse them on health grounds if you deem them to be a danger to public health in Canada. Currently, that's defined as those two diseases. As an example, hepatitis may be on the list of 56, but an individual probably would not be refused entry to Canada on health grounds if they were known to have hepatitis, because it's not one of the screening diseases.
    Thank you.
    Ms. Sitsabaiesan has up to five minutes.
    Thank you, Mr. Chair.
    And thank you all for joining us today.
    The AG's report on visa issuance made many recommendations, including service standards, for the timeliness of security screenings to be established. I asked this question to the CBSA person who was here earlier, and he told us the maximum a security screening could take was 20 days, whereas I know from the experience we're having in our office, and like my colleague Olivia's example here, it takes longer in some cases.
    So what were the AG's intentions in the report?
(1720)
    There are the two components. There's the temporary resident; that's a visitor wanting to come to Canada. Those are expedited, because an individual wants to come to Canada. They may take 20 days. On the permanent resident side, it could take a lot longer. Although there is a memorandum of understanding to try to get those done in 9 to 18 months, we noted that they could take years.
    On the temporary side, they will move quicker, because there could be all kinds of extenuating circumstances and it is a visa.
    So the TRV security screenings were found to be short, and the recommendations in the AG report were for the permanent residence security screenings?
    You mean the delays for the years? Yes, those have to do with permanent residents.
    Okay.
    Thank you.
    Actually, the recommendations were for both the temporary and the permanent sides. When Mr. Leckey mentioned that it would take 20 days, he was referring to the time it takes for the file to get from CBSA to the visa officers. But sometimes the file is first directed to CSIS. If CSIS finds something out about an individual and they need to do further work, there could be delays. It could take, one, two, or three years before it moves to CBSA. Remember, those delays usually occur when no adversarial information is found. As soon as we need to do further work, it's a lot longer.
    Thank you.
    To the Privacy Commissioner, could you elaborate on your concerns about cross-matching and secondary information? How would you recommend that CIC and CBSA officials implement a biometric system that would mitigate privacy concerns?
    I'm going to ask my officials to answer that.
    There are two components. One is a policy and management component. This would ensure that the purpose for which you're collecting the information, in this case biometrics, is limited and clearly stated. You must explain why you are collecting it and you must limit your use to the stated purpose, so that you don't start cross-matching against things you did not intend, without informing the person that you were collecting it. It's a policy and a procedural issue.
    There are also some new technical advancements that can make it hard or impossible to do that cross-matching. That's a much longer answer.
    Is it verification that biometrics should be used for, rather than identification?
    It depends on the context. In general, verification is, in our view, more privacy-sensitive. You are only comparing against one and you're not having to create databases. But in some contexts, you do need to create large databases, for example, if you're trying to do duplicate detection—
    You're talking about temporary resident visa applicants.
    For temporary resident visa applicants, you can compare the person to whom you gave a visa with the person who has arrived. It's a one-to-one verification. We think it's a pretty good use of biometrics.
    Thank you.
    Mr. Trottier.
    Thank you for coming in today and helping to illuminate this growing concern across Canada. It's a big challenge for us. It's important in my city of Toronto, where about half the people are immigrants. It's important that we get this right. We need to balance security with letting people into the country appropriately.
    You mentioned in your audit in 2008 that there was an overall problem with performance indicators and performance metrics. These things seem fundamental to running any kind of department or operation.
    What are the barriers to putting good performance indicators and performance metrics in place? There's lots of volume and there's lots of things that could be measured. Why haven't they been put in place?
(1725)
    That's a good question to ask the departments.
    We did note that in some cases there were difficulties in getting good and accurate information that would allow measurement. Some of the older systems they had did not collect that kind of information, and they really didn't have the basic data from which to start to measure.
     Okay, so it's not a question of organizational desire or the goodwill of people working there. They're impeded by the lack of investment in the proper technology and the proper systems.
    It's probably a good question to ask them to get the details.
    There's one area that's a little disturbing. In your remarks, you mentioned that more work was needed to ensure that persons who were detained but released on bond complied with the conditions of their release.
    As you know, there have been some recent high-profile deportations. Are these the kinds of situations where people were non-compliant with the conditions? Did they post bonds and then just walk away from those bonds and disappear into the country?
     Can you elaborate on the magnitude of this problem? Was it something you were able to capture in your audit?
    I'm really not familiar with individual cases. Gordon might have some insight.
    Thank you, Mr. Chair.
    In the 2008 audit, for the period we were looking at, which was back in 2004-05, so it is quite dated, there were approximately 2,000 cash bonds required for individuals. When we looked at them, approximately 300 had not been honoured. They found about half the people, which was about 170. For the remainder, about 150, we were still not sure if they had left the country or were still in the country.
    I'm not sure what the size of the bond is. Is there a standard bond size, or does it depend on the unique situation?
    It depends on the situation, and it would depend on the level of risk assessed for the individual as far as the risk of flight or something like that.
    In your audit, did you find that maybe there was a problem upstream of actually requiring a bond? Maybe that person should not have been admitted in the first place. Obviously, there's some information that came to light afterwards that led officials to believe that these people needed to be deported.
    What was the difficulty in capturing that information ahead of time? Is there any sense, from your audit, that something more could have been done upstream?
    We could not go into that level of detail on the individual areas. We looked to see if the risk assessments had actually been carried out. Sometimes they might be released on their own recognizance and be required just to check in every two weeks. Other times they would require a cash bond, which is a different level of surety. Or they could actually be detained. It depended on the perceived level of risk.
    Maybe this is a question for the privacy officials.
    When people are released on bond, there's a certain level of privacy those people are entitled to. You mentioned that they could check in with officials every two weeks. Are there uses of technology that could be better utilized so that we don't lose track of people in the system?
    For example, in another committee, there's some suggestion that perhaps some form of electronic monitoring could be done. Or perhaps people could check in virtually via the Internet.
    Is there a sense that there are better uses of technology that wouldn't violate privacy concerns?
    There are uses of technology that more or less impinge on privacy. Certainly voluntarily checking in at some point and sending in some pre-arranged symbol or signal I think would be the least invasive.
    There is the electronic monitoring bracelet. I recently testified at a Senate committee that unfortunately, at this time, from what we can see—we are doing a privacy impact assessment with Correctional Services Canada—this bracelet is not entirely accurate. Right now, not only does it not guarantee real security about the person's whereabouts, but it hugely invades the privacy of the person. The person reading the monitor knows everything that person has done, not all of which is necessary to know, whether they're going to leave the country or, in the case of inmates, whether they're going to commit another offence.
    Thank you, Commissioner.
    Mr. Leung, you have the final minute.
    Thank you, Mr. Chair. I'll try to make my question very brief.
    We know that for certain cases there are potential inadmissibility rules for the person applying to come to Canada. If that person submits fraudulent data, how are you going to be able to check on that and propose better tools to detect it? Could you please elaborate on that?
(1730)
    Fraudulent data is very difficult. We did not specifically examine it in this audit. But we did note that the data provided by an individual, for the most part, is the lion's share of what the visa officer is going to get. Unless something comes back from a security partner or a visa officer that is able to show in some way that the documentation is fraudulent—for example, there are police certificates that can't be verified—it is extremely difficult. It certainly depends on where the person is applying from as to what can be provided by that individual to show their admissibility.
     Thank you, Ms. Loschiuk and your colleagues, for your presentations.
    And thank you, Commissioner, as well, and your colleagues. You've all been very helpful. Thank you very much for coming.
    This meeting is adjourned.
Publication Explorer
Publication Explorer
ParlVU