Canada Border Services Agency
Symbol of the Government of Canada

Privacy Act

CBSA Annual Report
2010-2011

Warning This page has been archived.

Archived Content

Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Table of Contents

Return to Top of Page

Chapter One: Privacy Act Report

Introduction

The Canada Border Services Agency (CBSA) is pleased to present to Parliament, in accordance with section 72 of the Privacy Act (the Act), its Annual Report on the management of the Act. The report describes the activities that support compliance with the Act for the fiscal year commencing April 1st, 2010 and ending March 31st, 2011. During this period, the Canada Border Services Agency continued to build upon successful practices implemented in previous years.

"The purpose of the Privacy Act is to extend the present laws of Canada that protect the privacy of individuals with respect to personal information about themselves held by a government institution and that provide individuals with a right of access to that information".

As stated in Section 72(1) of the Privacy Act, "The head of every government institution shall prepare for submission to Parliament an annual report on the administration of this Act within the institution during each financial year."

In 2010-2011, the Canada Border Services Agency introduced procedures and practices that will ensure the continued provision of timely service to Canadians who seek to exercise their right to access information under the Privacy Act, and which demonstrate leadership in the management of increasingly numerous and complex privacy requests.

Return to Top of Page

Organization

About the Canada Border Services Agency (CBSA)

Since 2003, the Canada Border Services Agency has been an integral part of the Public Safety Canada (PS) portfolio, which was created to protect Canadians and maintain a peaceful and safe society. In support of these priorities, the Canada Border Services Agency is responsible for providing integrated border services which facilitate the free flow of persons and goods, including animals and plants, that meet all requirements under the program legislation.

The Canada Border Services Agency carries out its responsibilities with a workforce of approximately 14,000 employees, which includes over 5,400 Border Services Officers who provide services at all points across Canada and as well as our international network.

On April 1st, 2010, as part of its ongoing Change Agenda, the Canada Border Services Agency implemented a new organizational structure designed to establish clearer lines of accountability within the Agency. This new model also created clear distinctions between program management, to be carried out at headquarters, and program delivery, to be carried out in the regions.

Return to Top of Page

Access to Information (ATI) Privacy Division

On April 1st, 2004, the Canada Border Services Agency established the Access to Information and Privacy (ATIP) Section. This section was initially staffed with six employees based on an estimated annual workload of between 250 and 350 requests. During the 2007-2008 fiscal year, due to growing demand on the Canada Border Services Agency, the Access to Information and Privacy Section was expanded to become the Canada Border Services Agency's Access to Information (ATI) Privacy Division.

The Access to Information and Privacy Division is comprised of four units: an Administration section, two Case Management units, and a Policy and Training unit. The Administration section's function is to receive all incoming requests and consultations, ensuring quality control on all outgoing correspondence and supporting both Case Management units in their day-to-day business. The Case Management units task all branches and regions with records retrieval requests and provide daily operational guidance and support to the Canada Border Services Agency employees. The Policy and Training unit develops policies, tools and procedures to support privacy requirements within the Canada Border Services Agency and provides training to Agency employees. On average, 39 full time equivalents (FTE) were employed in the Access to Information and Privacy Division during the 2010-2011 reporting period.

The Access to Information and Privacy Coordinator for the Canada Border Services Agency is the Director of the Access to Information and Privacy Division. The Access to Information and Privacy Division is part of the Corporate Secretariat Directorate, which reports directly to the President of the Canada Border Services Agency. Consistent with the best practices as identified by the Treasury Board of Canada Secretariat (TBS), the Canada Border Services Agency's Access to Information and Privacy Coordinator is positioned within two levels of the President, and has full delegated authority reporting directly to the Corporate Secretary, who, in turn, reports to the President.

The Canada Border Services Agency Access to Information and Privacy Division works closely with other members of the Public Safety Canada portfolio, such as the Royal Canadian Mounted Police (RCMP) and Correctional Service of Canada (CSC), in order to share best practices and develop streamlined processes for the retrieval of jointly held records in order to comply with the 30 day legislated timeframe to respond to privacy requests.

Return to Top of Page

Information Sharing Unit

In 2009-2010, the Canada Border Services Agency created the Information Sharing Unit (ISU), which is part of the Program, Planning and Legislation Division, in the Planning and Performance Management Directorate, Programs Branch.

This unit supports all the Canada Border Services Agency programs by leading or coordinating strategic and/or horizontal information sharing initiatives. It identifies required regulatory or legislative changes, develops internal disclosure policy, reviews and contributes to memoranda of understanding that contain an information sharing component, and coordinates information sharing activities on behalf of internal or external stakeholders, including international partners. Within this mandate, the Information Sharing Unit provides policy guidance to the Canada Border Services Agency programs related to the disclosure of information, under sub-section 8(2) of the Privacy Act and Section 107 of the Customs Act.

The Information Sharing Unit is also responsible for ensuring that information sharing legislation, policy and procedures are clearly and consistently understood throughout the Canada Border Services Agency. To this end, the unit developed and provided training to the Canada Border Services Agency employees in consultation with the Human Resource Branch's Training and Learning Division.

In 2010-2011, the Information Sharing Unit accomplished multiple activities related to the Privacy Act that included:

  • Undertaking a comprehensive review of key information sharing activities, initiatives and gaps between the Canada Border Services Agency and United States counterparts;
  • Establishing an Agency-wide Information Sharing Working Group, which serves as a consultative body to support the development of the Canada Border Services Agency information sharing policy development and research;
  • Continuing work on the revision of D-Memorandas: D1-16-1: Explanation of Section 107 of the Customs Act and D1-16-2: Interim Administrative Guidelines for the Provision to others, Allowing access to others, and Use of Customs Information – Section 107 of the Customs Act;
  • Representing the Canada Border Services Agency in supporting policy initiatives led by Public Safety Canada concerning information sharing to support national security;
  • Leading the Canada Border Services Agency participation in the expanded negotiating mandate for the Immigration Information Sharing Treaty with the United States (led by Citizenship and Immigration Canada (CIC));
  • Finalizing and implementing policy and procedures to support the Canada Border Services Agency's new Investigation Body Designation in the Privacy Regulations and in the Access to Information Regulations; and
  • Developing a semi-automated online form which will allow for the consistent tracking of requests for information under paragraph 8(2)(e) of the Privacy Act (Investigative Body Designation) as required under section 8(4) of the Privacy Act.

At the end of the 2010-2011 reporting period, nine full time equivalents were employed in the Information Sharing Unit:

Return to Top of Page

Activities and Accomplishments

Leadership

The Access to Information and Privacy Division receives, coordinates and processes requests for information under the Privacy Act, providing high quality and timely service to requesters. In addition, the Access to Information and Privacy Division supports a network of 19 Access to Information and Privacy Liaison Officers in all branches and regions of the Canada Border Services Agency who assist with requests by searching and retreiving records, and coordinating recommendations from within their branch or region. This allows the Access to Information and Privacy Division to maximize efficiencies in request processing to ensure that requesters receive their information in the shortest time possible. In fiscal year 2011-2012, the Canada Border Services Agency will continue with these best practices.

The Canada Border Services Agency also maintains a reading room, available for individuals who wish to review our publications or other public materials. Individuals may access the reading room by contacting the Access to Information and Privacy Director of the Canada Border Services Agency. The reading room is located at:

Leima Building, 11th Floor
410 Laurier Avenue West
Ottawa, Ontario
K1A 0L8
Telephone: 613-941-7431
atip-aiprp@cbsa-asfc.gc.ca

Return to Top of Page

Performance

The Canada Border Services Agency received 2,896 requests under the Privacy Act in 2010-2011. The Agency has maintained a compliance rate of 96.9% in relation to the legislated time frames to respond to requests, a remarkable accomplishment, considering that the number of privacy requests the Canada Border Services Agency received has increased by 109.1% over the last year.

The Access to Information and Privacy Division continues to improve response times by modernizing its service delivery model. For example, in 2010-2011, the Division increased the use of electronic delivery, including offering clients the option of receiving their releases on compact disk or by e-mail.

Human Resources

Finding and recruiting individuals who possess the necessary skills and experience for the Access to Information and Privacy discipline is a challenge confronting all federal institutions. As a result, the market for Access to Information and Privacy Analysts is extremely competitive. Establishing the right organization with positions at the right levels is crucial to the success of our recruitment and retention efforts. While we have an excellent core group, to achieve our objectives, additional Access to Information and Privacy Analysts will need to be hired in the near future.

To help mitigate this challenge, the Access to Information and Privacy Division has implemented various strategies designed to nurture a healthy and effective working environment in this highly competitive field. In 2010-2011, the Access to Information and Privacy Division offered its employees acting or assignment opportunities to allow current employees to gain knowledge, experience and expertise outside of their normal responsibilities. The Canada Border Services Agency will continue to offer these opportunities in the 2011-2012 fiscal year. The Access to Information and Privacy Division will also explore hiring college and university students through co-op programs in the summer of 2011.

The Access to Information and Privacy Division also actively participates in a Treasury Board Secretariat led working group mandated in the area of community development, more specifically in the design of generic organizational Access to Information and Privacy models, work descriptions and associated generic competencies that will respond to various issues and challenges that have been identified by the Access to Information and Privacy community and support employees and organizational development in the Access to Information and Privacy field across the core public administration.

Return to Top of Page

Education and Training

In 2010-2011, resources were focused on educational initiatives that supported the implementation of streamlined processing procedures and built an awareness of privacy obligations throughout the Canada Border Services Agency. To this end, the Access to Information and Privacy Division delivered a total of 35 Access to Information and Privacy Awareness Sessions in which 392 employees in high-demand areas took part. These sessions are designed to ensure that the participants fully understand their responsibilities under the Privacy Act. The Access to Information and Privacy Division has also delivered customized sessions to particular audiences. With the success of this program, the Division is taking steps to deliver more sessions in 2011-2012. Large group training will be offered in the Regions and in the National Capital Region to reach the maximum number of Canada Border Services Agency employees.

In addition, the Access to Information and Privacy Division organized a National Access to Information and Privacy Liaison Officers Learning Event in October 2010. This conference was a forum, regrouping 22 employees of the Canada Border Services Agency, to learn, discuss and exchange information about the challenges encountered in the branches and regions. The Access to Information and Privacy Division staff also participated in the Canadian Access and Privacy Association Conference that took place in November 2010 in Ottawa. Employees also attended courses provided by the Treasury Board of Canada Secretariat such as the Parliamentary Reporting Requirement course. Some employees are enrolled in the International Association of Privacy Practitioners accreditation program offered by the University of Alberta. Finally, employees were also provided with ongoing mentoring by senior analysts, team leaders and managers within the Access to Information and Privacy Division.

Return to Top of Page

New and Revised Privacy-related Policies and Procedures

In 2010-2011, the Access to Information and Privacy Division submitted a revised and updated Info Source in relation to the Treasury Board of Canada Secretariat requirements. Specific Treasury Board of Canada Secretariat concerns have been addressed:

  • The Canada Border Services Agency's Info Source chapter has been reorganized to mirror the Canada Border Services Agency's 2010 Program Activity Architecture (PAA) to the sub-activity level;
  • All corporate documents such as the Departmental Performance Reports and Reports on Plans and Priorities were reviewed to ensure that the Canada Border Services Agency's major programs are reflected in this year's chapter;
  • All program areas reviewed their Class of Record descriptions ensuring complete and accurate descriptions of information contained within their records. Program Activities and Sub-Activities are also fully defined within Info Source; and
  • The Access to Information and Privacy Division completed and published an institution-specific Class of Record description for the 2010 Olympic and Para-Olympic Winter Games (International Events and Convention Services Program).

The Access to Information and Privacy Division will continue to revise its Info Source throughout the 2011-2012 fiscal year in accordance with the Treasury Board of Canada Secretariat requirements.

Return to Top of Page

Changes Implemented based on Recommendations from the Office of the Privacy Commissioner

In 2006, the Office of the Privacy Commissioner (OPC) conducted an audit of privacy practices at the Canada Border Services Agency. One of its recommendations was that the Canada Border Services Agency develop and adopt a Privacy Management Framework (PMF), to:

  • Effectively communicate the importance of managing personal information to the organization and foster a commitment to building privacy into program management activities;
  • Establish clear objectives and standards for the collection, accuracy, security, use, disclosure, transmission, access, retention and disposal of personal information;
  • Clarify an organization's structures, roles and responsibilities relating to privacy, and provide a basis for determining the resources and skills needed for achieving sound privacy management practices;
  • Rely on sound risk management approaches, particularly through privacy impact assessments and threat and risk assessments;
  • Incorporate best practices and effective controls to promote compliance – integrating the best available privacy-enhancing technologies, and mechanisms for resolving disputes effectively and for identifying and correcting system weakness or privacy incidents; and
  • Promote accountability and continuous improvement of personal information handling practices through: program reporting, audit and evaluation, continuous monitoring of personal information handling practices, and the provision of ongoing privacy training to employees.

In October 2010, the Canada Border Services Agency's Privacy Management Framework was completed and shared with the Office of the Privacy Commissioner. The Privacy Management Framework is a gap analysis of how the Canada Border Services Agency administers the privacy program, and provides a set of recommendations for training, tools, performance measures, and governance structures to address these gaps. Based on these recommendations, the Access to Information and Privacy Division has, in consultation with key program areas, developed and presented a four year Action Plan to implement the Privacy Management Framework recommendations. Some of the key recommendations are:

  • The appointment of an Agency Chief Privacy Officer to champion privacy administration at the senior management level;
  • A formal review and approval process to ensure legislative and policy requirements are met for privacy impact assessments, personal information banks, class of record descriptions and privacy notification requirements;
  • Development of a Canada Border Services Agency privacy breach protocol; and
  • Developing new mandatory training modules for privacy practices such as the collection, use, disclosure, retention and disposal of personal information.

The Canada Border Services Agency believes that the Privacy Management Framework and its associated Action Plan will greatly strengthen the Canada Border Services Agency's compliance with legislative and policy requirements, thereby demonstrating transparency, accountability, and leadership in the protection of privacy rights.

Audit of Closed-Circuit Television (CCTV) at Canada's International Airports

In October 2010, the Office of the Privacy Commissioner initiated an audit of air traveler privacy in Canada, and in particular, the use by the Canada Border Services Agency of Closed-Circuit Television cameras at Canada's International Airports. As part of this audit, there will be an assessment of the Canada Border Services Agency's personal information management practices in relation to video vis-à-vis the Privacy Act and the Treasury Board of Canada Secretariat policy requirements. The Office of the Privacy Commissioner is expected to finalize the report by the end of May, 2011.

Return to Top of Page

Privacy Impact Assessment (PIA) Executive Summaries

The Canada Border Services Agency submitted two Privacy Impact Assessments – NEXUS and Partners in Protection – to the Office of the Privacy Commissioner for review and comment during fiscal year 2010-2011.

NEXUS is a bi-national initiative between the Canada Border Services Agency and the United States Customs Border Protection designed to expedite the border clearance process for low-risk, pre-approved travellers into Canada and the United States in the highway, air and marine modes of travel. A summary of the Privacy Impact Assessment will be posted to the Canada Border Services Agency website once the Office of the Privacy Commissioner has had an opportunity to provide comments and recommendations.

The Partners in Protection (PIP) program enlists the cooperation of private industry in efforts to enhance border and supply chain security, combat organized crime and terrorism, increase compliance with customs requirements and help detect and prevent contraband smuggling. The Partners in Protection program is available to companies directly involved in the importation or exportation of commercial goods. There are no fees to join the Partners in Protection program and participation is voluntary in this partnership program between industry members and the Canada Border Services Agency. A summary of the Privacy Impact Assessment will be posted to the Canada Border Services Agency website in the coming months.

The Canada Border Services Agency currently has approximately 20 Privacy Impact Assessments at various stages of completion, of which, 10 were initiated this fiscal year. Given the importance of privacy protection, the Access to Information and Privacy Division is providing Privacy Impact Assessment overview training to middle managers beginning in fiscal year 2011-2012.

Return to Top of Page

Disclosures Made Pursuant to Paragraph 8(2)(e) of the Privacy Act

During the 2010-2011 fiscal year, 312 disclosures pursuant to paragraph 8(2)(e) of the Privacy Act were made by the Canada Border Services Agency.

Disclosures Made Pursuant to Paragraph 8(2)(f) and (g) of the Privacy Act

During the 2010-2011 fiscal year, disclosures pursuant to paragraph 8(2)(f) and (g) of the Privacy Act were made by the Canada Border Services Agency.

Disclosures Made Pursuant to Paragraph 8(2)(m) of the Privacy Act

During the 2010-2011 fiscal year, no disclosure pursuant to paragraph 8(2)(m) of the Privacy Act were made by the Canada Border Services Agency.

Delegation Order

See Annex A for a signed copy of the Delegation Order.

Return to Top of Page

Chapter Two: Interpretation of Statistical Report

Statistical report and Supplemental Reporting Requirements

See Annex B for the Canada Border Services Agency's statistical report on the Privacy Act and Annex C for the Supplemental Reporting Requirements on the Privacy Act.

Interpretation of the Statistical reports

Overview

In 2010-2011, the Canada Border Services Agency continued to refine its practices to maintain a high level of service to requesters while addressing increased workload-related issues. Statistics suggest these refinements are having a positive effect as evidenced by a continued high completion rate of requests within the legislated timelines.

Requests Received Under the Privacy Act

Overall, the Canada Border Services Agency received 2,896 privacy requests in 2010-2011, an increase of 109.1% from the previous year. The Canada Border Services Agency responded to 2,808 privacy requests during 2010-2011, representing 96.9% of the total number of requests that it received. In total, 220 requests were carried forward from 2009-2010 and 308 requests were carried over to the current 2011-2012 period.

Privacy requests Received / Completed

Privacy requests Received / Completed

Of the 2,808 requests completed, the Canada Border Services Agency reviewed over 264,203 pages, an average of 94 pages per request. The numbers of pages reviewed have slightly decreased from the previous year.

Return to Top of Page

Completion Time

Of the 2,808 requests completed during the fiscal year 2010-2011, the Canada Border Services Agency responded to 2,363 requests within 30 days or less, representing 84.2% of all the requests completed. Further, the Canada Border Services Agency has responded to 337 requests (12%) within 31 to 60 days, 76 requests (2.7%) within 61 to 120 days, and 32 requests (1.1%) required 121 days or more to be completed.

Completion time

Completion time

Of all the requests received, the Canada Border Services Agency was successful in responding to 97.3% within the statutory time frames. This result reflects the Canada Border Services Agency's commitment to ensuring that every reasonable effort is made to complete the requests in a timely manner.

Return to Top of Page

Extension

The Privacy Act allows departments to extend the legislated deadline of a request if the request cannot be completed within the legislated 30 day time limit. Section 15 of the Privacy Act permits extensions if there is a need for consultations with other government departments, if the search for the requested documents would unreasonably interfere with the operations of the institution or if there is a need to translate the documentation. In total, 348 extensions were applied to requests in 2010-2011.

Due to the nature of the records handled by the Access to Information and Privacy Division, the majority of the extensions requested were to undertake consultations with other government departments such as Citizenship and Immigration Canada, the Royal Canadian Mounted Police and the Department of Foreign Affairs and International Trade (DFAIT). In this matter, extensions were required in 300 instances (86.2%) for consultation. Additionally, extensions were required in 48 instances (13.8%) to search for or through a large volume of records. The Access to Information and Privacy Division did not invoke any extensions for the translation of documents.

Extensions for 2010-2011

Extensions for 2010-2011
Return to Top of Page

Disposition of Requests Completed

Of the 2,808 privacy requests processed in 2010-2011, the Canada Border Services Agency provided full release of the information requested for 18.7% of the requests completed (525 requests). Due to the nature of our work, the most frequent outcome of the requests processed during the reporting period required that exemptions be invoked in 67.6% of the requests (1,897 requests). Only 0.1% of the requests were completely exempted from disclosure (three requests).

For the remaining 13.6% of the requests completed (383 requests), the Canada Border Services Agency was unable to process 9.5% (268 requests). The majority of the cases that fall within this category were requests for which no documentation exists. As well, of the completed requests, 4.1% were abandoned (115 requests). Such an action may occur at any point in the processing of a request. Finally, there were no requests that did not fall under the control of the Canada Border Services Agency or that were compelled by the exclusionary provisions the Privacy Act.

Disposition of Requests Completed

Disposition of Requests Completed
Return to Top of Page

Exemptions Invoked

Sections 18 through 28 of the Privacy Act set out the exemptions intended to protect information pertaining to a particular public or private interest.

While most information is of a sensitive nature, the Canada Border Services Agency is making every effort to release as much information as possible, to remain consistent with the spirit of the Privacy Act. The majority of the exemptions invoked by the Canada Border Services Agency fell under four sections of the Privacy Act. Subsection 22(1)(b), which protects the disclosure of materials that could reasonably be expected to be injurious to the enforcement of any law of Canada or a province or conduct of lawful investigations, was used in 1,505 cases (44.3%). Section 26, which protects information about another individual, was used in 1,019 cases (30%). Section 21, which keeps the disclosure of materials that could reasonably be expected to be injurious to the conduct of international affairs, the defence of Canada or any other state allied or associated with Canada, was used in 447 cases (13.1%). Subsection 19(1)(a), which exempt records of personal information obtained in confidence, was used in 223 cases (6.6%).

In terms of how the Canada Border Services Agency reports exemptions, if five different exemptions were used in one request, one exemption under each relevant section would be reported for a total of five exemptions. If the same exemption was used several times for the same request, it would be reported only once.

Exemptions Invoked

Exemptions Invoked
Return to Top of Page

Exclusions Cited

In 2010-2011, section 70 of the Privacy Act (records considered to be confidences of the Queen's Privy Council of Canada) was invoked twice.

Complaints and Investigations

Section 29(1) of the Privacy Act describes how the Office of the Privacy Commissioner receives and investigates complaints from individuals in respect to their personal information held by a government institution. Examples of complaints the Office of the Privacy Commissioner may choose to investigate include: refusal of access to personal information, an allegation that personal information about them held by a government institution has been miss used or wrongfully disclosed, or if an individual has not been given access to personal information in the official language requested by the individual.

Throughout the 2010-2011 fiscal year, 21 privacy complaints were filed against the Canada Border Services Agency. This number represents less than 0.7% of all the requests completed during this period. This number also represents a slight increase in the number of complaints received in 2009-2010. The complaints received during the fiscal year were related to the following: time delay (seven), application of exemptions or exclusions (12) and miscellaneous reasons (two). There were no complaints for refusal to disclose records or missing information, use and disclose and time extensions.

Raisons of Complaints

Raisons of Complaints

There were 19 active complaints carried over from 2009-2010. The Access to Information and Privacy Division received 21 privacy complaints in 2010-2011. A total of 13 complaints are being carried forward into the 2011-2012 fiscal year. During the 2010-2011 fiscal year, the Office of the Privacy Commissioner resolved 27 privacy complaints with the Canada Border Services Agency.

Raisons of Complaints

Raisons of Complaints

Of the complaints resolved, 15 were well founded, five were not well founded, and seven were not substantiated. Where complaints are substantiated, the matter is reviewed by the delegated managers and processes are adjusted if required. For example, extensions may be reviewed to determine whether the length of time taken was appropriate, given the complexity of the request.

Complaints Closed in 2010-2011
Resolved – well founded 15
Resolve – well founded without recommendations 0
Resolve – not well founded 5
Abandoned/discontinued 0
Not substantiated 7
Total 27
Return to Top of Page

Appeals

There were no appeals to the Federal Court during the 2010-2011 fiscal year.

Conclusion

The year 2010-2011 has seen the Canada Border Services Agency further evolve its capacity to respond to privacy requests while safeguarding access rights. The Canada Border Services Agency's human resource activities have allowed us to retain and develop our privacy expertise. New processes and employees training and outreach have helped streamline our response times in the face of growing volumes and complexity. Challenges remain however, notably in the area of Privacy Impact Assessments. However, implementing measures set out in the Canada Border Services Agency's Privacy Management Framework will help us to meet these and other challenges in the years to come.

Return to Top of Page

Annex A – Delegation Order

President

Privacy Act – Sections
Section Number Section Name Designation order
8(2)(j)

Disclosure of personal information

X
8(2)(m)

Disclosure of personal information

X
8(4)

Copies of requests under paragraph (2)(e) to be retained

X
8(5)

Notice of disclosure under paragraph (2)(m)

X
9

Record of disclosures to be retained / consistent uses

X
10

Personal information to be included in personal information barks

X
14

Notice where access requested

X
15

Extension of time limits

X
16

Where access is refused

X
17

Form of access

X
18

Refuse access – exempt bank

X
19

Exemption – personal information obtained in confience

X
20

Exemption – federal-provincial affairs

X
21

Exemption – international affairs and defence

X
22(1)

Exemption – law enforcement and investigations

X
22(2)

Exemption – policing services for provinces or municipalities

X
23

Exemption – security clearances

X
24

Exemption – individuals sentenced for an offence

X
25

Exemption – safety of individuals

X
26

Exemption – information about another individual

X
27

Exemption – solicitor-client privilege

X
28

Exemption – medical record

X
33

Investigations in private

X
35

Findings and recommendations / access to be given

X
51

Actions relating to international affairs and defence

X

Privacy Regulations – Sections
Section Number Section Name Designation order
9

Examination

X
11

Correction

X
13

Disclosure of information – authorization

X
14

Disclosure of information – examination

X

Executive Vice-President

Privacy Act – Sections
Section Number Section Name Designation order
8(2)(j)

Disclosure of personal information

X
8(2)(m)

Disclosure of personal information

X
8(4)

Copies of requests under paragraph (2)(e) to be retained

X
8(5)

Notice of disclosure under paragraph (2)(m)

X
9

Record of disclosures to be retained / consistent uses

X
10

Personal information to be included in personal information barks

X
14

Notice where access requested

X
15

Extension of time limits

X
16

Where access is refused

X
17

Form of access

X
18

Refuse access – exempt bank

X
19

Exemption – personal information obtained in confience

X
20

Exemption – federal-provincial affairs

X
21

Exemption – international affairs and defence

X
22(1)

Exemption – law enforcement and investigations

X
22(2)

Exemption – policing services for provinces or municipalities

X
23

Exemption – security clearances

X
24

Exemption – individuals sentenced for an offence

X
25

Exemption – safety of individuals

X
26

Exemption – information about another individual

X
27

Exemption – solicitor-client privilege

X
28

Exemption – medical record

X
33

Investigations in private

X
35

Findings and recommendations / access to be given

X
51

Actions relating to international affairs and defence

X

Privacy Regulations – Sections
Section Number Section Name Designation order
9

Examination

X
11

Correction

X
13

Disclosure of information – authorization

X
14

Disclosure of information – examination

X

Admissibility Branch

Vice-President

Privacy Act – Sections
Section Number Section Name Designation order
8(2)(j)

Disclosure of personal information

X
8(2)(m)

Disclosure of personal information

X
8(4)

Copies of requests under paragraph (2)(e) to be retained

X
8(5)

Notice of disclosure under paragraph (2)(m)

X
9

Record of disclosures to be retained / consistent uses

X
10

Personal information to be included in personal information barks

X
14

Notice where access requested

X
15

Extension of time limits

X
16

Where access is refused

X
17

Form of access

X
18

Refuse access – exempt bank

X
19

Exemption – personal information obtained in confience

X
20

Exemption – federal-provincial affairs

X
21

Exemption – international affairs and defence

X
22(1)

Exemption – law enforcement and investigations

X
22(2)

Exemption – policing services for provinces or municipalities

X
23

Exemption – security clearances

X
24

Exemption – individuals sentenced for an offence

X
25

Exemption – safety of individuals

X
26

Exemption – information about another individual

X
27

Exemption – solicitor-client privilege

X
28

Exemption – medical record

X
33

Investigations in private

X
35

Findings and recommendations / access to be given

X
51

Actions relating to international affairs and defence

X

Privacy Regulations – Sections
Section Number Section Name Designation order
9

Examination

X
11

Correction

X
13

Disclosure of information – authorization

X
14

Disclosure of information – examination

X

Strategy and Coordination Branch

Vice-President

Privacy Act – Sections
Section Number Section Name Designation order
8(2)(j)

Disclosure of personal information

X
8(2)(m)

Disclosure of personal information

X
8(4)

Copies of requests under paragraph (2)(e) to be retained

X
8(5)

Notice of disclosure under paragraph (2)(m)

X
9

Record of disclosures to be retained / consistent uses

X
10

Personal information to be included in personal information barks

X
14

Notice where access requested

X
15

Extension of time limits

X
16

Where access is refused

X
17

Form of access

X
18

Refuse access – exempt bank

X
19

Exemption – personal information obtained in confience

X
20

Exemption – federal-provincial affairs

X
21

Exemption – international affairs and defence

X
22(1)

Exemption – law enforcement and investigations

X
22(2)

Exemption – policing services for provinces or municipalities

X
23

Exemption – security clearances

X
24

Exemption – individuals sentenced for an offence

X
25

Exemption – safety of individuals

X
26

Exemption – information about another individual

X
27

Exemption – solicitor-client privilege

X
28

Exemption – medical record

X
33

Investigations in private

X
35

Findings and recommendations / access to be given

X
51

Actions relating to international affairs and defence

X

Privacy Regulations – Sections
Section Number Section Name Designation order
9

Examination

X
11

Correction

X
13

Disclosure of information – authorization

X
14

Disclosure of information – examination

X

Coporate Secretary

Privacy Act – Sections
Section Number Section Name Designation order
8(2)(j)

Disclosure of personal information

X
8(2)(m)

Disclosure of personal information

X
8(4)

Copies of requests under paragraph (2)(e) to be retained

X
8(5)

Notice of disclosure under paragraph (2)(m)

X
9

Record of disclosures to be retained / consistent uses

X
10

Personal information to be included in personal information barks

X
14

Notice where access requested

X
15

Extension of time limits

X
16

Where access is refused

X
17

Form of access

X
18

Refuse access – exempt bank

X
19

Exemption – personal information obtained in confience

X
20

Exemption – federal-provincial affairs

X
21

Exemption – international affairs and defence

X
22(1)

Exemption – law enforcement and investigations

X
22(2)

Exemption – policing services for provinces or municipalities

X
23

Exemption – security clearances

X
24

Exemption – individuals sentenced for an offence

X
25

Exemption – safety of individuals

X
26

Exemption – information about another individual

X
27

Exemption – solicitor-client privilege

X
28

Exemption – medical record

X
33

Investigations in private

X
35

Findings and recommendations / access to be given

X
51

Actions relating to international affairs and defence

X

Privacy Regulations – Sections
Section Number Section Name Designation order
9

Examination

X
11

Correction

X
13

Disclosure of information – authorization

X
14

Disclosure of information – examination

X

Director, Legislative Affairs and ATIP

Privacy Act – Sections
Section Number Section Name Designation order
8(2)(j)

Disclosure of personal information

X
8(2)(m)

Disclosure of personal information

X
8(4)

Copies of requests under paragraph (2)(e) to be retained

X
8(5)

Notice of disclosure under paragraph (2)(m)

X
9

Record of disclosures to be retained / consistent uses

X
10

Personal information to be included in personal information barks

X
14

Notice where access requested

X
15

Extension of time limits

X
16

Where access is refused

X
17

Form of access

X
18

Refuse access – exempt bank

X
19

Exemption – personal information obtained in confience

X
20

Exemption – federal-provincial affairs

X
21

Exemption – international affairs and defence

X
22(1)

Exemption – law enforcement and investigations

X
22(2)

Exemption – policing services for provinces or municipalities

X
23

Exemption – security clearances

X
24

Exemption – individuals sentenced for an offence

X
25

Exemption – safety of individuals

X
26

Exemption – information about another individual

X
27

Exemption – solicitor-client privilege

X
28

Exemption – medical record

X
33

Investigations in private

X
35

Findings and recommendations / access to be given

X
51

Actions relating to international affairs and defence

X

Privacy Regulations – Sections
Section Number Section Name Designation order
9

Examination

X
11

Correction

X
13

Disclosure of information – authorization

X
14

Disclosure of information – examination

X

Manager

Privacy Act – Sections
Section Number Section Name Designation order
8(2)(j)

Disclosure of personal information

X
8(2)(m)

Disclosure of personal information

X
8(4)

Copies of requests under paragraph (2)(e) to be retained

X
8(5)

Notice of disclosure under paragraph (2)(m)

X
9

Record of disclosures to be retained / consistent uses

X
10

Personal information to be included in personal information barks

X
14

Notice where access requested

X
15

Extension of time limits

X
16

Where access is refused

X
17

Form of access

X
18

Refuse access – exempt bank

X
19

Exemption – personal information obtained in confience

X
20

Exemption – federal-provincial affairs

X
21

Exemption – international affairs and defence

X
22(1)

Exemption – law enforcement and investigations

X
22(2)

Exemption – policing services for provinces or municipalities

X
23

Exemption – security clearances

X
24

Exemption – individuals sentenced for an offence

X
25

Exemption – safety of individuals

X
26

Exemption – information about another individual

X
27

Exemption – solicitor-client privilege

X
28

Exemption – medical record

X
33

Investigations in private

X
35

Findings and recommendations / access to be given

X
51

Actions relating to international affairs and defence

X

Privacy Regulations – Sections
Section Number Section Name Designation order
9

Examination

X
11

Correction

X
13

Disclosure of information – authorization

X
14

Disclosure of information – examination

X

Team Leader (ATI)

Privacy Act – Sections
Section Number Section Name Designation order
8(2)(j)

Disclosure of personal information

 
8(2)(m)

Disclosure of personal information

 
8(4)

Copies of requests under paragraph (2)(e) to be retained

 
8(5)

Notice of disclosure under paragraph (2)(m)

 
9

Record of disclosures to be retained / consistent uses

X
10

Personal information to be included in personal information barks

X
14

Notice where access requested

X
15

Extension of time limits

X
16

Where access is refused

X
17

Form of access

X
18

Refuse access – exempt bank

X
19

Exemption – personal information obtained in confience

X
20

Exemption – federal-provincial affairs

X
21

Exemption – international affairs and defence

X
22(1)

Exemption – law enforcement and investigations

X
22(2)

Exemption – policing services for provinces or municipalities

X
23

Exemption – security clearances

X
24

Exemption – individuals sentenced for an offence

X
25

Exemption – safety of individuals

X
26

Exemption – information about another individual

X
27

Exemption – solicitor-client privilege

X
28

Exemption – medical record

X
33

Investigations in private

 
35

Findings and recommendations / access to be given

 
51

Actions relating to international affairs and defence

 

Privacy Regulations – Sections
Section Number Section Name Designation order
9

Examination

X
11

Correction

X
13

Disclosure of information – authorization

X
14

Disclosure of information – examination

X

ATIP Advisor (ATI)

Privacy Act – Sections
Section Number Section Name Designation order
8(2)(j)

Disclosure of personal information

 
8(2)(m)

Disclosure of personal information

 
8(4)

Copies of requests under paragraph (2)(e) to be retained

 
8(5)

Notice of disclosure under paragraph (2)(m)

 
9

Record of disclosures to be retained / consistent uses

 
10

Personal information to be included in personal information barks

 
14

Notice where access requested

 
15

Extension of time limits

X
16

Where access is refused

 
17

Form of access

 
18

Refuse access – exempt bank

 
19

Exemption – personal information obtained in confience

 
20

Exemption – federal-provincial affairs

 
21

Exemption – international affairs and defence

 
22(1)

Exemption – law enforcement and investigations

 
22(2)

Exemption – policing services for provinces or municipalities

 
23

Exemption – security clearances

 
24

Exemption – individuals sentenced for an offence

 
25

Exemption – safety of individuals

 
26

Exemption – information about another individual

 
27

Exemption – solicitor-client privilege

 
28

Exemption – medical record

 
33

Investigations in private

 
35

Findings and recommendations / access to be given

 
51

Actions relating to international affairs and defence

 

Privacy Regulations – Sections
Section Number Section Name Designation order
9

Examination

 
11

Correction

 
13

Disclosure of information – authorization

 
14

Disclosure of information – examination

 

Operations Branch

Vice-President

Privacy Act – Sections
Section Number Section Name Designation order
8(2)(j)

Disclosure of personal information

X
8(2)(m)

Disclosure of personal information

X
8(4)

Copies of requests under paragraph (2)(e) to be retained

X
8(5)

Notice of disclosure under paragraph (2)(m)

X
9

Record of disclosures to be retained / consistent uses

X
10

Personal information to be included in personal information barks

X
14

Notice where access requested

X
15

Extension of time limits

X
16

Where access is refused

X
17

Form of access

X
18

Refuse access – exempt bank

X
19

Exemption – personal information obtained in confience

X
20

Exemption – federal-provincial affairs

X
21

Exemption – international affairs and defence

X
22(1)

Exemption – law enforcement and investigations

X
22(2)

Exemption – policing services for provinces or municipalities

X
23

Exemption – security clearances

X
24

Exemption – individuals sentenced for an offence

X
25

Exemption – safety of individuals

X
26

Exemption – information about another individual

X
27

Exemption – solicitor-client privilege

X
28

Exemption – medical record

X
33

Investigations in private

X
35

Findings and recommendations / access to be given

X
51

Actions relating to international affairs and defence

X

Privacy Regulations – Sections
Section Number Section Name Designation order
9

Examination

X
11

Correction

X
13

Disclosure of information – authorization

X
14

Disclosure of information – examination

X

Regional Directors General

Privacy Act – Sections
Section Number Section Name Designation order
8(2)(j)

Disclosure of personal information

X
8(2)(m)

Disclosure of personal information

 
8(4)

Copies of requests under paragraph (2)(e) to be retained

 
8(5)

Notice of disclosure under paragraph (2)(m)

 
9

Record of disclosures to be retained / consistent uses

 
10

Personal information to be included in personal information barks

 
14

Notice where access requested

 
15

Extension of time limits

 
16

Where access is refused

 
17

Form of access

 
18

Refuse access – exempt bank

 
19

Exemption – personal information obtained in confience

 
20

Exemption – federal-provincial affairs

 
21

Exemption – international affairs and defence

 
22(1)

Exemption – law enforcement and investigations

 
22(2)

Exemption – policing services for provinces or municipalities

 
23

Exemption – security clearances

 
24

Exemption – individuals sentenced for an offence

 
25

Exemption – safety of individuals

 
26

Exemption – information about another individual

 
27

Exemption – solicitor-client privilege

 
28

Exemption – medical record

 
33

Investigations in private

 
35

Findings and recommendations / access to be given

 
51

Actions relating to international affairs and defence

 

Privacy Regulations – Sections
Section Number Section Name Designation order
9

Examination

 
11

Correction

 
13

Disclosure of information – authorization

 
14

Disclosure of information – examination

 

Directors General

Privacy Act – Sections
Section Number Section Name Designation order
8(2)(j)

Disclosure of personal information

X
8(2)(m)

Disclosure of personal information

 
8(4)

Copies of requests under paragraph (2)(e) to be retained

 
8(5)

Notice of disclosure under paragraph (2)(m)

 
9

Record of disclosures to be retained / consistent uses

 
10

Personal information to be included in personal information barks

 
14

Notice where access requested

 
15

Extension of time limits

 
16

Where access is refused

 
17

Form of access

 
18

Refuse access – exempt bank

 
19

Exemption – personal information obtained in confience

 
20

Exemption – federal-provincial affairs

 
21

Exemption – international affairs and defence

 
22(1)

Exemption – law enforcement and investigations

 
22(2)

Exemption – policing services for provinces or municipalities

 
23

Exemption – security clearances

 
24

Exemption – individuals sentenced for an offence

 
25

Exemption – safety of individuals

 
26

Exemption – information about another individual

 
27

Exemption – solicitor-client privilege

 
28

Exemption – medical record

 
33

Investigations in private

 
35

Findings and recommendations / access to be given

 
51

Actions relating to international affairs and defence

 

Privacy Regulations – Sections
Section Number Section Name Designation order
9

Examination

 
11

Correction

 
13

Disclosure of information – authorization

 
14

Disclosure of information – examination

 

Enforcement Branch

Vice-President

Privacy Act – Sections
Section Number Section Name Designation order
8(2)(j)

Disclosure of personal information

X
8(2)(m)

Disclosure of personal information

X
8(4)

Copies of requests under paragraph (2)(e) to be retained

X
8(5)

Notice of disclosure under paragraph (2)(m)

X
9

Record of disclosures to be retained / consistent uses

X
10

Personal information to be included in personal information barks

X
14

Notice where access requested

X
15

Extension of time limits

X
16

Where access is refused

X
17

Form of access

X
18

Refuse access – exempt bank

X
19

Exemption – personal information obtained in confience

X
20

Exemption – federal-provincial affairs

X
21

Exemption – international affairs and defence

X
22(1)

Exemption – law enforcement and investigations

X
22(2)

Exemption – policing services for provinces or municipalities

X
23

Exemption – security clearances

X
24

Exemption – individuals sentenced for an offence

X
25

Exemption – safety of individuals

X
26

Exemption – information about another individual

X
27

Exemption – solicitor-client privilege

X
28

Exemption – medical record

X
33

Investigations in private

X
35

Findings and recommendations / access to be given

X
51

Actions relating to international affairs and defence

X

Privacy Regulations – Sections
Section Number Section Name Designation order
9

Examination

X
11

Correction

X
13

Disclosure of information – authorization

X
14

Disclosure of information – examination

X
Return to Top of Page

Annex B – Statistical Reports

Report on the Privacy Act

Institution
Canada Border Services Agency
Reporting period
2010-04-01 to 2011-03-31

Requests under the Privacy Act
Received during reporting period 2896
Outstanding from previous period 220
TOTAL 3116
Completed during reporting period 2808
Carried forward 308

Dispositon of request completed
1. All disclosed 525
2. Disclosed in part 1897
3. Nothing disclosed (excluded) 0
4. Nothing disclosed (exempt) 3
5. Unable to process 268
6. Abandoned by applicant 115
7. Transferred 0
TOTAL 2808

Exemptions invoked
S. Art. 18(2) 0
S. Art. 19(1)(a) 223
S. Art. 19(1)(b) 30
S. Art. 19(1)(c) 41
S. Art. 19(1)(d) 65
S. Art. 20 0
S. Art. 21 447
S. Art. 22(1)(a) 32
S. Art. 22(1)(b) 1505
S. Art. 22(1)(c) 10
S. Art. 22(2) 2
S. Art. 23 (a) 0
S. Art. 23 (b) 0
S. Art. 24 1
S. Art. 25 1
S. Art. 26 1019
S. Art. 27 25
S. Art. 28 0

Exclusions cited
S. Art. 69(1)(a) 0
S. Art. 69(1)(b) 0
S. Art. 70(1)(a) 0
S. Art. 70(1)(b) 0
S. Art. 70(1)(c) 0
S. Art. 70(1)(d) 0
S. Art. 70(1)(e) 2
S. Art. 70(1)(f) 0

Completion time
30 days or under 2363
31 to 60 days 337
61 to 120 days 76
121 days or over 32

Extensions
  30 days or under 31 days or over
Interference with operations 48 0
Consultation 300 0
Translation 0 0
TOTAL 348 0

Translations
Translations requested 0
Translations prepared English to French 0
French to English 0

Method of access
Copies given 2422
Examination 0
Copies and examination 0

Corrections and notation
Corrections requested 1
Corrections made 0
Notation attached 0

Costs
Financial (all reasons)
Salary $ 1,649,199.51
Administration (O and M) $ 358,832.03
TOTAL $ 2, 008,031.54
Person year utilization (all reasons)
Person year (decimal format) 24.81
Return to Top of Page

Annex C – Additional Reporting Requirements

Additional Reporting Requirements

Privacy Act

Treasury Board Secretariat is monitoring compliance with the Privacy Impact Assessment (PIA) Policy (which came into effect on May 2, 2002) and the Directive on Privacy Impact Assessment (which takes effect April 1, 2010) through a variety of means. Institutions are therefore required to report the following information for this reporting period.

Indicate the number of:

  • Preliminary Privacy Impact Assessments initiated: 0
  • Preliminary Privacy Impact Assessments completed: 0
  • Privacy Impact Assessments initiated: 10
  • Privacy Impact Assessments completed: 2
  • Privacy Impact Assessments forwarded to the Office of the Privacy Commissioner (OPC): 2

If your institution did not undertake any of the activities noted above during the reporting period, this must be stated explicitly.

Exemptions invoked:

  • Paragraph 19(1)(e): 0
  • Paragraph 19(1)(f): 0
  • Paragraph 22.1: 0
  • Paragraph 22.2: 0
  • Paragraph 22.3: 0

Exclusions cited:

  • Subsection 69.1: 0
  • Subsection 70.1: 0

To access the Portable Document Format (PDF) version you must have a PDF reader installed. If you do not already have such a reader, there are numerous PDF readers available for free download or for purchase such as: