Canada Border Services Agency
Symbol of the Government of Canada

ARCHIVED - Access to Information Act

CBSA Annual Report
2008-2009

Warning This page has been archived.

Archived Content

Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Table of Contents

Return to Top of Page

Access to Information Act Report

Introduction

As part of the Public Safety portfolio, the Canada Border Services Agency (CBSA) is responsible for providing integrated border services that support national security priorities and facilitate the free flow of people and goods, including food, plants and animals, across the border.

On April 1, 2004, the CBSA established the Access to Information and Privacy (ATIP) Section. This Section was staffed with six employees based on an estimated annual workload of between 250 and 350 requests. During the 2008–2009 fiscal year, the CBSA received 1,155 requests under the Access to Information Act and 1,140 requests under the Privacy Act. These requests were more numerous than in previous years, and the Agency was able to improve compliance with legislated time frames while managing this challenging workload.

ATIP Responsibilities

The CBSA's ATIP and Disclosure Policy Division replaced the ATIP Section. The Division is part of the Corporate Secretariat and is responsible for the administration of the Access to Information Act and the Privacy Act, as well as for the provision of policy direction on the disclosure authorities referred to in the program legislation (e.g. section 107 of the Customs Act). The Director of the Division is the ATIP Coordinator for the CBSA. Three managers report to the Director. During the 2007–2008 fiscal year, the Division was reorganized and now includes two production units to process requests and a policy and training unit. In total, 47 persons were employed in the Division as of March 31, 2009. Of these, four were consultants who were engaged on a temporary basis. The Division will continue to reduce its reliance on consultants by completing competitive staffing processes.

Administration of the Access to Information Act

Return to Top of Page

Delegation order

The Director of the ATIP and Disclosure Policy Division and all the ATIP managers are fully delegated under the Access to Information Act. See Annex A for a copy of the delegation order under the Act.

Return to Top of Page

Statistical report

During the 2008–2009 fiscal year, the CBSA received 1,155 new requests under the Access to Information Act. This was more than a 12% increase compared to the 2007–2008 fiscal year. In addition, 157 requests were carried forward from the previous fiscal year for a total of 1,312 requests. The CBSA completed a total of 1,148 Access to Information Act requests, just slightly less than it received. Accordingly, the Agency carried forward 164 requests into the 2009–2010 fiscal year.

Of the 1,148 Access to Information Act requests that were completed during the 2008–2009 fiscal year, 95.1% were completed within the statutory time frames.

The majority of requests were received from the public (75%), followed by the media (12%), business (12%), and organizations (1%).

Return to Top of Page

Summary of changes

As part of an action plan to improve compliance with ATIP legislation and the management of the ATIP function, CBSA procedures and guidelines were reviewed and revised to support the timely processing of requests. Existing CBSA case management procedures and administrative policies will be further reviewed in the 2009–2010 fiscal year to ensure that they reflect proposed changes to the Treasury Board's administrative policies.

The CBSA created an intranet section that provides the following:

  • the roles and responsibilities of the ATIP function;
  • ATIP-related policies and procedures;
  • contact information for the ATIP and Disclosure Policy Division and for ATIP liaison officers; and
  • links to the Office of the Information Commissioner of Canada (OIC), the Office of the Privacy Commissioner of Canada (OPC) and relevant Treasury Board of Canada Secretariat (TBS) sites.

On February 26, 2009, the OIC tabled a special report entitled Report Cards 2007-2008 and Systemic Issues Affecting Access to Information in Canada. In the report, the OIC made eight recommendations to the CBSA to improve the CBSA's compliance with the Access to Information Act. The CBSA is responding positively to all of the OIC's recommendations.

The OIC recommendations and the CBSA responses are as follows:

  1. The CBSA should allocate adequate resources on a permanent basis to its access to information office, considering its overall workload (access requests and requests for consultation), to avoid undue delay in processing access requests.
    • Response
      The CBSA is committed to respecting the requirements of the Access to Information Act. The Agency will review operational requirements and adjust resource requirements as necessary.
  2. In light of the Treasury Board policy on mandatory consultations for information related to law enforcement and penal institutions, the CBSA should review its case management framework to ensure that dedicated resources are assigned to handling all these requests for consultation to avoid undue delays in processing them.
    • Response
      With respect to mandatory consultations, the CBSA will further streamline the assignment of new requests to take advantage of the experience of existing staff, while it trains and supports new members of the Access to Information, Privacy and Disclosure Policy Division.
  3. The CBSA access to information office should review the criteria it uses to invoke time extensions under subsection 9(1) of the Access to Information Act to determine the length of these extensions and ensure they are reasonable and legitimate.
    • Response
      The CBSA will ensure its internal policy direction is respected, that is, extensions are to be reasonable and justifiable. It will continue to be informed by the findings of the Office of the Information Commissioner when they process formal complaints — when the use of extensions has been an issue, or otherwise.
  4. The CBSA should undertake to avoid delaying the processing of categorized access requests and should measure the actual time it takes to complete these requests as well as any resulting delays.
    • Response
      The CBSA agrees and has already established policy direction that requires that review processes should not cause processing delays. The policy is widely available on the CBSA Intranet. The issue of delay is also raised during ATIP awareness sessions.
  5. The access to information office, when it closes access request files related to outstanding mandatory consultations, should inform requesters that additional records may be forthcoming, that they will be informed of the outcome of the consultation requests even though no additional records may be released and that they have the right to complain to the OIC.
    • Response
      The CBSA informs requesters when another institution may have additional records that are relevant to a request. It informs requesters that they have a right to complain when exemptions have been taken.
  6. The access to information office should review the current timelines in place and track more systematically the average number of days taken to complete each stage of the access process to ensure requests are being responded to in a timely manner.
    • Response
      The CBSA supports the recommendation and will provide further guidance to staff to ensure data are properly captured, so that the CBSA is able to properly assess whether its standards are being met.
  7. The access to information office should document on their request files, at the time the request is processed, justifications for taking an extension. These justifications should include detailed rationale for being invoked.
    • Response
      The CBSA supports the recommendation and will provide further guidance to staff to ensure that rationales for taking an extension are noted in the case management system. However, we note that at times the rationale may be evident when considering the nature of the materials and the exemption being invoked.
  8. The access to information office should provide the Information Commissioner a notice pursuant to subsection 9(2) every time it extends a request beyond 30 days.
    • Response
      The CBSA will provide further guidance to staff to ensure that the legislated requirement of providing the Information Commissioner with information about extensions that are longer than 30 days is met in a timely manner. The CBSA has made modifications to its ATIP software to facilitate this requirement.
Return to Top of Page

Training

The ATIP and Disclosure Policy Division provided more than 80 training and awareness sessions to more than 1,000 CBSA employees during the 2008–2009 fiscal year. The policy and training unit continues to update and develop the course material, and additional sessions are being scheduled for the 2009–2010 fiscal year.

Training for ATIP employees during the 2008–2009 fiscal year was a combination of internal and external training. The internal sessions, which were available to all ATIP employees, focused on the following: the report card recommendations and the CBSA's responses, the appropriate use of case management and redaction software, the impact of the TBS's policy suite renewal, and awareness of CBSA program activities. Some ATIP employees also participated at the annual Canadian Access and Privacy Association conference and took Canada School of Public Service/TBS-sponsored ATIP courses. Employees were also provided with ongoing mentoring by senior analysts, team leaders and managers.

As part of the recommendations for improving the ATIP function at the CBSA, all employees are being encouraged to take ATIP courses from the TBS, the Canada School of Public Service or other sources as part of their individual learning plans.

The ATIP and Disclosure Policy Division organized a second annual conference, the ATIP Learning Event, for the Agency's ATIP liaison officers. The conference received positive reviews from participants.

Return to Top of Page

Complaints

During the 2008–2009 fiscal year, the CBSA received 48 new access to information complaints; a slight decrease in the number of complaints received during the previous fiscal year.

The complaints received during the fiscal year were for time delay (7), refusal to disclose (9), the application of exemptions (13), miscellaneous reasons (3) and time extensions (16).

There were 60 active complaints in the OIC inventory that were carried forward from previous years.

During the 2008–2009 fiscal year, the OIC resolved 40 access to information complaints against the CBSA (15 for extensions, 10 for time delay, 7 for applied exemptions, 5 for refusal to disclose, 2 for miscellaneous reasons and 1 for use and disclosure). Of the complaints resolved, 16 were well founded, 13 were abandoned or discontinued and 11 were not substantiated. Sixty-eight complaints are being carried forward into the 2009–2010 fiscal year. Where complaints are substantiated, the matter is reviewed by the delegated managers and processes are adjusted as may be required.

Complaints in 2008–2009
Total inventory 108
Carried forward from 2007–2008 60
New complaints in 2008–2009 48

Complaints closed in 2008–2009
Total 40
Carried forward to 2009–2010 68
Resolved – well founded 60
Abandoned/discontinued 13
Not substantiated 11

Reasons for complaints in 2008–2009 Complaints received
Total 48
Refusal 9
Time delay 7
Time extension 16
Fees 0
Application of exemption 13
Miscellaneous reasons 3
Return to Top of Page

Appeals

There were no access to information appeals to the courts during the 2008–2009 fiscal year.

Return to Top of Page

Privacy Act Report

Introduction

As part of the Public Safety portfolio, the CBSA is responsible for providing integrated border services that support national security priorities and facilitate the free flow of people and goods, including food, plants and animals, across the border.

On April 1, 2004, the CBSA established the ATIP Section. The Section was staffed with six employees based on an estimated annual workload of between 250 and 350 requests. During the 2008–2009 fiscal year, the CBSA received 1,155 requests under the Access to Information Act and 1,140 requests under the Privacy Act. These requests were more numerous than in previous years, and the Agency was able to improve compliance with legislated time frames while managing this challenging workload.

ATIP Responsibilities

The CBSA's ATIP and Disclosure Policy Division replaced the ATIP Section. The Division is part of the Corporate Secretariat and is responsible for the administration of the Access to Information Act and the Privacy Act, as well as for the provision of policy direction on the disclosure authorities referred to in the program legislation (e.g. section 107 of the Customs Act). The Director of the Division is the ATIP Coordinator for the CBSA. Three managers report to the Director. During the 2007–2008 fiscal year, the Division was reorganized and now includes two production units to process requests and a policy and training unit. In total, 47 persons were employed in the Division as of March 31, 2009. Of these, four were consultants who were engaged on a temporary basis. The Division will continue to reduce its reliance on consultants by completing competitive staffing processes.

Administration of the Privacy Act

Return to Top of Page

Delegation order

The Director of the ATIP and Disclosure Policy Division and all ATIP managers and team leaders have delegated authority under the Privacy Act. See Annex A for a copy of the delegation order under the Act.

Return to Top of Page

Statistical report

During the 2008–2009 fiscal year, the CBSA received 1,140 new requests under the Privacy Act. This was an increase of 23% from the 2007–2008 fiscal year. In addition, 127 requests were carried forward from the 2007–2008 fiscal year for a total of 1,267 requests in the 2008–2009 fiscal year. The CBSA completed a total of 1,089 Privacy Act requests. Accordingly, the Agency carried forward 178 requests into the 2009–2010 fiscal year.

Of the 1,089 Privacy Act requests that were completed during the 2008–2009 fiscal year, 89.6% were completed within the statutory time frames.

See Annex B (PDF, 74 KB) for the CBSA's statistical report on the Privacy Act.

Return to Top of Page

Summary of changes

As part of an action plan to improve compliance with ATIP legislation and the management of the ATIP function, CBSA procedures and guidelines were reviewed and revised to support the timely processing of requests. Existing CBSA case management procedures and administrative policies will be further reviewed in the 2009–2010 fiscal year to ensure that they reflect proposed changes to the Treasury Board's administrative policies.

The CBSA created an intranet section that provides the following:

  • the roles and responsibilities of the ATIP function;
  • ATIP-related policies and procedures;
  • contact information for the ATIP and Disclosure Policy Division and for ATIP liaison officers; and
  • links to the OIC, the OPC and relevant TBS sites.

The Security and Professional Standards Directorate has initiated a series of educational programs to enhance the security awareness of all CBSA employees. This includes messages concerning the Government Security Policy that are posted on the intranet site and activities in support of Security Awareness Week, such as security sweeps. Furthermore, to ensure that all employees have basic knowledge of security requirements, the Directorate, in partnership with the Innovation, Science and Technology Branch and the Human Resources Branch, is planning to introduce mandatory online security awareness training for all employees in 2009. These initiatives will support the administration of the Privacy Act by ensuring the appropriate safeguarding of protected information.

In addition, the CBSA is continuing to encourage employees to attend ATIP-related information seminars.

Allegations of inappropriate use of, access to or disclosure of information protected by related legislation are carefully reviewed. Senior management is continuing to provide appropriate leadership and oversight.

Return to Top of Page

Major changes

In June 2006, the OPC released its findings related to an audit of the personal information management practices of the CBSA. To respond to the recommendations of the audit, the CBSA is establishing a Privacy Management Framework (PMF). The Framework will strengthen the Agency's information sharing and management practices. The components and proposed governance structure of the PMF have been identified and a gap analysis is under way. The CBSA will work with the OPC and the TBS as the PMF and related tools are developed.

Return to Top of Page

Privacy Impact Assessments (PIAs) and Preliminary Privacy Impact Assessments (PPIAs)

National Integrated Interagency Information (N-III) program and the integrated query tool component – Addendum B – CBSA PIA

The N-III program led by Public Safety Canada and the RCMP promotes information sharing and interoperability between member agencies by providing technology that supports the intelligence sharing efforts of Canadian police services and public safety and security departments or agencies. The N-III program is intended to provide a mechanism for the Canadian law enforcement and public safety and security community that will improve information sharing as it relates to public safety, national security enforcement, law enforcement, and the detection, prevention or suppression of crime.

The integrated query tool has been developed and is owned by the RCMP. The tool supports secure law enforcement information-sharing with public safety and security departments or agencies. Access to the tool will allow CBSA investigations and intelligence officers to query and retrieve an index of information related to individuals and vehicles in accordance with the CBSA's legislated mandate; access to the tool will also support CBSA investigative and intelligence functions. This PIA falls under the overarching PIA that was submitted to the OPC by Public Safety Canada.

Please read the executive summary of the PIA for more information.

Enhanced driver's licences and enhanced identification cards – Full implementation (PIA update)

Enhanced driver's licence (EDL) and enhanced identification card (EIC) programs have been implemented by some Canadian provinces to provide people with an alternative document that is acceptable under the U.S. Western Hemisphere Travel Initiative. The provincial programs have been developed in partnership with the CBSA and Citizenship and Immigration Canada (CIC) to allow holders to present their EDL/EIC as a single document to denote their identity and citizenship when they wish to enter the United States by land or water. As part of the EDL/EIC program, the CBSA will retain specific EDL/EIC information in a secure CBSA database in Canada. When a holder presents his or her EDL/EIC for admission into the United States, the U.S. system will request the cardholder's information from the CBSA system that will in turn transmit the information to the United States.

The PIA was originally presented to the OPC in January 2008 and was revised during the 2008–2009 fiscal year to reflect the recommendations made by the OPC, particularly with regard to the sharing and retention of Canadian EDL/EIC information.

An executive summary of the PIA will be posted online in the near future.

Transit Without Visa program – PPIA

The Transit Without Visa (TWOV) pilot program facilitates the transit of Philippine, Indonesian, Thai or Taiwanese citizens, who possess a valid U.S. visa and are travelling on an approved air carrier, through Vancouver International Airport as they travel to and from the United States. The CBSA and CIC are continuing to work with stakeholders on the implementation of the TWOV program.

Return to Top of Page

Data matching/sharing activities

The CBSA has not initiated any data matching projects or programs during the 2008–2009 fiscal year. 

Data sharing activities at the CBSA respect existing legislative authorities and are undertaken, as necessary, to ensure that the CBSA can fulfill its mandate. For example, the National Risk Assessment Centre provides the appropriate CBSA officials with information on certain travellers who are transiting through Canada to another country to enable the officials to assess any associated risks.

Return to Top of Page

Training

The ATIP and Disclosure Policy Division provided more than 80 training and awareness sessions to over 1,000 CBSA employees during the 2008–2009 fiscal year. The policy and training unit continues to update and develop the course material, and additional sessions are being scheduled for the 2009–2010 fiscal year.

Training for ATIP employees during the 2008–2009 fiscal year was a combination of internal and external training. The internal sessions, which were available to all ATIP employees, focused on the following: the report card recommendations and the CBSA's responses, the appropriate use of case management and redaction software, the impact of the TBS's policy suite renewal, and awareness of CBSA program activities. Some ATIP employees also participated at the annual Canadian Access and Privacy Association conference and took Canada School of Public Service/TBS-sponsored ATIP courses. Employees were also provided with ongoing mentoring by senior analysts, team leaders and managers.

As part of the recommendations for improving the ATIP function at the CBSA, all employees are being encouraged to take ATIP courses from the TBS, the Canada School of Public Service or other sources as part of their individual learning plans.

The ATIP and Disclosure Policy Division organized a second annual conference, the ATIP Learning Event, for the Agency's ATIP liaison officers. The conference received positive reviews from participants.

Return to Top of Page

Disclosures made pursuant to paragraph 8(2)(e) of the Privacy Act

During the 2008–2009 fiscal year, more than 65 disclosures pursuant to paragraph 8(2)(e) of the Privacy Act were made by the CBSA to investigative bodies. Disclosures often occur in the regional offices. New protocols to track disclosures made under the provisions of subsection 8(2) are being developed and should be implemented during the 2009–2010 fiscal year. The need for the better tracking of disclosures will be addressed by the development of the PMF.

Return to Top of Page

Disclosures made pursuant to paragraph 8(2)(f) of the Privacy Act

During the 2008–2009 fiscal year, disclosures pursuant to paragraph 8(2)(f) of the Privacy Act were made by the CBSA to other federal departments, the provinces and foreign governments. These disclosures were completed under the terms of various memoranda of understanding and agreements with the CBSA's partners.

Return to Top of Page

Disclosures made pursuant to paragraph 8(2)(g) of the Privacy Act

During the 2008–2009 fiscal year, more than 100 disclosures pursuant to paragraph 8(2)(g) of the Privacy Act were made by the CBSA to members of Parliament to assist individuals in resolving problems.

Return to Top of Page

Disclosures made pursuant to paragraph 8(2)(m) of the Privacy Act

During the 2008–2009 fiscal year, no disclosures pursuant to paragraph 8(2)(m) of the Privacy Act were made by the CBSA.

Return to Top of Page

Complaints

The 31 complaints received during the 2008–2009 fiscal year were for time delay (3), general reasons (6), applied exemptions (20), miscellaneous reasons (1) and use and disclosure (1). These complaints were in addition to the 35 complaints carried forward from the 2007–2008 fiscal year.

During the 2008–2009 fiscal year, the OPC resolved 31 complaints. Of the complaints resolved, 19 were well founded, 9 were not substantiated and 3 were abandoned or discontinued. At the end of the 2008–2009 fiscal year, the OPC continued to actively investigate 35 complaints related to the management of requests under the Privacy Act.

Complaints in 2008–2009
Total inventory 66
Carried forward from 2007–2008 35
New complaints in 2008–2009 31

Complaints closed in 2008–2009
Total 31
Carried forward to 2009–2010 35
Resolved – well founded 19
Abandoned/discontinued 3
Not substantiated 9

Reasons for complaints in 2008–2009 Complaints received
Total 31
General reasons 6
Time delay 3
Time extension 0
Use and disclosure 1
Application of exemption 20
Miscellaneous reasons 1
Return to Top of Page

Appeals

There were no privacy appeals to the courts during the 2008–2009 fiscal year.



To access the Portable Document Format (PDF) version you must have a PDF reader installed. If you do not already have such a reader, there are numerous PDF readers available for free download or for purchase such as: