Privacy Impact Assessment Executive Summary – Phase I Entry/Exit

Perimeter security and economic competitiveness

In 2011, Canada and the United States (U.S.) issued the Beyond the Border: A Shared Vision for Perimeter Security and Economic Competitiveness which establishes a new long-term partnership built upon a perimeter approach to security and economic competitiveness and subsequently, the Perimeter Security and Economic Competitiveness Action Plan (Action Plan) which sets out the joint Canada – United States priorities for achieving this vision.  As part of delivering on its commitments in the Action Plan, Canada and the U.S. are undertaking the Entry/Exit Initiative.

The Entry/Exit Initiative builds upon the Canada Border Services Agency's (CBSA) mandate to provide integrated border services that support national security and public safety priorities and facilitate the free flow of persons and goods.

The objectives of the Entry/Exit Initiative are to establish a common and integrated approach to border management and to support the integrity of Canada's immigration program.

The coordinated investments in entry and exit systems will allow the Government of Canada to better manage access to Canada from a security perspective, increase the effectiveness of its border management and enable targeted policy development and implementation in the future.

Meeting the objectives of the Entry/Exit Initiative will be accomplished through targeted investments in technology and infrastructure and a phased approach to the exchange of biographic Footnote 1 (i.e. name, citizenship) entry information.  Three phases are applicable to travellers crossing the Canada-United States (U.S.) land border, consisting of the development of a system to exchange biographic information, such that a record of entry into one country could be considered as a record of an exit from the other.  A fourth phase of the  Entry/Exit Initiative will be the collection of biographic exit information on travellers in the air environment using outbound passenger manifests received from the airlines. The Entry/Exit Initiative is outlined in the Action Plan and is summarized as follows:

  • (Phase I) By September 30, 2012: the implementation of a proof of concept to exchange the biographical data of third-country nationals, permanent residents of Canada and lawful permanent residents of the United States, at two to four Footnote 2 automated common land border ports of entry;
  • (Phase II) By June 30, 2013, the implementation of the Entry/Exit Initiative exchanging the data of third-country nationals, permanent residents of Canada and lawful permanent residents of the United States, at all automated common land border ports of entry;
  • (Phase III) By June 30, 2014, the expansion of the Entry/Exit Initiative to include the exchange of data on all travellers at all automated common land border ports of entry; and
  • (Phase IV) With respect to air travel, by June 30, 2014, Canada will develop a system, under the Entry/Exit Initiative, to establish exit, similar to that in the United States, under which airlines will be required to submit their passenger manifest information on outbound international flights.

Exploratory work will be conducted for the future integration of entry and exit information systems for the marine and rail modes.

This Privacy Impact Assessment (PIA) is specific to Phase I of the Entry/Exit Initiative (hereinafter referred to as Phase I).  Subsequent phases may be applicable to additional categories of individuals, and may include additional personal information elements and additional uses for the information.  Prior to each phase being implemented, there will be additional privacy analysis.

Phase I is a proof of concept which will enable both governments to obtain information, evaluate the validity of the information sharing concept for statistical and analytical purposes, and identify the steps necessary in developing future technology and other improvements to subsequent phases of the Initiative.  In Phase I, no additional uses for the information will be permitted, unless required by law.

Phase I is scheduled for implementation by September 30, 2012 and will include exchanging the data of third-country nationals Footnote 3 , permanent residents of Canada and lawful permanent residents of the U.S. at four automated common land border ports of entry.

The ports of entry are:

Canada United States
Pacific Highway, Surrey, British Columbia Pacific Highway, Blaine, Washington
Douglas (Peace Arch), Surrey, British Columbia Peace Arch, Blaine, Washington
Queenston-Lewiston Bridge, Niagara-on-the-Lake, Ontario Lewiston-Queenston Bridge, Lewiston, New York
Rainbow Bridge, Niagara Falls, Ontario Rainbow Bridge, Niagara Falls, New York

Process, data exchange and timeframe:

Entry information is routinely collected by the CBSA Border Services Officers (BSOs) and exit (U.S. entry) information by U.S. Customs and Border Protection (CBP) Officers as a regular course of business when travellers present themselves seeking entry into either country.

At entry, each country presently collects the following data elements agreed upon for the Phase I exchange: Name, Date of Birth, Nationality/Citizenship, Gender, Document information (type, number and country of issuance).  The only pieces of information to be exchanged, which are not already known to the receiving country, will be the date/time of entry and the port through which the individual has entered.

An extract of this data, collected during the September 30, 2012 to January 31, 2013 time period, will be exchanged.  The first data exchange is expected in mid-October, 2012 with subsequent data transfers to occur until the two countries have shared approximately ninety (90) days of relevant entry data collected over the agreed upon time period.

Canadian data is stored in the CBSA's Passage History database and the transfer mechanism for the data exchange is an existing secure line between Canada and the U.S.

The exchanged data will only be used to determine the ability to reconcile exit data to data previously collected, as entry data, for those same individuals as well as for statistical and analytical purposes to support the development of future technology, and other improvements in subsequent phases of the Entry/Exit Initiative.

Legal and policy authorities for the collection, use and disclosure:

  • Canada Border Services Agency Act, paragraph 5(1)
  • Immigration and Refugee Protection Act, subsections 4(2), 20(1)(b) and 28(1)
  • Privacy Act, section 4 and subsection 8(2)
  • The Statement of Mutual Understanding (SMU) on Information Sharing, implemented in February 2003.
  • Beyond the Border: A Shared Vision for Perimeter Security and Economic Competitiveness Action Plan.

As a result of the analysis of the privacy related elements of Phase I of the Entry/Exit Initiative, addressed in this PIA, the CBSA is implementing the following to enhance the privacy protections of the personal information:

  • Signing a bilateral Letter of Intent (LOI) Footnote 4 with the United States Department of Homeland Security (which is consistent with the Beyond the Border Action Plan Statement of Privacy Principles by the United States and Canada) to document the roles and responsibilities of each participant;
  • Registering a personal information bank (PIB) specific to the Entry/Exit Initiative with Treasury Board for publication in Info Source;
  • Limiting the data elements being shared strictly to those that are required to identify an individual and complete the reconciliation exercise;
  • Strictly controlling access to the internal database holding the information;
  • Encrypting the information exchanged between Canada and the U.S. during transmission;
  • Providing general notice via a series of communication vehicles, ranging from press announcements through to the publication of the bilateral LOI.
Privacy Impact Assessment Summary Table
Privacy Impact Assessment Date / Version: 2012-09-26
Office of the Privacy Commissioner file #:  
Federal Institution: Canada Border Services Agency (CBSA)
Related Class of Record Number: CBSA ENF 129
Personal Information Bank: CBSA PPU 1202
Government Official Responsible for PIA: Cathy Munroe, Vice President, Program
Delegate for section 10 of the Privacy Act: Dan Proulx
Director, ATI and Privacy Division
410 Laurier Avenue West, 10th Floor
Ottawa, Ontario  K1A 0L8
Telephone: 613-941-7431
Facsimile: 613-957-6408
ATIP.AIPRP2@cbsa-asfc.gc.ca

Risk identification and categorization

The core PIA must include a completed risk identification and categorization section as outlined below. To have consistent risk categories and risk measurement across government institutions, standardized risk areas (itemized below) and a common risk scale are to be maintained as the basis for risk analysis.

The numbered risk scale is presented in an ascending order: the first level (1) represents the lowest level of potential risk for the risk area; the fourth level (4) represents the highest level of potential risk for the given risk area.

The greater the number of risk areas identified as level 3 or 4, the more likely it is that specific risk areas will need to be addressed in a more comprehensive manner.

a) Type of program or activity Risk scale
Program or activity that does NOT involve a decision about an identifiable individual 1
b) Type of personal information involved and context Risk scale
Only personal information, with no contextual sensitivities, collected directly from the individual or provided with the consent of the individual for disclosure under an authorized program. N/A
Personal information, with no contextual sensitivities after the time of collection, provided by the individual with consent to also use personal information held by another source. N/A
Social Insurance Number, medical, financial or other sensitive personal information or the context surrounding the personal information is sensitive; personal information of minors or of legally incompetent individuals or involving a representative acting on behalf of the individual. N/A
Sensitive personal information, including detailed profiles, allegations or suspicions and bodily samples, or the context surrounding the personal information is particularly sensitive. N/A
c) Program or activity partners and private sector involvement Risk scale
Private sector organizations, international organizations or foreign governments 4
d) Duration of the program or activity Risk scale
Long-term program or activity 3
e) Program population Risk scale
The program's use of personal information for internal administrative purposes affects certain employees. N/A
The program's use of personal information for internal administrative purposes affects all employees. N/A
The program's use of personal information for external administrative purposes affects certain individuals. N/A
The program's use of personal information for external administrative purposes affects all individuals. N/A
f) Technology and privacy Risk scale
Does the new or substantially modified program or activity involve implementation of a new electronic system or the use of a new application or software, including collaborative software (or groupware), to support the program or activity in terms of the creation, collection or handling of personal information? No
Does the new or substantially modified program or activity require any modifications to information technology (IT) legacy systems? No

Specific technological issues and privacy

Does the new or substantially modified program or activity involve implementation of new technologies or one or more of the following activities:

  1. enhanced identification methods;
  2. surveillance; or
  3. automated personal information analysis, personal information matching and knowledge discovery techniques?
Yes (3.)
A YES response indicates the potential for privacy concerns and risks, which will require consideration and, if necessary, mitigation.  
g) Personal information transmission Risk scale
The personal information is used in a system that has connections to at least one other system. 2
h) Potential risk that in the event of a privacy breach, there will be an impact on the individual or employee. Risk scale
Reputation harm, embarrassment. 2

Footnotes

Footnote 1

The letter of intent is a document between the Department of Homeland Security , on behalf of the U.S., and the CBSA, on behalf of Canada, that sets the parameters for the information exchange in Phase I and outlines the intention to attach an annex to the SMU for Phase II of the Entry/Exit Initiative

Return to footnote 1 referrer

Footnote 2

Third country national means a person who is not a citizen of Canada or the U.S. under each country's respective laws.  Of note is that citizens of Canada and the U.S. are out of scope for Phase I even though Canada and the U.S. are foreign nationals to each other.  The use of the term third-country nationals is meant to exclude citizens of either country.

Return to footnote 2 referrer

Footnote 3

The U.S and Canada have agreed to four common land border ports of entry for Phase I.

Return to footnote 3 referrer

Footnote 4

There will be no biometric information (e.g. fingerprints) exchanged.

Return to footnote 4 referrer

Was this page/information useful?