Passport Canada is an Agency of the Department of Foreign Affairs and International Trade Canada (DFAIT). The agency is managed by a Chief Executive Officer who reports to the Deputy Minister of Foreign Affairs. As the agency responsible for issuing secure travel documents to Canadians, it necessarily collects and uses large amounts of highly sensitive personal information about Canadians. Accordingly, Passport Canada faces somewhat unique privacy and security considerations.

Passport Canada Audit by the Privacy Commissioner of Canada

As reported in the Privacy Commissioner of Canada’s 2007-2008 Annual Report on the Privacy Act, Passport Canada and the Department of Foreign Affairs and International Trade have many flaws in their security and privacy practices.

More than 3.6 million passport applications were processed in 2006-2007, and Passport Canada has more than 30 million passport records under its control.  Yet, at the time of the audit, Passport Canada did not have a Chief Privacy Officer; instead, because it is an agency of DFAIT, the Department retained authority for privacy matters. This resulted in insufficient attention being paid to the particular privacy risks and requirements at Passport Canada.

Other problems included the fact that too much information is collected on the application form, concentrating a large amount of highly sensitive personal data in one accessible place. Combined with the inadequate access controls throughout Passport Canada, within Canada and at Canadian Missions abroad, and the lack of electronic audit mechanisms, this centralization of personal information posed a significant risk. In addition, retention periods are too long and staff training was inadequate. The Privacy Commissioner made the following recommendations:

  1. Hire a Chief Privacy Officer for Passport Canada;
  2. Provide ongoing privacy and security training to staff;
  3. Introduce better controls on access to passport information;
  4. Reassess the 100-year retention period for passport information; and
  5. Provide essential safeguards such as more restricted physical access to processing areas; improved security screening for staff; implement policies on portable storage devices; use encryption and provide more privacy for clients discussing passport applications.

The Privacy Commissioner reported that Passport Canada and the Department of Foreign Affairs were helpful and responsive during the audit and agreed with most of the recommendations.

Audit of Passport Canada by Auditor General

As part of a larger audit, Managing Identity Information, published in early 2009, the Auditor-General of Canada examined the “Central Index” database at Passport Canada to determine whether Passport Canada properly manages identity information, and that it ensures that the information is accurate, complete and up-to-date, as required by the Privacy Act and the Treasury Board’s policies.

The Auditor General concluded that Passport Canada has not implemented a system that provides adequate assurance that its database contains accurate and complete identity information.

The Canadian Passport Order

The Canadian Passport Order establishes the legal basis on which Passport Canada may issue, refuse or revoke a passport. The Canadian Passport Order also permits Passport Canada to include biometric information in passports.

For the purpose of following the requirements of the Canadian Passport Order, Passport Canada shares information with Correctional Services Canada and with the Canadian Border Services Agency/Citizenship and Immigration Canada.

It has also entered into Memoranda of Understanding with Correctional Services Canada (signed March 2005); the Canadian Police Information Centre (CPIC); the Canadian Border Services Agency/Citizenship and Immigration Canada, signed June 2004; and with the RCMP, signed December 2005.   Another Memorandum of Understanding was signed with the RCMP in 2007-2008. *

National Routing System

Passport Canada has partnered with Citizenship and Immigration Canada and Statistics Canada to create the National Routing System (NRS). The purpose of the NRS is to build electronic links between provincial and territorial bureaus of Vital Statistics and Citizenship and Immigration to allow passport examiners to confirm the passport applicants identity by electronically verifying vital statistics such as birth information, and citizenship information presented on passport applications, and check for death information (fraudulent applications sometimes use the identities of people who have died).

Through the NRS, staff at Passport Canada will have direct electronic access to previously inaccessible information in provincial agencies and other federal departments. This is an example of technology that allows information sharing and broadens the scope of who has access to the personal information of Canadians.

E-passport

In the February 2008 federal budget, the government announced that an e-passport valid for ten years would be fully implemented by 2011. A pilot project was scheduled for 2009.

The e-passport will have an electronic chip embedded in it, containing a digital version of the bearer`s identification information and photo.

The use of contactless chips can pose privacy risks if they can be read from some distance away. However, according to Passport Canada, this electronic chip will be a contactless chip which can be read only from 10 centimetres or closer.

A positive security feature of the e-passport is that the chip will also encrypt data and will require authentication from terminals before releasing information.