Privacy complaints prompt CCRA database purge

Canada Customs and Revenue Agency will reduce information sharing in its controversial database of travel information as a concession to concerns from some of the country’s top privacy advocates.

The privacy commissioner of Canada,

George Radwanski, applauded Wednesday planned changes to the Advance Passenger Information/Passenger Name Record (API/PNR) system. The database created by the CCRA holds information on Canadians as well as foreign travelers entering Canada.

The database, Radwanski said in a prepared statement, “”contains extensive information obtained from airlines, on the foreign travels of all law-abiding Canadians — more than 30 data elements including where and with whom we travel, method of payment for tickets, contact addresses and telephone numbers, even dietary and health-related requirements communicated to the airlines.””

The information is stored for six years.

The CCRA database has been a controversial project since its inception, raising voices of opposition from privacy advocacy groups across Canada. Radwanski has been one of its most outspoken critics and has on numerous occasions criticized the largely unchecked manner in which the CCRA could use the information stored within the database. Although it was created largely under the guise of an anti-terrorism measure, the information within the API/PNR could be shared with other government agencies to monitor for possible tax infractions or other criminal activity.

In a letter to the privacy commissioner, Revenue Minister Elinor Caplan said that information not required for customs purposes, including meals and health information, would be purged from the database.

There will also be changes made to the way the stored information is used, she wrote. API information, meaning the passport information, will continue to be stored for six years but will be restricted to an increasing degree over the time it is kept. Only a select group of “”targeters and intelligence officers”” will have access to the API record, she wrote.

The much more detailed PNR information will also continue to be stored for six years, but access to it will now be regulated depending on the length of time it has been on record.

For the first 72 hours, the information will be used by customs and immigration agents to assess the travelers risk, Radwanski explained. For two years following the information will be accessible to intelligence officers and analysts but it will be depersonalized. It will be shared with other government departments or agencies for non-customs related purposes only if a warrant is obtained. For the last four years the information can only be used in matters related to the security of Canada. It will also remain depersonalized unless the commissioner of the CCRA pe

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs