Defence Intelligence Enterprise Program
Government Institution
Canadian Armed Forces/Department of National Defence
Government official responsible for the PIA
Col. Yannick Michaud
A/Director General Intelligence Partnerships and Policy (DGIPP)
Canadian Forces Intelligence Command (CFINTCOM)
Head of the government institution or Delegate for section 10 of the Privacy Act
Anne Bank
Director
Directorate Access to Information and Privacy (DAIP)
Description of Program or Activity (from Departmental Results Framework):
Defence Intelligence Program: The Defence Intelligence Program provides responsive, reliable and fully integrated intelligence capabilities, services and products to support and inform decisions and actions relating to potential and authorized military operations and activities assigned to National Defence, as well as any intelligence activities carried out by the Department in support of the Government of Canada's broader responsibilities with respect to national defence, national security or global affairs.
Standard or institution specific class of record:
DND MIS 080 Intelligence Records
Standard or institution specific personal information bank:
Under Development for the defence intelligence enterprise
DND PPU 060 (Security Intelligence Records) – for Counter Intelligence
Legislated authority for activity:
The legal authority to conduct defence intelligence activities is firmly established in Canadian legislation (e.g. the National Defence Act), international law and elements of the common law (including the Crown Prerogative). It is derived from the Canadian Forces' authority to conduct mandated defence activities and operations approved by the Government of Canada. This authority is contingent on the existence of a nexus between the intelligence activities in question and the authorized Canadian Forces mission or defence mandated that they are to support.
Summary of the project / initiative/ change:
Defence intelligence can reveal imminent and developing threats to CAF/DND personnel, facilities, assets, allies and to Canada's overall national security. Defence Intelligence activities also provide responsive, reliable and fully integrated intelligence capabilities, services and products to support and inform decisions and actions relating to potential and authorized military operations and activities assigned to National Defence, as well as any intelligence activities carried out by the Department in support of the Government of Canada's broader responsibilities with respect to national defence, national security or global affairs.
This PIA, which focused on the defence intelligence capabilities of the CAF/DND as a whole, identified multiple risks with corresponding risk mitigation measures. In response, an Action Plan has been created, which identifies a lead for each risk mitigation measure along with a timeline as to when that measure must be completed. In total, all risk mitigation measures will be fully mitigated within an acceptable timeframe.
Risk Area Identification and Categorization
| Type of Program or Activity | Risk level |
|---|---|
Criminal investigation and enforcement / National Security Personal information is used for investigations and enforcement in a criminal context (i.e. decisions may lead to criminal charges/sanctions or deportation for reasons of national security or criminal enforcement). |
4 |
| Type of Personal Information Involved and Context | Risk level |
Sensitive personal information, including detailed profiles, allegations or suspicions, bodily samples and/or the context surrounding the personal information is particularly sensitive. For example: personal information that reveals intimate details on the health, financial situation, religious or lifestyle choices of the individual and which, by association, reveals similar details about other individuals such as relatives. |
4 |
| Program or Activity Partners and Private Sector Involvement | Risk level |
Private sector organizations or international organizations or foreign governments |
4 |
| Duration of Program or Activity | Risk level |
Long-term program Existing program that has been modified or is established with no clear "sunset". |
3 |
| Program Population | Risk level |
The program affects certain individuals for external administrative purposes. |
3 |
| Technology and Privacy | |
| CAF uses classified systems to store, process, and disseminate intelligence. | |
| Personal Information Transmission | Risk level |
The personal information is transferred to a portable device or is printed. USB key, diskette, laptop computer, any transfer of the personal information to a different medium. |
3 |
| Potential risk that in the event of a privacy breach, there will be an impact on the individual or employee | |
| In the event of a privacy breach, there may be significant and negative impacts on individuals whose information has been collected by the DIE for intelligence purposes. Those negative impacts could be embarrassment/reputation, financial, or have potential life/liberty consequences. | |
Page details
- Date modified: