12-41 Annex A - Prohibited Activities

Ordonnances sur l'Administration et l'Instruction des Cadets (OAIC)

1. The following is a list of activities that constitute a crime and are prohibited by Treasury Board policy:

  1. Child pornography. Possessing, downloading or distributing any child pornography (see s. 163.1 of the Criminal Code);
  2. Defamation. Causing a statement to be read by others that is likely to injure the reputation of any person by exposing that person to hatred, contempt or ridicule, or that is designed to insult the person (see ss. 296-317 of the Criminal Code);
  3. Gaining unauthorized access to a computer system. Using someone else's password or encryption keys to engage in fraud or obtaining money, goods or services through false representations made on a computer system. See the following Criminal Code provisions: s. 122 (breach of trust by public officer); s. 380 (fraud); s. 361 (false pretences); s. 403 (fraudulent personation); s. 342.1 (unauthorized use of computer systems and obtaining computer services);
  4. Trying to defeat the security features of the electronic networks. See the following Criminal Code provisions: s. 342.1 (unauthorized use of computer systems and obtaining computer services); s. 342.1(d) (using, possessing or trafficking in stolen computer passwords or stolen credit card information); s. 342.2 (making, possessing or distributing computer programs that are designed to assist in obtaining unlawful access to computer systems); ss. 429 and 430 (mischief in relation to data).
  5. Spreading viruses with intent to cause harm. See the following Criminal Code provisions: ss. 429 and 430 (mischief in relation to data); s. 342.1 (unauthorized use of computer systems and obtaining computer services);
  6. Destroying, altering or encrypting data without authorization and with the intent of making it inaccessible to others with a lawful need to access it. See the following Criminal Code provisions ss. 429 and 430 (mischief in relation to data); s. 342.1 (unauthorized use of computer systems and obtaining computer services); ss. 129 and 139(2) (destroying or falsifying evidence to obstruct a criminal investigation);
  7. Interfering with others' lawful use of data and computers. See the following Criminal Code provisions: ss. 429 and 430 (mischief in relation to data); s. 326 (theft of telecommunication services); s. 322 (theft of computer equipment); s. 342.1 (unauthorized use of computer systems and obtaining computer services);
  8. Harassment. Sending electronic messages, without lawful authority, that cause people to fear for their safety or the safety of anyone known to them (see s. 264 of the Criminal Code). Section 264.1 of the Criminal Code makes it an offence to send threats to cause serious bodily harm, damage personal property or injure a person's animal;
  9. Hate propaganda. Disseminating messages that promote hatred or incite violence against identifiable groups in statements outside of private conversations (see s. 319 of the Criminal Code);
  10. Interception of private communications or electronic mail (in transit). Unlawfully intercepting someone's private communications or unlawfully intercepting someone's electronic mail (see s. 184 and s. 342.1 of the Criminal Code, respectively); and
  11. Obscenity. Distributing, publishing or possessing for the purpose of distributing or publicly displaying any obscene material (e.g. material showing explicit sex where there is undue exploitation of sex, where violence or children are present, or where the sex is degrading or dehumanizing and there is a substantial risk that the material could lead others to engage in anti-social acts). See s. 163 of the Criminal Code.

​Violations of Federal And Provincial Statutes

2. The following are examples of unlawful (though not criminal) activity that can take place on electronic networks:

  1. Defamation.  Spreading false allegations or rumours that would harm a person's reputation. In addition to criminal libel, defamation is contrary to provincial statutes dealing with this subject;
  2. Destroying or altering data without authorization. Unlawfully destroying, altering or falsifying electronic records. See the following provisions: s. 5 of the National Archives of Canada Act; ss. 6 and 12 of the Privacy Act; s. 4 of the Access to Information Act; s. 5 of the Official Secrets Act;
  3. Disclosing personal information. Failing to respect the privacy and dignity of every person. The obligation to respect a person's privacy is expressed in a number of statutory provisions, such as ss. 4, 5, 7 and 8 of the Privacy Act and s. 19(1) of the Access to Information Act. Many federal statutes have non-disclosure provisions, often designed to protect the privacy of citizens who provide information to the government (see list of provisions in Schedule II of the Access to Information Act). In addition, Quebec has a number of privacy provisions in its Civil Code (see articles 3, 35-41) and in its Human Rights Charter (see articles 4, 5 and 49). British Columbia, Saskatchewan, Manitoba and Newfoundland also have statutes that provide for civil actions where there is an undue invasion of privacy;
  4. Disclosing sensitive government information. Revealing sensitive government information without authorization. See ss. 3 and 4 of the Official Secrets Act. As well, when responding to formal requests under the Access to Information Act, institutions must not disclose information obtained in confidence from other governments (see s. 13 of the Access to Information Act; the other exemptions in the Act relating to government information are discretionary);
  5. Harassment. It is a discriminatory practice "(a) in the provision of ...services... available to the general public...or (c) in matters related to employment to harass an individual on a prohibited ground of discrimination". The prohibited grounds are race, national or ethnic origin, colour, religion, age, sexual orientation, marital status, family status, disability and conviction for which a pardon has been granted. Thus, in some circumstances, displaying unwelcome sexist, pornographic, racist or homophobic images or text on a screen at work can be unlawful harassment. See s. 14 of the Canadian Human Rights Act; and
  6. Privacy infractions. Reading someone else's electronic mail or other personal information without authorization, listening in on someone's private conversations or intercepting electronic mail while it is in transit. See s. 8 of the Charter of Rights and Freedoms if it infringes on that reasonable expectation without a lawful authority.

​Other Unacceptable Activity

3. The following are examples of unacceptable activity that is not necessarily unlawful but which violates Treasury Board policies:

  1. Sending classified or designated information on unsecured networks. Unless it is sent in encrypted form. (Government Security Policy);
  2. Accessing, without authorization, sensitive information held by the government. (Government Security Policy);
  3. Attempting to defeat information technology security features.  Through such means as using anti-security programs; using someone else's password, user-identification or computer account; disclosing one's password, network configuration information or access codes to others; or disabling anti-virus programs. (Government Security Policy);
  4. Causing congestion and disruption of networks and systems. Through such means as sending chain letters and receiving list server electronic mail unrelated to a work purpose. These are examples of excessive use of resources for non-work related purposes. (Government Security Policy);
  5. Sending abusive, sexist or racist messages to employees and other individuals. (Harassment in the Workplace Policy);
  6. Using the government's electronic networks for private business, personal gain or profit or political activity.  (Conflict of Interest and Post-Employment Code for the Public Service);
  7. Making excessive public criticisms of governmental policy. (Conflict of Interest and Post-Employment Code for the Public Service);
  8. Representing personal opinions as those of the institution, or otherwise failing to comply with institutional procedures concerning public statements about the government's positions. (Conflict of Interest and Post-Employment Code for the Public Service);
  9. Providing personnel with access to systems, networks, or applications used to process sensitive information before such personnel are properly security screened. (Government Security Policy);
  10. Failing to revoke system access rights of personnel, when they leave the institution, due to the end of employment or the termination of a contract, or when they lose their reliability status or security clearance. (Government Security Policy); and
  11. Unauthorized removal or installation of hardware or software on government owned informatics devices or electronic networks. (Government Security Policy).

Back to top

Page details

Date modified: