Privacy Impact Assessment Summary – Elections Canada's National Register of Electors Immigration, Refugees and Citizenship Canada Data Transfers (Foreign Nationals and Permanent Residents)
Lead Government Institutions
Elections Canada (EC) and Immigration, Refugees and Citizenship Canada (IRCC)
Legal Authority
Subsections 44(1), (2) and (3); 46(1); 52(1) and (2); and section 46.01 of the Canada Elections Act.
Description of the program/activity
This Privacy Impact Assessment (PIA) Addendum accounts for the changes that were made to the terms of the data transfer agreement between Immigration, Refugees and Citizenship Canada (IRCC) and Elections Canada (EC) since the completion of the PIA on the National Register of Electors (NROE) IRCC to EC C-76 Data Transfer for Foreign Nationals and Permanent Residents from March 2019.
In December 2018, Parliament adopted Bill C-76 - An Act to amend the Canada Elections, which now allowed IRCC with the legislative authority to disclose personal information to EC associated with Foreign Nationals (FNs) and Permanent Residents (PRs) to update the NROE and ensure that these individuals do not appear on lists of electors produced from the NROE. This data transfer was meant to ensure that eligible elector data is as current and accurate as possible and that only the names of individuals eligible to vote in federal elections, by-elections, and referendums (Canadian citizens) are contained in the NROE.
In March 2019, EC and IRCC updated the Memorandum of Understanding (MOU) to account for this new transfer of information, and the first data transfer took place under the new MOU in April 2019.
In April 2021, a provision for two-way sharing was added to the Memorandum of Understanding (MOU) between the departments. This provision allows EC to request IRCC to verify the citizenship of specific records that IRCC has provided. This will allow for cross-verifying individuals' citizenship status to address discrepancies. Establishing this addendum facilitates a streamlined process for EC to authenticate the citizenship status of specific individuals.
Personal Information Banks
- Voter Registration and Identification – Elections PPU 037
- In-Canada Asylum IRCC PPU 009
- Permanent Economic Residents IRCC PPU 042
- International Students IRCC PPU 051
- International Mobility IRCC PPU 054
- Federal Immigrant Investors and Entrepreneurs IRCC PPU 010
- Refugee and Humanitarian Resettlement IRCC PPU 008
Summary of Risk Identification and Categorization
Below is the risk identification and categorization table corresponding to this initiative.
| a) Type of program or activity | Risk scale |
|---|---|
| Program or activity that does not involve a decision about an identifiable individual | Checkbox: unchecked ☐ 1 |
| Administration of program or activity and services | Checkbox: unchecked ☐ 2 |
| Compliance or regulatory investigations and enforcement | Checkbox: unchecked ☐ 3 |
| Program or activity does involve a decision about an identifiable individuals | Checkbox: checked ☒ 4 |
| Criminal investigation and enforcement or national security | Checkbox: unchecked ☐ 5 |
| b) Type of personal information involved and context | Risk scale |
|---|---|
| Only personal information, with no contextual sensitivities, collected directly from the individual or provided with the individual's consent for disclosure under an authorized program. | Checkbox: unchecked ☐ 1 |
| Personal information, with no contextual sensitivities after the time of collection, is provided by the individual with consent to use personal information held by another source. | Checkbox: unchecked ☐ 2 |
| Personal information of minors. legally incompetent individuals or involving a representative acting on behalf of the individual. | Checkbox: unchecked ☐ 3 |
| Social Insurance Number, medical, financial, or other sensitive personal information or the context surrounding the personal information is sensitive; | Checkbox: checked ☒ 4 |
| Sensitive personal information, including detailed profiles, allegations or suspicions, bodily samples, or the context surrounding the personal information, is particularly sensitive | Checkbox: unchecked ☐ 5 |
| c) Program or activity partners and private sector involvement | Risk scale |
|---|---|
| Within the institution (among one or more programs within the same institution) | Checkbox: unchecked ☐ 1 |
| With other government institutions | Checkbox: checked ☒ 2 |
| With other institutions or a combination of federal, provincial, territorial, and municipal governments | Checkbox: unchecked ☐ 3 |
| Private sector organizations | Checkbox: unchecked ☐ 4 |
| International organizations or foreign governments | Checkbox: unchecked ☐ 5 |
| d) Duration of the program or activity | Risk scale |
|---|---|
| One-time program or activity | Checkbox: unchecked ☐ 1 |
| Short–term program or activity | Checkbox: unchecked ☐ 2 |
| Long-term program or activity | Checkbox: checked ☒ 5 |
| e) Program population | Risk scale |
|---|---|
| The program's use of personal information for internal administrative purposes affects certain employees. | Checkbox: unchecked ☐ 1 |
| The program's use of personal information for internal administrative purposes affects all employees. | Checkbox: unchecked ☐ 2 |
| The program's use of personal information for external administrative purposes affects specific individuals. | Checkbox: checked ☒ 4 |
| The program's use of personal information for external administrative purposes affects all individuals. | Checkbox: unchecked ☐ 5 |
| f) Technology and privacy (A YES response indicates the potential for privacy concerns and risks, which will require consideration and, if necessary, mitigation). | Risk scale |
|---|---|
| Does the new or substantially modified program or activity involve implementing a new electronic system or using an emerging technology to support the program or activity in terms of creating, collecting, or handling personal information? | Checkbox: unchecked ☐ Yes Checkbox: checked ☒ No |
| Does the new or substantially modified program or activity require any modifications to information technology (IT) legacy systems? | Checkbox: unchecked ☐ Yes Checkbox: checked ☒ No |
Specific technological issues and privacy Does the new or substantially modified program or activity involve the implementation of new technologies or one or more of the following activities: enhanced identification and matching methods, enhanced data collection methods use or disclosure of personal information, surveillance interjurisdiction or trans-border sharing of personal information or use of Artificial Intelligence technology for automated personal information analysis, personal information matching, and knowledge discovery techniques. If Yes to any of the above, it indicates the potential for privacy concerns and risks, which will require consideration and possible mitigation. |
Checkbox: unchecked ☐ Yes Checkbox: checked ☒ No |
| g) Personal information transmissionty | Risk scale |
|---|---|
| The personal information is used within a closed system (i.e., no connections to the Internet, Intranet, or any other system, and the circulation of hardcopy documents is controlled). | Checkbox: unchecked ☐ 1 |
| The personal information is used in a system with connections to at least one other system. | Checkbox: unchecked ☐ 2 |
| The personal information is transferred to a portable device (i.e., USB key, diskette, laptop computer), transferred to a different medium, or printed. | Checkbox: unchecked ☐ 3 |
| The personal information is transmitted using wireless technologies. | Checkbox: unchecked ☐ 4 |
| The personal information is transmitted through a Cloud service. | Checkbox: checked ☒ 5 |
Conclusion
Incorporating the two-way information exchange process between the EC and IRCC should not pose any privacy risks regarding the initiative.
In fact, by incorporating the two-way sharing process as an extra means of validation, IRCC can effectively mitigate the likelihood of privacy breaches. This implementation helps ensure that the data, initially intended for internal use as well as future data transfers with EC, are of the highest quality possible.
Both EC and IRCC understand the necessity of implementing additional scrutiny and quality control measures before any data is transferred between the two departments. These precautions are essential to ensure the privacy and confidentiality of the exchanged data.
For the summary of the original Privacy Impact Assessment, please refer to the Privacy Impact Assessment conducted by Elections Canada on the National Register of Electors.