Privacy Impact Assessment (PIA) Summary: Simplified Renewal Passport Application in the IRCC Portal New Version (Client Experience Platform - CXP Project 1 Release 2)
Lead Government Institution
Immigration, Refugees and Citizenship Canada (IRCC)
Name of the Program/Activity
Simplified Renewal Passport Application in the IRCC Portal New Version (Client Experience Platform - CXP Project 1 Release 2)
Legal Authority
Relevant authorities include:
- The Canadian Passport Order
- Passport and Other Travel Document Services Fees Regulations
Description of the program or activity
Immigration, Refugees and Citizenship Canada (IRCC) facilitates travel for Canadians and supports a safe and secure travel regime by safeguarding the integrity of the Canadian passport issuance systems and processes, in order for Canadians and certain non‑Canadians to receive internationally recognized and respected travel documents. The Passport Program ensures legitimate travellers hold Canadian travel documents, that applicants are informed of and understand their responsibilities, and that the needs of document holders are met.
As part of its Digital Platform Modernization Program, IRCC is now gradually integrating existing programs, including the Passport Program, into a new digital platform. The initiative includes the Client Experience Portal, which will serve as the new public‑facing portal for application submissions, and the Case Management Platform, which will replace the Global Case Management System (GCMS). Under the Client Experience Portal (Project 1, Release 2), the Passport Program has launched a limited release of a simplified renewal passport application through a new online channel called Passport Online, with initial processing handled in‑house by the Citizenship and Passport Programs Branch, the authority responsible for program delivery. This Privacy Impact Assessment (PIA) was developed to identify, evaluate, and mitigate privacy risks associated with implementing Passport Online.
Personal Information Banks
Summary of Risk Identification and Categorization
| a) Type of program or activity | Risk scale |
|---|---|
| Program or activity that does not involve a decision about an identifiable individual | Checkbox: unchecked☐ 1 |
| Administration of program or activity and services | Checkbox: unchecked☐ 2 |
| Compliance or regulatory investigations and enforcement | Checkbox: unchecked☐ 3 |
| Program or activity does involve a decision about an identifiable individuals | Checkbox: checked☒ 4 |
| Criminal investigation and enforcement or national security | Checkbox: unchecked☐ 5 |
| b) Type of personal information involved and context | Risk scale |
|---|---|
| Only personal information, with no contextual sensitivities, collected directly from the individual or provided with the individual's consent for disclosure under an authorized program | Checkbox: unchecked☐ 1 |
| Personal information, with no contextual sensitivities after the collection, is provided by the individual with consent to use personal information held by another source | Checkbox: checked☒ 2 |
| Personal information of minors, a legally incompetent individuals, or involving a representative acting on behalf of the individual | Checkbox: unchecked☐ 3 |
| Social Insurance Number, medical, financial, or other sensitive personal information or the context surrounding the personal information is sensitive | Checkbox: unchecked☐ 4 |
| Sensitive personal information, including detailed profiles, allegations or suspicions, bodily samples, or the context surrounding the personal information, is particularly sensitive | Checkbox: unchecked☐ 5 |
| c) Program or activity partners and private sector involvement | Risk scale |
|---|---|
| Within the institution (among one or more programs within the same institution) | Checkbox: unchecked☐ 1 |
| With other government institutions | Checkbox: unchecked☐ 2 |
| With other institutions or a combination of federal, provincial, territorial, and municipal governments | Checkbox: unchecked☐ 3 |
| Private sector organizations | Checkbox: checked☒ 4 |
| International organizations or foreign governments | Checkbox: unchecked☐ 5 |
| d) Duration of the program or activity | Risk scale |
|---|---|
| One-time program or activity | Checkbox: unchecked☐ 1 |
| Short–term program or activity | Checkbox: unchecked☐ 2 |
| Long-term program or activity | Checkbox: checked☒ 5 |
| e) Program population | Risk scale |
|---|---|
| The program's use of personal information for internal administrative purposes affects certain employees | Checkbox: unchecked☐ 1 |
| The program's use of personal information for internal administrative purposes affects all employees | Checkbox: unchecked☐ 2 |
| The program's use of personal information for external administrative purposes affects specific individuals | Checkbox: checked☒ 4 |
| The program's use of personal information for external administrative purposes affects specific individuals | Checkbox: unchecked☐ 5 |
| f) Technology and privacy (A yes response indicates the potential for privacy concerns and risks, which will require consideration and, if necessary, mitigation). | Risk scale |
|---|---|
Does the new or substantially modified program or activity involve implementing a new electronic system or using an emerging technology to support the program or activity in creating, collecting, or handling personal information? As part of its Digital Platform Modernization (DPM) program, IRCC will gradually integrate its existing programs (including the Passport (PPT) Program), to the new digital platform. DPM is a multiyear program that will be delivered over three consecutive and overlapping phases. DPM, Phase 3 (DPM3) Project 1 focuses on enabling a seamless online client experience. The Client Experience Portal (CXP), once fully functional, will be the new front-end public facing portal allowing clients to submit immigration, citizenship, and passport applications. In the future, the Case Management Platform (CMP) will eventually replace IRCC’s existing Global Case Management System (GCMS). |
Checkbox: checked☒ Yes Checkbox: unchecked☐ No |
| Does the new or substantially modified program or activity require any modifications to information technology (IT) legacy systems? | Checkbox: unchecked☐ Yes Checkbox: checked☒ No |
Specific technological issues and privacy Does the new or substantially modified program or activity involve implementing new technologies or one or more of the following activities?
|
Checkbox: unchecked☐ Yes Checkbox: checked☒ No |
| g) Personal information transmission | Risk scale |
|---|---|
| The personal information is used within a closed system (i.e., no connections to the Internet, Intranet, or any other system, and the circulation of hardcopy documents is controlled) | Checkbox: unchecked☐ 1 |
| The personal information is used in a system with connections to at least one other system | Checkbox: unchecked☐ 2 |
| The personal information is transferred to a portable device (i.e., USB key, diskette, laptop computer), transferred to a different medium, or printed | Checkbox: unchecked☐ 3 |
| The personal information is transmitted using wireless technologies | Checkbox: unchecked☐ 4 |
| The personal information is transmitted through a Cloud service | Checkbox: checked☒ 5 |
Summary of Risks and Mitigation Strategies
The PIA identified five medium to high risks and offered mitigation strategies accordingly.
Risks
Risk 1: There is a risk of increased phishing scams and fraudulent businesses offering to assist applicants with online forms for a fee, potentially luring them into sharing personal information with unauthorized parties.
Risk 2: Closely linked is the risk of incorrect or fraudulent submissions by someone other than the applicant, creating identity verification challenges and possible misuse of personal data.
Risk 3: Compounding these issues, the Privacy Impact Assessment (PIA) risk arises from referencing various releases of the Client Experience Portal (CXP) Privacy Risk Assessment (PRA) without pointing to specific sections, which could weaken accountability.
Risk 4: The evolving nature of the CXP and Passport Online introduces the risk that new features, such as a fully functional photo checker, might be deployed without proper assessment.
Risk 5: Finally, the evolving CXP and Digital Platform Management (DPM) also create the risk that security safeguards may be insufficient or misaligned with Passport Online’s needs, leaving vulnerabilities unaddressed.
Mitigations
- To mitigate risk (1), the Digital Platform Modernization team, issued targeted communications via email and the secure CXP Message Centre to warn clients about phishing scams and fraudulent offers, advising them to log in directly to view official messages.
- To mitigate risk (2), applicants were encouraged to complete their own applications, protect personal information, and provide verifiable references, while the program conducted Central Index and System Quality Assurance (SQA) checks alongside existing integrity measures such as facial recognition and judicial restriction reviews.
- In response to risk (3), the PIA and PRA references were aligned to ensure each privacy risk was clearly linked to its assessment.
- To mitigate risk (4), new features such as the photo checker were scheduled for privacy and security review before deployment.
- Finally, to address risk (5), security assessments and authorizations were conducted for each release, with risks tracked for resolution to ensure safeguards kept pace with evolving CXP and Digital Platform Modernization (DPM) requirements.
Conclusion
The five privacy risks outlined above were assessed as medium to high range, and corresponding mitigation strategies have been implemented.