Evidence of meeting #102 for Access to Information, Privacy and Ethics in the 44th Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was pia.
A recording is available from Parliament.
12:25 p.m.
Chief Compliance and Enforcement Officer, Canadian Radio-television and Telecommunications Commission
Since 2014.
12:25 p.m.
Liberal
Anthony Housefather Liberal Mount Royal, QC
Hasn't the Canada Revenue Agency also had a PIA since 2016?
12:25 p.m.
Director General, Criminal Investigations Directorate, Compliance Programs Branch, Canada Revenue Agency
That's correct.
12:25 p.m.
Liberal
Anthony Housefather Liberal Mount Royal, QC
It sounds like you guys are in compliance, which is good to hear.
I guess the other thing that may have been of more general concern was how these tools were being used. Were these tools being used to somehow surreptitiously spy on Canadians? From what I understand, neither CRTC nor Revenue Canada is using spyware or malware or inserting tools on devices to do anything nefarious.
Would that be correct, CRTC?
12:25 p.m.
Chief Compliance and Enforcement Officer, Canadian Radio-television and Telecommunications Commission
That would be correct.
12:25 p.m.
Liberal
12:25 p.m.
Director General, Criminal Investigations Directorate, Compliance Programs Branch, Canada Revenue Agency
That is correct, yes.
12:25 p.m.
Liberal
Anthony Housefather Liberal Mount Royal, QC
Perfect.
I understand that the way in which you use these tools is simply to extract data from the device that you have in your possession.
To the CRTC, is that true?
12:25 p.m.
Chief Compliance and Enforcement Officer, Canadian Radio-television and Telecommunications Commission
That is correct.
12:25 p.m.
Liberal
12:25 p.m.
Director General, Criminal Investigations Directorate, Compliance Programs Branch, Canada Revenue Agency
Yes, and it's only once we have a judicial order.
12:25 p.m.
Liberal
Anthony Housefather Liberal Mount Royal, QC
I was going to get to that in my next question.
To the CRTC, would you also confirm that you would need, and you've always gotten, a warrant before the taking of a device?
12:25 p.m.
Chief Compliance and Enforcement Officer, Canadian Radio-television and Telecommunications Commission
Every time we obtain a device and/or use this tool, we have a search warrant that specifies the use of these tools.
12:25 p.m.
Liberal
Anthony Housefather Liberal Mount Royal, QC
The other thing that I would imagine we were also seeking to do was to confirm that you weren't outrageously using these devices by having outrageous numbers of warrants for Canadians to have to produce things.
To the CRTC, I think you said that you've used this only twice since 2013.
12:25 p.m.
Chief Compliance and Enforcement Officer, Canadian Radio-television and Telecommunications Commission
Since 2022 we've used it twice. Overall, we've used it a handful of times in 10 years.
12:25 p.m.
Liberal
Anthony Housefather Liberal Mount Royal, QC
You were not using this on an absolutely regular and ongoing basis.
12:25 p.m.
Chief Compliance and Enforcement Officer, Canadian Radio-television and Telecommunications Commission
It has a very limited scope in a very limited type of investigation.
12:25 p.m.
Liberal
Anthony Housefather Liberal Mount Royal, QC
You're not using it with respect to internal matters at the CRTC, where employees are being disciplined for violating internal policies.
12:25 p.m.
Chief Compliance and Enforcement Officer, Canadian Radio-television and Telecommunications Commission
It is only used for CASL investigations and for a very specific type of CASL investigation. There is limited use of that tool. Even within my own team, there are only four or five technical experts who even know how to use it.
12:25 p.m.
Liberal
12:25 p.m.
Director General, Criminal Investigations Directorate, Compliance Programs Branch, Canada Revenue Agency
At the Canada Revenue Agency, we only use that tool for criminal matters when we have judicial authorization. Such authorization also allows us, once we have seized a device, to use the tool to gain access to its contents and withdraw information. That's the only use we make of the tool.
12:25 p.m.
Liberal
Anthony Housefather Liberal Mount Royal, QC
Okay, great.
I'll now go through process questions, because I think that was another thing. I'll keep alternating between you.
Does CRTC generally try to comply with Treasury Board directives? When regulations come through Treasury Board and when there are directives from Treasury Board, is there an effort to comply, usually?
12:25 p.m.
Chief Compliance and Enforcement Officer, Canadian Radio-television and Telecommunications Commission
I would suggest “yes”.
12:25 p.m.
Liberal
Anthony Housefather Liberal Mount Royal, QC
How do you ensure that you are compliant? What method do you use to review it? I imagine that you have people at CRTC who are responsible for ensuring that these directives are being complied with. How does that work?
12:25 p.m.
Chief Compliance and Enforcement Officer, Canadian Radio-television and Telecommunications Commission
Absolutely. We have a strong corporate team at the CRTC that looks at all the directives across government, be it the Treasury Board, the Privacy Commissioner or others. If it impacts my program and the work that we do, then I am directly involved in ensuring that we meet all those requirements.