Information & Ethics Committee on Feb. 23rd, 2009

That's my understanding. It's going on in B.C; it involves 500 volunteers, and it is still being studied.

Yes, it is.

Doubtless there would be in many secure establishments, but I don't know offhand which ones; we haven't inventoried them. But it's getting to be a fairly commonly used technology.

It's an ongoing concern of ours. It was one of the big themes of our annual report about two years ago.

Certainly as RFIDs spread through the marketplace we will be monitoring them very closely. Right now we understand they're being introduced into the merchandise supply chain at the pallet level. That is acceptable to us, if it stays at the pallet level. Let's say goods come from Asia. A certain percentage of them are lost at the dock, in transit, in shipping, with the trucking and so on. They are damaged and can't be used. There's a fair amount of wastage to wholesalers and retailers. We've been told that the RFID would help to individually track each pallet. I also believe there are national security reasons for tracking pallets of goods because you don't know exactly what they contain. That is fine.

The problem is when you break the goods out of the pallets. Let's say there are shoes being sent from Brazil. Do you have an RFID in each shoe so you can account for theft, people walking into the store putting on new shoes and walking out? If so, the privacy implications are enormous. There is one unique identifier in every RFID that can emit your location to a reader. If there's not some way of either preventing the RFIDs going in at an item level or turning the RFID off at the point of purchase securely, you could track where people are going or link it up to the card they paid with.

The one coming up is going to look at how this system was administrated--for example, how many people went through it, the criteria on which they could fly or not fly, how many made use of the recourses in what I think is called the Office of Reconsideration. It's basically how the program is administered from a privacy point of view.

Mr. Chair, could I ask my colleague Lisa Campbell to talk to you about a case we're monitoring in the Federal Court on the do-not-fly list?

It's an interesting case. The name of the case is Hani Al Telbani against the Attorney General of Canada and Transport Canada. It's the first challenge in court, that we know of, to Canada's no-fly list. At the moment they're exchanging documents. An interesting side issue is that the applicant has asked for access to Transport Canada's documents. That's really what's at issue; he wants to know why he was denied boarding a plane. He asked that his name not be published, and the media and the Department of Justice intervened and said that because of the open courts principle his name should appear. He's in an interesting situation of perhaps never knowing why he couldn't get on a plane but his name is associated with this list.

I can't answer that question, Mr. Chairman. I've pointed out many times that the Government of Canada has a very opaque system for sharing personal information with governments abroad. It's one of the recommendations for reform of the Privacy Act.

I think the law talks about an arrangement or an agreement—that's a fairly informal way of agreeing to share personal information, as compared to, for example, placing before Parliament, even just for its notification, all the MOUs with foreign powers as to what kind of information we share. It's really impossible to tell exactly in detail what information is shared.

Yes, that is correct.

I don't believe the Privacy Act places any limits on the kind of information that can be shared abroad.

My report didn't include such a breakdown. Now, the passport office itself may have that kind of breakdown. We were looking at their practices, their approach to protecting privacy. Any particular incidents would be tracked by that agency.

Doubtless one could be by DFAIT. We simply did a sampling of a couple and found this, but we don't have an exhaustive list.