Information & Ethics Committee on Feb. 7th, 2017

Just to be absolutely clear, while my title includes “intelligence”, this is really as a result of the requirement to make sure that my group is connecting with the intelligence agencies. We are not an intelligence agency ourselves. The term is perhaps a bit open to a misunderstanding, but it's other organizations that do that, not us. We act as an interface.

Thank you.

Previously, there was an ability to share information. The challenge was that while consular works 24/7, and we have a 24/7 watch and response centre and are accessible at all hours of the day, other departments, especially officials in the privacy area who would have to sign off on disclosures, do not work on that same cycle. To track them down and to disclose lawfully and properly with the advance authority was much more of a bureaucratic hurdle for us.

The introduction of SCISA has allowed the decision to be taken at headquarters very quickly based on the ability to call on people who know they could be called in the middle of the night to make a quick decision, and to get all the information, including the legal opinion, and whatever's required. It has provided a mechanism with our partner departments so they can access that information in a secure way.

Well, I'd like to stress that the CNSC does not collect personal information in the context of security, so we would not say that that's the case.

In terms of IRCC, SCISA contains no new authorities with respect to collection. When we do obtain information from applicants who are seeking benefits under our existing legislative authorities—be it the Immigration and Refugee Protection Act or the Citizenship Act—disclosure of that information, as I mentioned before, is done on a case-by-case basis. Again, SCISA only permits disclosure to the 16 other listed agencies.

I'm not even aware of there being an ability to share bulk data under SCISA.

I know you've had previous discussions about this with relevant parts of our organization. Certainly, from my department's perspective, it's simply not an issue. We don't deal with bulk data, and we certainly don't share it. We don't share any information under SCISA outside of the federal government.

I think, from my reading of the previous testimony, others have answered your query.

From the different business sectors, we only receive information that is designated under the legislation. It may be semantics to people, but we do not collect information; we receive information. We have no authority to go back to a financial institution and ask. So what we receive is what we have.

The legislation itself doesn't change our ability to receive or share information. However, it gives other departments that didn't have the authority to share information with us the ability to do so now.

As a result, the institutions and citizens that communicate with us under these circumstances would have more authority than certain departments in possession of relevant information.

We had the authority before, but we could share the information only with the institutions mentioned in the legislation, meaning our own legislation and not the legislation on information sharing.

No. The RCMP and law enforcement in major Canadian cities receive the most information from our agency. We communicated 204 times with the Canada Revenue Agency last year. However, to communicate with the Canada Revenue Agency, we first need to establish that money laundering then tax evasion occurred. Two thresholds must be reached in the Canada Revenue Agency's case.