Thank you very much.
Thank you for your presentations today.
As you know, with respect to biometrics, we have expressed some concerns in the past with regard to privacy issues, and they still remain a major concern for us. One of the documents we asked the government to provide for us, and I'm sure my colleagues remember, was a privacy impact statement for Bill C-31. I think we are still waiting for that, in one way or another. It would be good to get a copy of that report, even though Bill C-31 has passed us by.
When we met with Privacy Commissioner Jennifer Stoddart, this is what she had to say:
As the honourable members certainly know, the Privacy Act imposes obligations whenever the federal government gathers personal information. Federal agencies must ensure certain safeguards, must limit secondary use, and must list their data holdings publicly, irrespective of the citizenship of the individuals involved. Also, should any legislative or regulatory changes be made to the immigration system, I would expect to receive detailed privacy impact assessments from the appropriate institution.
We know that the Senate has begun its hearings on Bill C-31. And we're certainly hoping that at least in that other place they will be provided with the privacy impact assessments as they are going through the hearings, even though we didn't have them.
I have brief questions, but I'm going to give them to you a couple at a time.
When the government outsources the collection of biometric data to private companies, such as NextgenID, what is done to ensure that Canada's privacy laws are being respected?
Second, how is the data retained and stored, and how many people would have access to it?