Thank you, Mr. Chair. I'd be happy to discuss that.
Since the Auditor General's report, we have confirmed that the 14 persons who accessed their own information are locally engaged employees of IRCC. From the information that we have available to date, it appears that these employees accessed their own information and files to check information and status contained in them. There's no indication that they took any action on their own files. The access recorded in GCMS was “read-only”, and did not include “write” activities, which indicate action taken on a file.
Access to information would be subject to the roles assigned to staff in GCMS. That is, staff would only be able to access their own information to the extent that their assigned GCMS role provided it. GCMS roles provide for different levels of access to information held in GCMS.
We are continuing to look into these cases. We are working with Global Affairs Canada because this is a shared responsibility: while these employees report to us, they are employees of Global Affairs Canada. We're working with our program managers and the heads of missions to continue investigating these particular accesses, but at the moment our assessment is that no action has been taken by these employees improperly.
What they would generally see on the file is their own information that they might have submitted, for example, to get a temporary visa to visit Canada. It's the sort of information we request from them—their basic information that's required for a visa.