Evidence of meeting #16 for Transport, Infrastructure and Communities in the 40th Parliament, 3rd session. (The original version is on Parliament’s site, as are the minutes.) The winning word was airports.
A recording is available from Parliament.
Conservative
Brian Jean Conservative Fort McMurray—Athabasca, AB
Mr. Lennox, I don't want to cut you off, but I have seven minutes, which means I'm probably going to get about six minutes and 10 seconds out of the chair. If you don't mind, I would like to hear from everybody in relation to my question.
Vice-President of Operations and Customer Experience, Greater Toronto Airports Authority, Canadian Airports Council
There's been a lot of discussion about the Israeli system. I've had the good fortune of having the Cook's tour not only of Ben Gurion Airport, but also of all their border and marine crossings. The big “aha” out of the Israeli system is not that they use this technology or that process--and I want to go to Toby's point--but that they equate customer service with security and integrate the two.
The head of security at Ben Gurion made it very clear to me that they are ranked number two in the world for customer service in the medium airport ASQ surveys. They see security as customer service, and that's a quote from him. We are proposing that we have that same vision.
Conservative
Vice-President of Operations and Customer Experience, Greater Toronto Airports Authority, Canadian Airports Council
Toronto's in the bottom of the top quartile for big airports.
What we're advocating is what the Israelis do: an airport-led, holistic, curb to airport system for the large airports with high risk. But we have to recognize is that the smaller airports just don't have the resources or, necessarily, the need to do that. Saskatoon has how many employees? Twenty-five? You're really in a different realm.
So what we're asking for is a scalable system, where airports like Montreal, Toronto, and Vancouver will have a very sophisticated, risk-based, broad-based security system, and where small airports have an appropriate system, all meeting the standards that we meet, and this is risk assessment.
Vice-President, Airport Operations, Aéroports de Montréal, Canadian Airports Council
Similarly, on the trusted traveller program, in a small airport not only the risks are different, but sometimes the CATSA agent is searching his father, who works on the ramps. I mean, the trust is different at different places, and it has to be scalable to be applied differently. So on productivity, if you want to be productive, usually you don't apply the same principle to somebody at a larger airport and somebody at a smaller airport.
I've been in Whitehorse. I worked in Whitehorse for a while. I knew everyone who worked at the airport.
I was in Israel. I never got searched once because I was with the security head over there. They trusted me at that time, so I didn't go through the process.
Right now what we're saying is that whether you are taking an aircraft to Whitehorse, Yukon, or to Toronto, you have exactly the same process for two different persons who are not the same risk. The low-hanging fruit or the productivity in that regard is, what do we trust and how do we access this? Right now, the system doesn't give any leeway for someone in Whitehorse to say, “I guess I trust that guy--he's my father”.
Conservative
Liberal
Sukh Dhaliwal Liberal Newton—North Delta, BC
Thank you, Chair.
My question is to Ms. Des Rosiers.
The worst tragic terrorist act that happened in Canada is the Air India situation, and I, along with most of the Sikh community and our leaders have condemned that because those victims haven't achieved closure yet. When you see.... I've gone back to read a few books: Open Secrets by M.K. Dhar; Nest of Spies, written by an ex-CSIS agent; and Soft Target.
In those books, they also point a finger at the foreign governments that are planting spies in those communities to do spying and to tarnish the image of a whole particular community for the act of one individual, whether it be an attack on a member of Parliament or the Air India disaster.
When it comes to racial profiling, my riding is a very diverse riding. People from all backgrounds have come together and live peacefully as law-abiding Canadians. What particular concerns would you have when it comes to foreign governments intervening, tarnishing the image of those communities, and then having racial profiling affecting every single individual in that community?
General Counsel, Canadian Civil Liberties Association
I think racial profiling has several drawbacks. The first one is that it has a lot of false negatives. It's not appropriate because it is indeed targeting many people who are not likely to be terrorists at all. So to start with, it's not efficient.
It also has the drawback of being what we despise the most about a society, which is to react to people based on the colour of their skin. This is completely inappropriate, so in a way we have to recognize that this has an unsavoury aspect to it. It's the wrong message to the passengers, it's the wrong message to the workers, and it's the wrong message to society. That would be the way in which I would start. It's inefficient and it's also an inappropriate message in a democracy.
Conservative
The Chair Conservative Merv Tweed
Thank you.
We have to end it there.
Thank you to our guests for being here. I'm sure the advice you've given us will be well taken. Thank you very much.
We're going to take a one-minute break while our other guests come to the table.
Conservative
The Chair Conservative Merv Tweed
Thank you.
Welcome back.
Joining us now are Chantal Bernier and Carman Baggaley from the Office of the Privacy Commissioner of Canada.
Welcome. I know that you know the routine. Please proceed.
Chantal Bernier Assistant Privacy Commissioner, Office of the Privacy Commissioner of Canada
Thank you, Mr. Chairman.
My name is Chantal Bernier. I am Assistant Privacy Commissioner for the Privacy Act. Today I am accompanied by Carman Baggaley, principal analyst in our office, who has a vast experience in the subject under discussion.
Today I would like to talk about aviation security and share with you the approach of the Office of the Privacy Commissioner.
What I would like to do, then, is address privacy in the context of aviation security, explain to you our approach, and apply it specifically to the passenger protect program as well as the secure flight program. While I do not intend to include in my presentation the issue of body scanners, I will be happy to answer any questions in that regard.
Let me start with this premise: privacy and security do not have to be at odds. In fact, they must be integrated. And they converge. They converge in this fashion: privacy commands that we collect as little information as possible, in a minimal approach, and as well in the effectiveness of security, in the sense that its effectiveness rests upon collecting only the information that is relevant.
The Canadian Charter of Rights and Freedoms and the Privacy Act, as well as the Personal Information Protection and Electronic Documents Act, together with the case law that interprets them, provide the basis for integrating privacy and security. It may be summarized in the following four principles.
The first one is that the right to privacy is a fundamental right that cannot be infringed upon, unless it is demonstrably necessary for the public good. It follows, then, that the collection of personal information can only occur when it is proven necessary, and it must be proportionate to that necessity. Third, that necessity must be assessed on an ongoing basis by verifying that the collection of personal information is indeed effective and necessary in relation to the identified necessity. Finally, it must also be demonstrated that there are no less privacy-intrusive measures available to reach the same goal.
When the collection and use of personal information are justified under human rights law, then privacy protection must be assured by strict management of personal information according to the rules of personal data protection. We have audited the passenger protect program from this perspective, and I will now turn to that.
Our office has taken an active interest in the Passenger Protect Program since its inception. Most recently, in the fall of 2009, we issued an audit report on the passenger protect program and its specified persons list, commonly called the “no-fly list”.
Our audit focused on the issue of whether Transport Canada has adequate measures in place to protect the personal information within its control. We found that these measures were generally adequate; however, we made recommendations to improve the privacy safeguards of the program. In particular, we recommended that the Transport Canada official who is designated to add or remove names from the list be provided with more information before a final decision is made.
Second, we recommended that Transport Canada strengthen the technological information security safeguards to protect the list.
Third, we recommended that Transport Canada improve its oversight of air carriers to ensure they protect the information on the list. All these recommendations are being or have been implemented. However, we remain concerned by the difficulty of ensuring that foreign carriers are not disclosing information on the list to their government or other parties. This perspective ensures that we both respect the right to privacy in analyzing security measures and that we duly take into account the security needs that must be met.
Let me move now to Secure Flight. We are hearing that there is a possibility of the implementation of the American secure flight program, including overflights. As a U.S. government program, this program is outside our jurisdiction. However, we have looked carefully at this program, including the privacy impact assessment prepared by the Department of Homeland Security, the DHS, because it will have an impact on Canadian travellers when fully implemented.
From a Canadian perspective, the most controversial aspect of Secure Flight is that it will apply to overflights; therefore, to flights to and from Canada that fly through American airspace without necessarily landing in the United States. This means, for example, that American authorities will have the ability to prevent someone in Canada from boarding a flight to Mexico.
We are not questioning the American government's authority to implement such a program, as international law is clear that a state's sovereignty extends to its airspace, but we do need to understand how it may affect Canadian travellers.
I would like to highlight some of the significant aspects of the program. First, air carriers will be required to provide DHS not only with basic identifying information, such as name, date of birth, and gender, but also, if available, with additional information such as passport information and itinerary information. Since this information will always be available for international flights from Canada flying over U.S. airspace, this information will always be provided in full.
Although the DHS privacy impact assessment is somewhat unclear on this, our understanding is that information collected can be disclosed and used for purposes other than aviation security, such as for law enforcement and immigration purposes.
Another aspect is that DHS will retain this information for as long as seven days after the journey has been completed, even for individuals who have raised no issues and do not match the list; for seven years for potential matches; and for 99 years for confirmed matches. A redress mechanism exists to resolve false positives, but it will take 50 to 60 days on average, thus, in effect, cancelling people's travel plans.
One important difference between the secure flight program and the Canadian program as it exists now is that the responsibility for checking passengers against the no-fly list will shift from airlines to DHS. This brings both privacy safeguards and privacy risks.
It is intended to lead to greater accuracy and, therefore, to fewer false positives, for example, for someone who has a similar name but is the wrong person. It eliminates the concerns that air carriers will use, misuse, or inappropriately disclose the list. As I mentioned earlier, this was one of our concerns in the audit of the PPP, the passenger protect program.
On the other hand, this also means that DHS will collect the personal information of Canadian travellers. This is not without risk. We understand that the Canadian government attempted to have Canadian overflights exempted from Secure Flight.
Unfortunately, the government was unsuccessful, except for flights between two Canadian cities. We also understand that the Government of Canada, by way of a diplomatic note, stated that protection of the privacy of Canadians was of “critical concern” in relation to Secure Flight.
We urge the Canadian government to continue to negotiate with American authorities to minimize the impact of Secure Flight and to take the following measures. I would like to make six specific recommendations.
Firstly, the Canadian government should negotiate the collection of minimal personal information, meaning strictly as necessary to ensure proper identification and therefore avoid false positives.
Secondly, question the retention periods of seven days for no match and seven years for potential matches to fulfill the commitment from the U.S. authorities themselves to collect personal information only as necessary for airline security.
Thirdly, negotiate robust and accessible redress mechanisms for Canadians to minimize the impact of an erroneous match.
Fourth, implement measures to support Canadians availing themselves of the DHS redress mechanisms.
Fifth, inform Canadians of the exact scope of personal information that will be collected by DHS on them under Secure Flight.
Finally, clarify Canadian law on the conditions of disclosure of personal information by airlines to DHS to ensure public debate and legal certainty.
In closing, Mr. Chairman, I want to emphasize the point I made earlier about the importance of integrating privacy into aviation security measures. If we can do so, both security and privacy will be enhanced.
I will be happy to take your questions. Thank you.
Liberal
Joe Volpe Liberal Eglinton—Lawrence, ON
Ms. Bernier and Mr. Baggaley, thank you for your opening remarks. I have already had the pleasure of hearing this presentation or a similar one.
What I am still troubled by is the relationship between the Canadian government and the American government. As you already indicated, there is a geographical problem. We have to cooperate with the Americans because we use a right that belongs to them, that is the right to fly over their territory.
But the problems that I guess we still all have.... And I don't want to bash government on this because it's a necessity that our governments need to negotiate overflight, given that at least half of all flights in Canada emanate from southern Ontario, i.e. Pearson International. We will have, no matter what, a situation where approximately half the flights are going to go across American airspace even though they're not going to the States. So the negotiation is important.
But I'd like your impression about the secure flight program, especially since the Americans can ignore our Privacy Act, everything you stand for, and everything you have indicated simply by using the Patriot Act. Once they engage the Patriot Act, everything that you say and everything that your colleague Madame Des Rosiers said from a human rights perspective goes completely out the window.
It's wonderful to say that we need to integrate security concerns in the aviation industry or, as was said by some of the people from the airport authorities who preceded you here, that we need to integrate security as part of the customer service package that we provide.
But if the Americans are determined to use the Patriot Act to tell you to go fly a kite, rather than a plane, what do you propose?
Assistant Privacy Commissioner, Office of the Privacy Commissioner of Canada
We share your concerns. That is precisely why we have given such priority to this issue, going as far as to actually analyze the privacy impact assessment from our colleagues in the U.S. It is precisely because we wanted to see exactly how far the Canadian government could go in putting forward Canadian values and a preoccupation for the privacy of Canadians.
The six recommendations that I have put to you this morning are very limited in scope, but they are limited by international law. There is indeed a limit that is beyond us, and that is U.S. sovereignty over U.S. airspace.
What we are urging the Canadian government to do is to ensure that, in its rapport with the United States, it does secure the protection of the privacy of Canadians according to Canadian values and law. We believe that the six recommendations we have put forward this morning could lead to that.
Liberal
Joe Volpe Liberal Eglinton—Lawrence, ON
Madame Bernier, I found myself in the position to make precisely that argument some time ago when I had the privilege of being in government. At the time the Americans were.... I don't want to say they were fixated on their own paranoia, but it seemed that they were unwilling to listen to anything. I'm not sure that has abated today, as the industry of fear and paranoia has become a profitable exercise.
But I look at the maps of flight patterns by Canadian and foreign airlines as they try to enter the profitable market of the Great Lakes Basin. Forget about other places, but it still applies to them too. The vast majority of them do not fly up to the North Pole and then come down and take advantage of the rotation and the shape of the Earth. Some of them actually have to go through the northeastern United States or come straight down to the United States. Otherwise, they can't make a go of their travel.
The United States is determined to utilize this as, I guess, the 21st century gatekeeper role that we might have applied at another time, when you had a river crossing, you put up a fort, and you exacted tariffs, and now...? Now this--the concept of human rights and privacy rights from an American homeland security perspective doesn't trump the $80 billion business on an annual basis that they want to nurture.
Assistant Privacy Commissioner, Office of the Privacy Commissioner of Canada
I think you've said it very well right at the outset. Geography works against us here, in addition to international law. The fact is that to have practical international travel between Canada and, say, South America, there is no other choice but to fly over the United States, and there is no other choice but to abide by United States law. So our objective must be to impress upon the United States the protections we want for the rights of Canadians in these circumstances.
Liberal
Joe Volpe Liberal Eglinton—Lawrence, ON
But if one drives down to Buffalo, let's say, from Toronto, the only information that's asked for of Canadian residents by the airlines flying out of Buffalo is limited to exactly what you say, and there's no mining of that information and no holding of that information.
I interrupted you. Pardon my insolence in doing that. But to hold some of that information for a positive ID for 99 years suggests that somebody is going to be a threat until they're 120, at least. It just absolutely baffles anybody who has a sense of reason about him or her about the nature of a threat by any individual in this world. But it's inscribed in their act, in the Patriot Act, and how they apply it to everybody.
How do we get around the fact that this will work for Pearson, a little bit as well for Montreal, and probably as well for Vancouver, where, from those three cities, Canadians can opt out of Canadian travel companies and drive down to the closest American provider? Are we off base here in thinking that the commercial transaction trumps privacy issues?
Assistant Privacy Commissioner, Office of the Privacy Commissioner of Canada
What I understand from the objectives of the United States—and I did speak with American colleagues to understand the rationale, for example, behind the retention rates—is, first of all, that it is based on a very specific threat related to flying that does not exist with a land border crossing.
Secondly, in fact, they put forward—I insist, they put forward—that some of the retention periods are actually meant to be favourable to travellers. For example, the seven-year retention for a potential match, they argue, will help the traveller who has, for example, a similar name to someone on the list to not be inconvenienced each time he or she travels.
Certainly there is room to manoeuvre, we believe, and the Canadian government should ensure that it puts forward its own conditions that correspond to its values in relation to the privacy of Canadians.
Bloc
Mario Laframboise Bloc Argenteuil—Papineau—Mirabel, QC
Thank you, Mr. Chair. Thank you, Ms. Bernier.
I listened to you, and I have read your document. I will begin with the passenger protect program. You said some very important things about the program. After having analyzed the program, you say the following: “However, we remain concerned by the difficulty of ensuring that foreign carriers are not disclosing information on the list to their governments or other parties.” This is serious. It is important to measure the seriousness of the matter, because, in reference to the Americans, you also say that we should: “inform Canadians of the exact scope of personal information”. But you do not ask the government to tell Canadians that this information could be passed on to third parties.
Is that because you do not have that information? When I read that, I told myself that I would never again deal with an airline that was not Canadian. Many airlines sell tickets, so let's deal with Canadian ones. That way, we can at least make sure that our information is not passed on to third parties. Have you analyzed this situation, or are you in the process of doing so right now? Please explain this to me.
Assistant Privacy Commissioner, Office of the Privacy Commissioner of Canada
That is a finding. When we analyzed the program, we obviously examined, among other things, the way Transport Canada oversaw the airlines that have the list. We observed, and this is a neutral fact, that it is difficult to fully oversee foreign airlines, which are accountable to other countries.
Is there anything to suggest that there have been leaks? That was not the basis of our recommendation. Our recommendation was simply based on the fact that a foreign airline is a national entity subject to foreign legislation, and it is always more difficult for Canada to monitor a foreign entity, be it an airline or a foreign national. That is the problem that we identified.
Bloc
Mario Laframboise Bloc Argenteuil—Papineau—Mirabel, QC
If you took that step, and if foreign airlines wanted to do business with us, it would reassure us. Do you understand? From the moment you officially say that you are not sure and that Canadians should, as much as possible, avoid flying on a foreign airline, because we do not know where their private information will end up, it would send a clear message. If those airlines wanted to reassure us, they would tell us what they do with the information. But as it now stands, they do not. What you have analyzed in a neutral manner is that you cannot confirm that the information will not be passed on to their own government or to a third party.
Assistant Privacy Commissioner, Office of the Privacy Commissioner of Canada
In all fairness, it must be said that Transport Canada has assured us that it is indeed carrying out this oversight. The department has accepted our recommendation on this matter, and based on the most recent updates we have received, Transport Canada is in the process of strengthening the existing oversight framework, but which will obviously be further enhanced, pursuant to our recommendations. Transport Canada has assured us that it takes its responsibilities in this area seriously.
However, we have noted, and this is a fact, that there is a certain degree of uncertainty as far as foreign airlines are concerned.
Bloc
Mario Laframboise Bloc Argenteuil—Papineau—Mirabel, QC
Perfect. I would like to come back to your analysis of the U.S. Secure Flight program. Obviously, apart from the fact that we can negotiate with the Americans—and that is what you have recommended that the government do—the Americans can do as they please on their own turf. So if they do not listen to us, we will just have to accept it. Is that what you are saying?