Mr. Speaker, I am pleased to have this opportunity to speak to Bill C-42, An Act to amend the Aeronautics Act.
I can sum up Bill C-42 by saying it should be defeated. It is nothing more than data mining by foreign security services, primarily the United States, and is an unwarranted invasion of the privacy of Canadians.
Bill C-42 would amend the Aeronautics Act to allow for an exemption for airlines from the Personal Information Protection and Electronic Documents Act; thereby, permitting them to transmit to the United States department of homeland security personal information about airline passengers.
The U.S. department of homeland security could then run this information through a number of databases to determine if the travellers should be prevented from entering U.S. airspace. If the U.S. department of homeland security determines a person may be allowed into United States airspace, then the airline is given permission to issue a boarding pass. This is the process set up under the United States secure flight program which mandates that only those the U.S. department of homeland security allows may enter into U.S. airspace, regardless if those individuals are landing in the United States or not.
While the Conservatives like to point to name, gender and date of birth as being the only items of information required, the secure flight final rules state that airlines must also provide the following information if they possess it: redress number or known traveller number; passport information; itinerary information; reservation control number; record sequence number; record type; passenger update indicator; and traveller reference number.
All of these information elements are part of the air travel system for ensuring passengers move efficiently in their travels. It is information the airline would automatically possess.
Unfortunately, it is sufficient information to allow the department of homeland security to data mine the travel reservation systems used by all airlines as these databases are physically located in the United States and the U.S. patriot act requires that they be available to U.S. security agencies, without a warrant.
Included in this information are known medical conditions of passengers, who is travelling with the specific person, and even what they ate on the airline if they ordered a special meal.
Previous to Bill C-42, this information was passed to the U.S. department of homeland security only for passengers travelling to the United States. Through a non-binding diplomatic note, Canada had secured an exemption from secure flight for domestic flights.
As almost all flights within, to and from Canada pass through United States airspace, Bill C-42 would essentially allow the United States department of homeland security to determine who may enter and leave Canada by air.
Bill C-42 would also allow airlines to send personal information of passengers to foreign security services. What information would be forwarded is determined by requirements laid out in secret agreements with other countries. Details of these agreements have not been released.
However, it is known that Canada has signed or is negotiating agreements with the European Union, Mexico, Brazil, Argentina, Chile, Panama, the Dominican Republic, and the United States.
Details of the agreement between the European Union and the United States, for the same information transfer, are troubling. That agreement allows the information collected to be retained by the United States for up to 40 years.
Under the secure flight final rule, the retention period for Canadians is seven days if no match is found in the data; seven years for a potential match; and 99 years for confirmed matches.
As I have already indicated, this information may be forwarded to the security service of a third nation without the consent or notification of the other signatory: the passenger.
The secure flight final rule also stipulates that no person may know what information is being held about them by the United States and may not correct that information if there are errors.
The United States already has such an agreement with the European Union. Under that agreement, the United States may unilaterally amend the agreement as long as it advises the EU of the change. There has already been one amendment whereby all documents held by the EU concerning the joint U.S.-EU agreement shall not be publicly released for 10 years.
This would preclude any access to information requests. In essence, Bill C-42 provides too much access to private information without any protection. As I have stated, it will allow data mining of Canadians' personal information by foreign security services.
The Conservative government seems to be inordinately influenced by what it seems to believe is a danger, that unless Canadians agree with the bill, the United States could close its airspace to Canadian aircraft. While this threat may result in pressure to pass the bill, it is very unlikely the United States would carry through with that threat. Still, Bill C-42 is being spun by the government as necessary for fighting terrorism. There is no example of how this data mining has caught a single terrorist or any other criminal.
The bill is an unacceptable invasion of the privacy of Canadians by foreign security forces. I have heard from many constituents who are very concerned that such an intrusion is an unacceptable invasion of their privacy and undermines their sense of personal security.
I believe Maher Arar is an example of how this type of information can be misused. Canadians remember Maher Arar, a 34-year-old Canadian wireless technology consultant who was born in Syria and came to Canada with his family at age 17. Maher became a Canadian citizen in 1991.
On September 26, 2002, while in transit at New York's JFK airport en route to Montreal, Mr. Arar was detained by U.S. officials, and on the basis of information provided by the Royal Canadian Mounted Police, he was interrogated about alleged links to al-Qaeda. Twelve days later, he was chained, shackled, and flown to Syria where he was imprisoned in a tiny cell for 10 months. During his captivity he was beaten, tortured and forced to make a false confession. Due to the unrelenting efforts of his wife, Monia Mazigh, and the help of Alexa McDonough, he was eventually returned to Canada in October 2003.
In January 2004, under pressure from Canadian human rights organizations, the Government of Canada announced a commission of inquiry into the actions of Canadian officials. In 2006, Justice Dennis O'Connor cleared Maher Arar of all terrorism allegations, stating that he was able to state categorically that there was no evidence to indicate that Mr. Arar had committed any offence or that his activities constituted a threat to the security of Canada.
The authorities at JFK identified Maher as knowing a person being investigated by the RCMP, but failed to further investigate the degree of this acquaintance. They made assumptions which were unjustified and they took action which would have been unjustified even if Maher Arar had been guilty of serious crimes.
Despite an apology and financial settlement from the Government of Canada in 2007, U.S. authorities refuse to accept Mr. Arar is innocent and he remains on the American no-fly list. Clearly, this is a terrifying example of how information can be skewed, misinterpreted and misused.
Many people have commented on the agreement being considered by the Government of Canada in regard to the proposed amendments to the Aeronautics Act. Ms. Chantal Bernier, assistant privacy commissioner in the Office of the Privacy Commissioner of Canada told the Standing Committee on Transport, Communities and Infrastructure in May 2010:
--privacy and security do not have to be at odds. In fact, they must be integrated. And they converge. They converge in this fashion: privacy commands that we collect as little information as possible, in a minimal approach, and as well in the effectiveness of security, in the sense that its effectiveness rests upon collecting only the information that is relevant...the right to privacy is a fundamental right that cannot be infringed upon, unless it is demonstrably necessary for the public good. It follows, then, that the collection of personal information can only occur when it is proven necessary, and it must be proportionate to that necessity...that necessity must be assessed on an ongoing basis by verifying that the collection of personal information is indeed effective and necessary in relation to the identified necessity. Finally, it must also be demonstrated that there are no less privacy-intrusive measures available to reach the same goal.
Comments to the transport committee by Edward Hasbrouck of Liberty Coalition, a U.S.-based civil liberties group, are chilling. Mr. Hasbrouck stated:
Unlike the case in Canada, where someone denied travel is given formal notice of that decision and has rights to appeal it, those no-fly orders in the U.S. are entirely extrajudicial. No one in the U.S. has yet obtained court review by any U.S. court of a no-fly order. It is U.S. government policy not even to admit that they have issued such an order, and that includes those denying passage on flights overflying the U.S. that were not scheduled to land. Former Secretary of Homeland Security Michael Chertoff is on the public record as saying that he believed that no-fly decisions should not be subject to judicial review, and the current U.S. administration has done nothing to repudiate that perspective.
While the consequences for anyone are very serious, including for those U.S. citizens trapped abroad who are currently unable to return home because they are not allowed to fly and have no other way to get back to the U.S., they are perhaps most draconian for refugees and asylum seekers. You should be very clear that the enactment of Bill C-42 would grant to the U.S. government de facto veto power over the ability of virtually anyone to obtain sanctuary in Canada--
This sounds very much like the case of Dawood Hepplewhite, a British man stranded in Toronto after being denied permission to fly home. His name is on the U.S. no-fly list. Mr. Hasbrouck went on to talk about how the data collected is used. He indicated:
These data are also used for purposes of surveillance of travellers. It is not the case that the information is simply used to make a onetime decision about whether to let you fly. All of your PNRs, even if you are not deemed suspicious and are allowed to fly, will be added to the lifetime travel history and compilation of data already being kept about you as part of the automated targeting system.
Dr. Mark Salter, associate professor, school of political studies at the University of Ottawa, told the committee:
Governments want this information so that they can build profiles of not just risky passengers but safe passengers as well. Research clearly demonstrates that in the United States and the U.K., government agencies are trying to collect as much data about travellers as possible. Government agencies such as the U.K. Border Agency try to develop very sophisticated algorithms that predict not which individuals are dangerous, but what kinds of itineraries are dangerous.
What worries me about this particular legislation is that the data not only go to the destination country but may go to all states that the airline might fly over. That, I feel, is the significant change that this legislation brings, and it worries me a great deal.
Flights that use the polar routes from Vancouver to Hong Kong would have to go over Russia and China. Are we suggesting that they are reasonable destinations for the passenger data of Canadian citizens? Flights that go to Colombia or Brazil must overfly any number of Latin American countries. Flights to Dubai must overfly most European countries and some Middle Eastern countries. Is the Government of Canada confident that the destination for their data can provide adequate protection? Are Air Canada and other air providers confident of that as well?
I understand that one of the reasons for this legislation is to get around the requirements of PIPEDA for Air Canada to provide such data. What worries me is that neither the government nor other agencies have put protection in place for data that will now go abroad.
I think it is dangerous to sacrifice our privacy and our freedoms for the dream of zero risk or perfect security. This particular measure does not provide additional security for the aviation sector, and it places an additional burden on Canadian citizens who are flying...the use of this commercial data, because it is created by airlines for their use, poses clear risks to privacy and no clear benefit. There is no reciprocity among any of the other countries. We are simply making Canadians more vulnerable to the security services of other nations, and we are doing so for countries that may not have the same robust privacy legislation or commitment that we have in Canada.
Canadians' data should not be hostage to the most paranoid regime that an air company chooses to fly over. The proposed change to these data protection regulations to include overflight states dramatically increases the vulnerability of Canadians' data while offering no means of redress or appeal.
We can assume that citizens know when they travel to a particular country that they are consenting. They know they go through a visa process and a border process, so they know their data is being evaluated. However, Canadians would have no way of knowing which of the countries they flew over would get their data, what would happen to their data, or how to appeal the use of that data.
The proposed changes to the Aeronautics Act are dangerous indeed without any clear benefit to Canadians.
Nathalie Des Rosiers, general counsel of Canadian Civil Liberties Association, told the committee that there is an expectation of privacy protection by the charter. This bill would not meet a section 1 challenge because it has no limitations. It does not adequately protect the problems that may arise with the disclosure of information and so on.
The first point is that there is a constitutional vulnerability that should be looked at before we go too much further. There is no requirement in Bill C-42 or in the regulations of the U.S. Transportation Safety Act for safeguards to protect the information. There is no safeguard that the TSA will not pass information to other government agencies, such as law enforcement or immigration. There is no safeguard that the TSA will not pass this information to third countries. We know this has been a particularly difficult issue for some Canadians, Maher Arar being a case in point. There is no guarantee the TSA will not use the information for profiling Canadians to put them on its watch list or no-fly list.
Ms. Des Rosiers also reminded the committee that in the United States the no-fly list is under constitutional review. It has been challenged because there are too many false positives arising. The process has a described Kafkaesque quality in the way it does not allow people to know whether they are on it, how to get off it, and what evidence is on it.
That is the danger. The danger is that Canadian passengers will be put at risk of being stuck somewhere with no possibility of flying home. There is no guarantee that an innocent Canadian could not be mistakenly placed on the list. There is no guarantee that innocent Canadians mistakenly placed on the list will not be prevented from flying to or from or being detained in the U.S. or elsewhere without due process.
I have absolutely no confidence that surrendering information about Canadians to the U.S. Department of Homeland Security is either safe or wise. Disclosure to the U.S. Department of Homeland Security of personal information on passengers travelling to certain destinations, particularly Cuba, could lead to unpleasant consequences. For example, this information could be used to identify Canadian companies that do business with Cuba or to penalize travellers who have visited Cuba by consequently refusing them entry into the U.S.
How will Canada ensure that the U.S. will not use the secure flight program to apply its Helms–Burton act which imposes penalties on foreign companies doing business with Cuba? Canadians and Canadian companies have had a long-standing and very positive relationship with Cuba. Millions of Canadians have visited Cuba, and I am sure would like to continue to visit Cuba.
Over and over we have heard the warnings from reputable experts and indeed the voices of concerned Canadians. Surely the government will listen to these warnings. We need to defeat Bill C-42. Canadians deserve better than the lacklustre leadership and absence of due diligence from the government. How can anyone trust a government, its ministers and a Prime Minister so willing to jeopardize their privacy and security?
In the words of our Privacy Commissioner, “the Canadian government has a duty to protect the privacy and civil rights of its citizens”. It is time the government understood that and did its duty.