Information & Ethics committee  More recently, the discussion that has been going on with her....

Information & Ethics committee  That's a very complex question, and it requires me to parse it out a little bit. Basically, our powers at the border are derived from the Immigration and Refugee Protection Act together with the Customs Act. When you arrive at the border, you can anticipate questions. We have to establish who you are and what your purpose is in coming into the country, even if it is to return home.

Information & Ethics committee  That relates to sections 11 and 12 of the Customs Act. Basically, you have to answer truthfully all the questions asked of you. The dynamic you would create by not voluntarily responding to those questions that are asked in that few minutes that a border services officer has to figure out who you are and what kind of risk you may pose would probably trigger a process in his mind that would result in your needing to go to a secondary line, so that someone else can spend a little more time with you.

Information & Ethics committee  I don't know who would like to answer that one.

Information & Ethics committee  There are some acts that fall in place. For example, when we talk about sharing of information with the U.S., we're also dealing with provisions in the Customs Act, first of all. When we look at the legislative framework—and your question is basically whether it is working for us—some of our opinion is informed by what's in the Customs Act.

Information & Ethics committee  Yes. Of course, we're also subject to the Privacy Act. We are informed by the recommendations that the Privacy Commissioner made, and we have been trying to digest them. Some of them are very ambitious, such as creating a privacy management framework. In her audit, she offered four or five pages of recommendations on how we might go about that.

Information & Ethics committee  The privacy impact assessment is Treasury Board policy, so we respect the policy. If it's a large project, if it involves privacy-protected information, or if there are potential privacy risks, there's basically a two-step process. The first is to create a PPIA, a preliminary privacy impact assessment.

Information & Ethics committee  I think that's something Janet might want to speak to. This speaks to our strategy to deal with the western hemisphere travel initiative and other initiatives from the U.S.

Information & Ethics committee  I was misinformed as to what the nature of some of the discussion would be today. I didn't appreciate that you wanted to focus or drill into the audit of the Privacy Commissioner. I'm quite happy to speak to it. It is a fairly complex document that focused on customs information and the transborder data on which she made 19 recommendations as to what we can do to improve things.

Information & Ethics committee  As an institution, we've grown used to the existing act. That's what we work with on a day-to-day basis. We understand that we have to have a justifiable reason to collect information. It has to be for a program purpose. We have to maintain the information in such a way that a person may seek their information and ask for a records correction.

Information & Ethics committee  If I understand the question, you're asking whether the recent changes to the Access to Information Act have improved our access to information?

Information & Ethics committee  We didn't prepare an opening statement. We thank you very much for the invitation, Mr. Chair. We understood the invitation was to come and discuss the framework for disclosure of information within the CBSA. We did take a look at some of the discussion you had with the Privacy Commissioner, and based on that, I asked Caroline Melis, the director general of our intelligence directorate, to address some of the questions you may have arising out of that discussion, and likewise my colleague Janet Rumball.