Executive Summary
Data Analytics

The CBSA is in the process of a major transformation, driven by the need to modernize how front-line services are delivered and operations are managed. The intent is to transition the management of Canada’s borders to a risk-based model. To achieve this, the Agency is investing in digital solutions to strengthen its capacity for evidence-based decision making and improve performance management. This is reflected in the CBSA’s Data Analytics Strategy, which will result in data that is of a high quality, accessible, and well managed and that supports effective business intelligence and risk management.

The Data Analytics Strategy provides for the expansion of data analytics through the improved integration of data that the Agency creates, data that it acquires from other government departments, and data procured from third parties. The current PIA deals with data that is created and managed by the CBSA directly, but the document is structured to accommodate additional datasets, uses, and users over time. Specifically, any incremental new privacy issues will be assessed via annexes that describe any new data sets or data systems, the uses of associated data, and the users of the data analytics outputs.

PIA Main Body

The Main Body of the PIA is designed to explain the Enterprise Data Warehouse (EDW), its existing data sets, and the data analytics vision of the CBSA; that it plans on using analytics to support operational outcomes, as well as internal reporting. The Main Body is intended to be static; describing the types of information that are not expected to change but remain relevant for privacy analysis.

Annex A – End Users and Uses

Annex A describes and assesses the end users within the CBSA who will use the data in the EDW to perform data analytics (using analytic software) to support operational uses / administrative purposes.. The initial version of the PIA includes an Annex on the National Targeting Centre (NTC).

Data scientists working in the NTC’s Targeting Data Analytics Unit extract data from various datasets in the EDW to design more efficient and effective ways to perform risk assessments on passengers arriving at a Canadian border, analyses of the operational implications following the release of travellers, risk indicators/risk algorithm analyses, enforcement action analyses, predictive model analyses and ad hoc analyses. These analytic models will be used in conjunction with other indicators, to help inform decisions made by targeting and Border Services Officers.

Annex B – Acquired Systems

Annex B describes the systems whose data has been ingested into the EDW. Currently these include CBSA databases, and the intent is to acquire datasets from other government department and third-party databases – all of which are used to support the CBSA’s operations and enforce border-related legislation. Following are summaries of the systems and related data to be ingested into the EDW’s production environment for data analytics, in support of the CBSA’s legislated mandate.

Integrated Customs Enforcement System (ICES)

National Case Management System (NCMS)

Canada Post Corporation’s Point of Call Database (CPC PoC)

Annex C – Use Cases

Use cases show how data among and between datasets can be matched, and they help to determine the operational value of a given data element in a dataset. This Annex includes sample use cases, describes which data were used, and explains their intended business purpose.

Right of Access

Individuals may formally request access to their personal information, or access to corporate records related to the Data Analytics Program by filing a request with the Access to Information and Privacy Division. More information about this can be found on the Access to Information and Privacy Webpage.


If you have concerns about the collection, use, disclosure or retention of your personal information, may issue a complaint to the Office of the Privacy Commissioner of Canada who is mandated to investigate. Complaints should be made in writing, and include your name, contact information, and a brief description of your concerns. Details of this process can be found on the Privacy Commissioner’s Website.

Date modified: