Avoiding complicity in mistreatment by foreign entities: Annual report
Table of contents
Introduction
The Canada Border Services Agency (CBSA) was established by the Canada Border Services Agency Act and is an integral part of the Public Safety Portfolio.
The Agency is responsible for providing integrated border services that support national security and public safety and facilitate the free flow of persons and goods. Information sharing with domestic and international partners is essential for the successful execution of its mandate and mission.
This report is presented to the Minister of Public Safety and Emergency Preparedness (the Minister) in accordance with subsection 7(1) of the Avoiding Complicity in Mistreatment by Foreign Entities Act (ACA, or ‘the Act’). It provides an overview of the agency’s information sharing practices; implementation of an updated Policy in support of the Order in Council Directions for Avoiding Complicity in Mistreatment by Foreign Entities (the OiC), and the number of substantial risk cases and restrictions to any arrangements due to concerns of mistreatment for the period of to .
Background
The ACA came into force on . The Act requires the Governor in Council to issue written directions to deputy heads regarding:
- the disclosure of information to any foreign entity that would result in a substantial risk of mistreatment of an individual;
- the making of requests for information to any foreign entity that would result in a substantial risk of mistreatmentFootnote 1 of an individual, and
- the use of information that is likely to have been obtained through the mistreatmentFootnote 2 of an individual by a foreign entity.
On , the Governor in Council, on the recommendation of the Minister, pursuant to paragraph 3(2)(f) of the Act, issued the OiC Directions for Avoiding Complicity in Mistreatment by Foreign Entities to the President of the CBSA.
Every deputy head to whom directions have been issued must, before March 1 of each year, submit to the appropriate Minister a report in respect of the implementation of those directions during the previous calendar year.
Information sharing practices and arrangements
The CBSA relies on information to execute its border management responsibilities safely and efficiently. The Agency collects, retains, and shares information strictly within the parameters of its border management mandate, as set out by CBSA program legislation. The CBSA’s information sharing activities can be characterized as follows:
- The CBSA is a net consumer of information. The majority of information held by the CBSA is derived from private sector stakeholders (such as air carriers or commercial transport companies). This information is provided to the CBSA under regulatory requirements and allows the Agency to make timely, risk-based decisions on the admissibility of people and goods attempting to enter Canada. Individuals and private sector stakeholders also provide information to the CBSA when engaging in one of its ‘trusted’ programs (e.g., Trusted Traveller or Trusted Trader).
- The CBSA augments this regulatory information with information received from various partners, including public safety partners such as the Royal Canadian Mounted Police (RCMP) and the Canadian Security Intelligence Service (CSIS), in order to effectively identify and manage higher-risk cases.
- The CBSA’s information sharing with foreign entities mostly implicates the Border Five (B5) partners which include the United States, the United Kingdom, Australia, and New Zealand. As outlined in the Agency’s legislative authorities, and mirrored in the CBSA’s policies and operational guidance, the CBSA primarily exchanges information with domestic and international partners in cases where the activity is permissible under the Customs Act or the Privacy Act. These exchanges are well codified in various written arrangements and agreements.
Although the CBSA has numerous partnerships and manages a substantial amount of information, given the context described above, its information sharing activities are generally low-risk in terms of possible association with mistreatment.
The CBSA recognizes that one of its key responsibilities is to be a steward of the information in its control. In line with the OiC, the CBSA continues to implement measures to augment its management of information sharing activities.
Implementation of the directions
Updated policies, guidance, and procedures
The CBSA published its Policy on the Order in Council to the CBSA: Avoiding Complicity in Mistreatment by Foreign Entities on . The updated Policy replaces the previous Policy and Operational Guidelines pertaining to the 2017 Ministerial Directive to the CBSA.
Under the new Policy, CBSA officials are directed to consult the Information Sharing & Collaborative Arrangements Policy (ISCAP) Unit for general information sharing questions and the Intelligence and Targeting Operational Support Unit (ITOSU) for questions pertaining to the risks associated with disclosing, requesting, or using information from a specific international entity.
The Policy is located within the CBSA’s Information Sharing Toolkit and is accessible to staff across the agency via the CBSA intranet.
As per best practices, an Agency-wide awareness campaign including formal communications regarding the release of the policy, was conducted. Development of training, working tools, and processes to support implementation are ongoing.
Interdepartmental coordination
While developing the Policy in support of the OiC, the CBSA has ensured that it is applying a compatible and complementary approach to that of other federal partners in terms of how it assesses risk associated with its information sharing activities with foreign entities.
In line with this approach, the CBSA continues to be an active participant in the Public Safety-led Information Sharing Coordination Group (ISCG). The ISCG is the primary interdepartmental forum for supporting interdepartmental collaboration and information sharing between members as they implement the Act and the corresponding Directions.
The three primary objectives of ISCG are to:
- Establish best practices;
- Share information, and
- Coordinate the development of policy documents and responses for inter-departmental issues.
Country profiles
As needed, the CBSA develops and maintains Serious Inadmissibility & Mistreatment Country Assessments (SIMCA) to capture and reflect the security, organized crime and human rights environment in identified countries of concern.
The SIMCA provides the basis for the CBSA’s risk assessment process as part of its responsibilities under the ACA and related OiC.
CBSA officials are instructed to contact the ITOSU if they have questions pertaining to the risk levels of certain countries.
Risk mitigation
The CBSA establishes the level of the risk associated with a given information sharing activity by simultaneously considering the level of mistreatment risk associated with the intended recipient of the information, as well as the sensitivity of information itself. Information sharing activities may only proceed in cases where there is no substantial risk of mistreatment, and/or risks that might be present can be adequately mitigated.
The mistreatment risk assessment (MRA) process assesses the country or entity risk rating in relation to the ACA. The Serious Inadmissibility & Mistreatment Country Assessments” (SIMCAs) are considered for each MRA.
Senior management risk assessment committee
High risk decisions will be referred to a Director General-level Senior Management Risk Assessment Committee (SMRAC) through a briefing package which will be prepared by the ITOSU. The SMRAC will utilise the tools available in order to determine if an information sharing activity may result in mistreatment, or if information may have been derived through some form of mistreatment. The SMRAC is to be convened on an as-needed basis, when complex or sensitive cases arise.
Where risk is deemed present, a Risk Assessment Package will be prepared. After considering the information contained within the package, the SMRAC is tasked with making one of three decisions as they pertain to the substantial risk of mistreatment:
- If the information sharing with a foreign entity will likely not lead to the mistreatment of an individual, or if the information received from an entity was likely not obtained as a result of mistreatment, the information may be shared or used;
- If the information sharing with a foreign entity may result in a substantial risk of mistreatment, or if there is a risk that the foreign entity obtained the information as a result of mistreatment, but these risks have been sufficiently mitigated, then the information may be shared or used, or
- If the information sharing with a foreign entity will likely lead to the mistreatment of an individual, or if it is likely that the information received from a foreign entity was obtained as a result of mistreatment, then, the information cannot be shared or used.
The SMRAC will also be responsible for referring any decisions to the President of the CBSA in accordance with the ACA.
This process will complement existing CBSA information sharing policies and procedures in order to maximize operational efficiency while ensuring that the CBSA adheres to the requirements of the OiC.
Training
The CBSA provides general information sharing training online and in-person to employees. CBSA officials regularly conducting information sharing activities, or those whose responsibilities may bring them into information sharing scenarios, have access to additional information sharing training tailored to their particular roles and responsibilities. This approach ensures that training is commensurate with any potential risk in sharing information.
The ISCAP Unit is currently updating its information sharing training to include the OiC and emphasizes the fact that the ACA must be considered in any information sharing activity with any foreign entity.
Activity Report
This report describes OiC related activities undertaken by the CBSA between and .
Cases of substantial risk
Per the table below, within the aforementioned reporting period, the CBSA had no cases of disclosure, request, or use of information requiring additional risk assessment or referral for Deputy Minister Determination.
| Type of case: | Disclosure of information | Request for information | Use of information |
|---|---|---|---|
| Number of cases requiring Deputy Minister Determination: | 0 | 0 | 0 |
Restriction of arrangements
The CBSA did not have any cases of restrictions being applied to any arrangement due to concerns related to mistreatment within the aforementioned reporting period.
- Date modified: