Independent review mechanism for the national security activities of the RCMP

This page has been archived on the Web

Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Commission of Inquiry into the Actions of Canadian Officials in Relation to Maher Arar

November 16, 2005
Ottawa, Ontario

Opening Statement by Jennifer Stoddart
Privacy Commissioner of Canada

(CHECK AGAINST DELIVERY)


I would like to thank you for the opportunity to appear today to comment on the issue of an independent review mechanism for the national security activities of the RCMP.

First, I would like to reiterate some of the points we made in our submission to the Commission of Inquiry and then I will answer any questions you may have.

1. The need for greater oversight and accountability

We agree there is a need for greater accountability, transparency and oversight of agencies involved in national security. The passage of the Anti-terrorism Act in November 2001 marked the beginning of a new national security environment characterized by enhanced surveillance powers for law enforcement and national security agencies, fundamental changes to the machinery of government and increased sharing of personal information with the United States and other governments.

As well, we have witnessed a blurring of the distinction between national security and law enforcement activities in some of the post-September 11 initiatives. We are concerned that the logic of anti-terrorism could permeate all spheres of law enforcement and public safety and this could result in large-scale systems of surveillance that will increasingly erode privacy rights in Canada.

At the same time as the role and powers of law enforcement and national security agencies have been broadened, as a result of the Anti-terrorism Act, the Public Safety Act and other measures, constraints on the use of these surveillance powers have been weakened and government accountability and transparency have been significantly reduced.

We want to have a safer, more secure country and we understand the need for an effective state intelligence apparatus. We also need processes to ensure that the enhanced powers we are giving these agencies are necessary and proportionate and that, if granted, they are not abused.

2. Our experience with the RCMP, CSIS and CSA

Under the Privacy Act, we have oversight responsibility for the handling of personal information over approximately 150 federal government departments and agencies including the RCMP, CSIS and CSE. However, we are only part of a larger national oversight system that includes Parliament, the courts, other specialized agencies created by Parliament such as the Communications Security Establishment Commissioner, the NGO community and the media.

Let me briefly summarize our complaint experience with the RCMP, CSIS and CSE. In the last two years we have had one well-founded complaint against CSIS and none involving CSE. In 2003-2004, 56 of the well-founded complaints were against the RCMP and last year 45 of the 607 well-founded complaints involved the RCMP. None of the well-founded complaints dealt with the use and disclosure of information pertaining to national security.

To date, we have had only one complaint against the RCMP that involved allegations of improper use or disclosure of personal information for national security purposes. As well, we have received denial of access complaints against the RCMP, CSIS and CSE; however, upon investigation we concluded that the information was properly exempted under sections 21 — national security — or 22(1)(a) — information collected by an investigative body.  

We also have the authority to review or audit organizations that are subject to the Privacy Act. During 2002 and 2003 we conducted reviews of four RCMP activities, including the Integrated National Security Enforcement Teams (INSETs). Under section 36 we can audit exempt information banks. There are presently only four exempt banks that are under the control of CSIS, CSE and the RCMP. The last time exempt banks were reviewed by this Office, over fifteen years ago, the result was a significant reduction in the number of exempt banks.

We recognize and accept that we cannot exercise effective oversight on the use of personal information on our own. The task is simply too large and too important to be entrusted exclusively to any single agency. As well, the Privacy Act, which is now more than twenty years old, was not designed to deal with an environment in which intrusive surveillance, and the technologies to allow this to happen, are constantly increasing. The Privacy Act regulates the flows of personal information; it does not create a strong normative framework that protects privacy.

3. Privacy Act Reform

In our recently released 2004-2005 Annual Report on the Privacy Act, we call for the reform of the Privacy Act. There are several reasons why the Act needs to be reformed, not the least of which is the need to address the challenges of the new post September 11 surveillance state.

One of the specific issues that should be addressed in any reform of the Privacy Act is the ability to either decline to investigate a complaint or to refer a complaint to a more appropriate forum for investigation. We have this discretion under the Personal Information Protection and Electronic Documents Act (PIPEDA) which applies to the private sector. A similar provision in the Privacy Act would be desirable. This discretion might be particularly valuable if a new agency were created to deal with complaints related to the RCMP's national security activities.

4. Cooperation with other oversight agencies

We can envisage a situation in which an individual may have a complaint that raises issues related to the collection, use or disclosure of personal information under sections 4 to 8 of the Privacy Act that are incidental to a more far reaching set of issues. In such a situation, an individual's interests might be better served by a review body with multi-dimensional expertise and with a broad mandate that would allow it to examine matters that go beyond the handling of personal information.

While we feel strongly about the need for greater oversight over the national security activities of the RCMP, we do not have any views on what this agency should look like. By this I mean we do not have any views on whether this agency should also deal with the types of complaints currently handled by the Commission for Public Complaints or whether it should also exercise oversight over CSIS and CSE.

When discussing oversight, we should not lose sight of the importance of internal oversight and accountability. Government departments and agencies — especially those that have a national security mandate — should be required to develop and implement privacy management frameworks that include an internal privacy audit capacity, privacy leadership responsibilities in the performance agreement of senior executives, privacy protection performance indicators, and a strengthened role for Access to Information and Privacy coordinators.

We would welcome the creation of a new agency, or revising the mandate of an existing agency, to oversee the national security activities of the RCMP. While this might result in some overlap of mandates we do not anticipate that this will cause any significant problems that cannot be dealt with cooperatively. We are prepared to work with any new agency to address any issues that might arise.

Date modified: