Roundtable on Management of the Social Insurance Number

This page has been archived on the Web

Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Notes for a presentation to the House of Commons Committee on Human Resources Development and the Status of Persons with Disabilities

November 26, 1998
Ottawa, Ontario
Bruce Phillips
Privacy Commissioner
(Check Against Delivery)

I welcome this opportunity to participate in any discussion about managing the Social Insurance Number (SIN). I say that because, frankly, management of this pervasive number seems to be what's been missing to date. Millions have been issued certainly. And millions more have been used and abused since their introduction.

This was the account number the government issued us in 1964 for the Unemployment Insurance Plan. Then, following considerable debate, it was expanded to be our Canada Pension Plan account number. Worries about further expansion and the spectre of a national ID number led to that famous exchange between then Prime Minister Pearson and Mr. Diefenbaker in the House of Commons. Faced with the accusation that SINs might also be used for income tax, Mr. Pearson shot back "Certainly not".

That resolve withered within two years. Between 1965 and the late 1970s, the number insinuated itself into many federal government programs. And without any legislated controls, became rampant outside government. Now, not just Revenue Canada wants your SIN. Everyone from your child's hockey team to your landlord, from your video store to your library asks for it. The shorter list is who doesn't have it.

SINs are in your credit file, which means they are widely used and available in the private sector. Employers must collect them for tax and benefit purposes. Until very recently, SINs were used as health plan numbers in Prince Edward Island. And amendments to the Income Tax Act made them an integral part of virtually all financial records systems. There are no legal controls on how business collects, uses or discloses the number, with the single exception of when financial institutions collect it for Income Tax purposes.

In short, this genie is out of the bottle.

Several attempts to regain some control over the ubiquitous number came and went. In 1979, the then Minister of State for the Treasury Board, Perrin Beatty, announced the government's intention to introduce legislation to "reverse the trend towards the use of the SIN as the single identifying number in departments and agencies of the federal government". He also undertook some initial steps to limit its use outside the federal government.

In 1980, Mr Beatty, now in opposition, introduced the former government's privacy legislation as a private member's bill. The bill included specific provisions on SIN use in the federal government. Since 1980, three MPs have introduced private member's bill to control use of the number. All suffered the fate usually reserved for private member's bills.

In the interim, the first Privacy Commissioner Inger Hansen had been commissioned to report on use of the Social Insurance Number. She recommended creation of a new criminal offence against the privacy of another to regulate SIN use. Then, during its three-year review of the Privacy Act in 1987, the Justice Committee examined growing SIN use. The committee called for statutory prohibition against denying goods and services to individuals who refused to provide the SIN, unless the number was required by law.

This recommendation has been a continuing refrain of the Privacy Commissioner's Office since 1983. The result has been the government's restrictive policy on its own use of SIN, announced, to some grumbling, in 1988. But the policy is just that, it is not law, and it has no effect on the private sector.

Inevitably, when you talk about privacy to people, they have a SIN story for you. SIN is, in effect, the tip of the privacy iceberg. SIN is the symptom of the greatest threat to privacy in an information age. That threat is data-linkage. Data-linkage means gathering information about an individual from many data bases and creating a new data file. Data-linkage works fastest and best when each individual has a unique trusted identifier across all data bases so they can be easily found. Then, the information can be pooled to form more comprehensive profiles of individual characteristics and behaviour.

This is the threat that people respond to viscerally. This is the transfer of information and power to the controllers of systems. And this is the practice that offends that first privacy principle: personal information should be used only for the purpose for which it was collected.

The power of modern information systems to intrude on our privacy was acknowledged in a 1972 report of a task force established by the Departments of Justice and Communications. If it was so in 1972, the threat has since grown exponentially. The problem, as always, is that we are quick to seize the opportunities the technology offers, but we are mightily slow in appreciating their impact on human values.

Where once we used computers to accomplish a task, now computers offer us tasks we never dreamed of performing. The tool risks becoming the master. And because so much is now possible, we are challenged to defend our right to privacy. Why should we stand in the way of progress? Why should we want to impede the detection of fraud? What do we have to hide?

We have lost sight of what privacy means to human beings. Alan Westin described a four-fold concept as:

  • solitude: allowing us to reflect on our experiences;
  • intimacy: allowing more meaningful relationships with family and friends;
  • anonymity: allowing us to exist outside the bounds of historical development, and
  • reserve: allowing us to withdraw from communications when we feel the need.

All four hinge on the notion of individual control, on autonomy, on our power as individuals to make our own decisions, even wrong ones. The more information about ourselves in others hands, the greater the possibility of surveillance, of manipulation and of imposed conformity. Not for nothing has former Supreme Court Justice Gerald La Forest described privacy as "at the heart of liberty in a modern state".

SIN has become something of a stalking horse for government hopes for a single window for client services. And with that initiative comes a central database, a common client identifier and, in all likelihood, an identification card, possibly with a biometric identifier.

The vaunted advantages for such as system are:

  • elimination of fraudulent claims for social benefits or work authorizations for illegal immigrants;
  • convenience for bureaucrats in linking disparate data bases;
  • accurate identification of individuals, and
  • preventing one person from assuming another's identity.

Among the evident downsides are the function creep of the card. What starts out as limited specific uses, expands rapidly to incorporate many programs, so many that life is impossible without holding and showing the card. The card then becomes a de facto internal passport.

Even if the card is voluntary at the outset, the greater the number of agencies that use it, the greater the inconvenience not to use it. The end result is effective compulsion.

Soon, the card becomes an icon. It is more important than the person, and the person is not a person without it.

The centralized population register increases the possibility of widespread computer surveillance. Access to the register will be broad and will grow as programs make their case for joining. Inevitably, thousands of government employees will have legitimate access. We will all become virtual persons whose lives can be followed and perhaps influenced by governments agencies. It matters not whether the surveillance is for our own good, to feed policymakers or to satisfy researchers' curiosity, dataveillance, it is every bit as intrusive.

I realize this is a bit of a sermon but I think it's essential we remember what privacy really is. While you examine the current SIN mess, before you consider any measures to expand its use, or any new national numbering scheme, I ask you to remember that ensuring security is not protecting privacy. Security is merely protecting the data you have. To protect privacy we have to ask ourselves a much more fundamental question: should we collect the information, do we truly need it, and is that need so pressing that it overrides that human value that is so fundamental to a healthy democracy.

Thank you.

Date modified: