Thieves target important papers mailed by Canadians
In last year’s annual report, our Office reported on a comprehensive audit of the personal information-handling practices of Passport Canada, part of the Department of Foreign Affairs and International Trade (DFAIT).
The audit turned up privacy and security problems in passport operations that added up to a significant risk to Canadians applying for this vital identity document. Indeed, we found weaknesses at every step of the application process – the way in which personal information was collected and stored, how it could be accessed, and how it was ultimately disposed of.
Passport Canada and DFAIT agreed to most of our audit’s 15 specific recommendations for strengthening the privacy management framework governing their passport operations.
Then, as the current reporting period drew to an end, issues with Passport Canada’s online application process necessitated a shutdown of the service. A brief note on the agency’s website stated: “Passport On-line is stepping aside for a new generation of interactive forms. The new forms . . . are more secure and easier to use.”
During 2008-2009, however, the only three passport-related breaches that came to our attention were beyond the agency’s control because they involved the theft of application packages from the postal systems in Alberta and British Columbia. An RCMP investigation led to an arrest and criminal charges against an individual.
Passport Canada advised the affected applicants of the theft. The agency also told them how to protect against identity theft, reapply for new birth certificates, and obtain reimbursement for lost fees and costs associated with the incidents.
The agency also continues to warn Canadians on its application forms: “The original documents that you enclose with your application are valuable. To ensure that these documents are not lost or misplaced, it is preferable to use a courier or mail service that allows you to trace your mail.”
Report a problem or mistake on this page
- Date modified: