Crossing the line? The CBSA’s examination of digital devices at the border

Complaint under the Privacy Act

October 21, 2019

Executive Summary

In 2017-18, the Office of the Privacy Commissioner of Canada (the “OPC”) received a number of complaints against the Canada Border Services Agency (the “CBSA”) with respect to the examination of personal digital devices – particularly cell phones, tablets, and laptop computers – at ports of entry by Border Services Officers (“BSOs”). This Report of Findings (the “Report”) details our investigation of six complaints filed by individuals whose digital devices were searched by the CBSA. We are of the view that the CBSA contravened the Privacy Act (the “Act”) and have identified significant failings in the CBSA’s practices overall. As a result, we made a number of recommendations to the CBSA aimed at correcting its practices and also highlighted the need for legislative reform of the legal framework governing searches of digital devices at the border. The CBSA accepted our recommendations with respect to its practices and policies but disagreed with our recommendations regarding legislative reform.

Overview

1. This Report details our investigation of six complaints against the CBSA regarding the examination of personal digital devices^{Footnote 1} by BSOs at ports of entry. In all cases, the complainants are Canadian citizens who allege that upon their return from travelling abroad, the CBSA searched their digital devices as part of its customs examinations. All of the complainants question the CBSA’s authority to conduct the searches. We therefore examined whether the CBSA’s collection of personal information in these cases was consistent with section 4 of the Act.
2. The Supreme Court of Canada has found that the search of a digital device can constitute a very significant intrusion of privacy.^{Footnote 2} As Fish J. noted in R v. Morelli, “Computers often contain our most intimate correspondence. They contain the details of our financial, medical, and personal situations. They even reveal our specific interests, likes, and propensities, recording in the browsing history and cache files the information we seek out and read, watch, or listen to on the Internet.”^{Footnote 3} Cell phones and tablets, in addition to holding information about our telecommunications, including incoming and outgoing phone calls, voicemails, and texts messages, also contain similar information as computers.^{Footnote 4} When connected to the internet, these devices provide a gateway to personal information that extends far beyond what was traditionally stored and carried in a traveller’s luggage. Consequently, we are of the view that there are significant privacy interests at stake in the search of all types of digital devices.
3. The CBSA takes the position that paragraph 99(1)(a) of the Customs Act^{Footnote 5} allows BSOs to examine any “goods” that have been “imported” into Canada for customs-related purposes in order to ensure compliance with the laws administered or enforced by the CBSA. According to the CBSA, “goods” are defined in subsection 2(1) of the Customs Act to include “any document in any form” and therefore encompasses electronic documents contained on digital devices. The CBSA acknowledges that its authority does not extend to examining electronic documents that are not actually stored on a digital device but that may be accessible from such a device, for instance via the Internet.
4. The current definition of “goods” is broadly defined under the Customs Act. While we accept that a digital device and the electronic documents stored on the device can constitute a good for the purpose of paragraph 99(1)(a), we agree with the CBSA that documents, data, or information not stored on the device but accessed remotely (i.e., via Internet connection) cannot be considered goods within the meaning of the Customs Act. This position is consistent with lower court jurisprudence to date interpreting the scope of the CBSA’s authority under paragraph 99(1)(a) of the Customs Act to search digital devices.
5. In order to ensure that BSOs access only information stored on a digital device, the CBSA has established in its internal policy, Operational Bulletin PRG-2015-31 “Examination of Digital Devices and Media at the Port of Entry – Guidelines” (the “Policy”), a requirement that Internet-enabled devices such as cell phones, tablets, and laptop computers have their network connectivity disabled (e.g., airplane mode is enabled) prior to a search. In our view, this is an essential requirement to ensure that the CBSA complies with the limits of its authority in paragraph 99(1)(a) of the Customs Act and section 4 of the Privacy Act.
6. Notwithstanding this Policy, we found that in one of the six cases, a BSO did not switch the device to airplane mode and subsequently used the device to access the complainant’s social media and online banking information. Furthermore, the CBSA acknowledged that in a further three cases, the devices were not switched to airplane mode prior to the examination, which is contrary to its Policy. In the remaining two cases, the BSOs in question did not have notes indicating whether airplane mode was engaged or not, although the BSOs maintained that it was their usual practice to do so.
7. We also uncovered additional failures by the CBSA to follow the requirements of the Customs Act and the Policy. In one case, a BSO took photographs of the content on the complainant’s cell phone as evidence of a potential Criminal Code^{Footnote 6} offence. We note that the CBSA’s Enforcement Manual^{Footnote 7} states that photocopying documents not related to enforcing the Customs Act may be interpreted as an unlawful seizure under section 8 of the Charter of Rights and Freedoms (the “Charter”).^{Footnote 8} The CBSA acknowledged in this case that the BSO’s actions were inconsistent with the authority to copy records under the Customs Act and to seize evidence under the Criminal Code.
8. In two cases, certain information relating to the secondary examination of the complainants’ digital devices was destroyed, notwithstanding that the Privacy Act and the Privacy Regulations require that personal information that has been used for an administrative purpose be retained for a minimum of two years.
9. With respect to the threshold for conducting the examinations, the CBSA submitted that there is no defined threshold for grounds to examine goods, including digital devices, under the Customs Act. However, it is the CBSA’s policy that searches of digital devices should not be done as a matter of routine. In particular, the Policy authorizes BSOs to conduct progressive examinations of digital devices only where there is a multiplicity of indicators present indicating possible non-compliance with legislative requirements or further to the discovery of undeclared, prohibited, or falsely reported goods. Furthermore, BSOs are required to record the types of data on a digital device they examined and their reasons for doing so (e.g., which indicators they observed).
10. However, contrary to the Policy, in all six cases we examined, the BSOs failed to: (i) record the indicators that led to the progressive search of the complainants’ digital devices at the time; (ii) record which areas of the device(s) or media were accessed during the search; or (iii) record the reasons why those areas were searched. Consequently, this made it difficult to assess whether the CBSA had demonstrated that it met the threshold required by its Policy for the examination of the six complainants’ devices.
11. In light of the foregoing, we are of the view that a lack of training, awareness, and accountability mechanisms resulted in CBSA officers disregarding the limits of the Customs Act and the Policy requirements and therefore violating the complainants’ privacy. We therefore make a number of recommendations to the CBSA to correct these deficiencies.
12. Given that a number of essential features in the Policy are not reflected in the Customs Act – which does not expressly deal with searches of digital devices – we also have recommended legislative reforms be undertaken.
13. It should be noted that our recommendations with respect to legislative reform and greater accountability are wholly consistent with those made by the House of Commons Standing Committee on Access to Information, Privacy and Ethics (ETHI) in December 2017 (the “2017 ETHI Report”).^{Footnote 9}

Jurisdiction

14. The CBSA is a federal government institution listed in the Privacy Act’s Schedule of Government Institutions^{Footnote 10} and is therefore subject to the Act.
15. All six complainants allege the inappropriate collection of personal information by the CBSA. We determined at the outset of our investigation that the information at issue in each complaint is personal information as defined in section 3 of the Act, since it constitutes “information about an identifiable individual.” In particular, and as further detailed below, the information that was accessed by the BSOs from the digital devices included the complainants’ personal text messages, emails, photographs, videos, documents and, in one case, information from a complainant’s Facebook account and her online banking information.

Issues

16. The allegations made against the CBSA are that the collection of personal information by means of searching the complainants’ digital devices was in contravention of section 4 of the Privacy Act, which states, “No personal information shall be collected by a government institution unless it relates directly to an operating program or activity of the institution.” In order to comply with section 4, a government institution must have lawful authority for the collection of personal information.^{Footnote 11}
17. In evaluating whether or not the collection of personal information by the CBSA constituted a contravention of the Act as alleged by the complainants, we looked at the scope of the CBSA’s legal authority to examine digital devices under the Customs Act.
18. Given the sensitivity of the information at issue and the lack of specific requirements in the Customs Act relating to digital devices, we also looked at whether the BSOs complied with CBSA’s Policy in carrying out the examinations of the digital devices.
19. We also examined whether the CBSA complied with its obligations under subsection 6(1) of the Privacy Act to retain personal information that it has used for an administrative purpose (i.e., in a decision-making process that directly affects the individual).

Scope and Methodology

20. We examined the circumstances surrounding the CBSA’s searches of each of the complainants’ digital devices as well as its practices and policies more broadly. To this end, we reviewed written representations received from the complainants. Each complainant recounted the specific details and circumstances of their respective customs examinations in their representations. The CBSA provided written responses to the allegations raised in each complaint, including a description of the circumstances of each customs examination.
21. During the course of our investigation, our investigators visited with CBSA officials to review specific operational information contained in the CBSA’s files. The CBSA also arranged for our investigators to tour its primary and secondary screening operations at the Ottawa International Airport as a representative site, which gave us a better understanding of its operational environment and processes.
22. In assessing compliance with section 4 of the Act, we also considered the relevant provisions of the Customs Act and the Charter, as well as CBSA Enforcement Manuals and Operational Bulletins (“OBs”). The six complaints at hand involve customs-related issues experienced by Canadian citizens returning home from abroad. Therefore, our investigation focused on the CBSA’s activities and authorities under the Customs Act rather than immigration matters under the Immigration and Refugee Protection Act ^{Footnote 12} (the “IRPA”).

Summary of Investigation

CBSA Mandate and Authorities

23. The CBSA submitted that its traveller processing activities form part of its core mandate, which is to provide integrated border services in support of the government’s national security and public safety priorities, as established in subsection 5(1) of the Canada Border Services Agency Act (the “CBSA Act”).^{Footnote 13} In addition, the Customs Act and the IRPA stipulate that, at the time of entry into Canada, all persons are required to report to the CBSA, answer truthfully any questions asked by a BSO, and to provide all required documentation.
24. Travellers may arrive in Canada by air, land, rail, or marine transportation. All travellers are required to provide the CBSA with a customs declaration upon arrival, regardless of the mode of transportation or citizenship.
25. Section 13 of the Customs Act states, “Every person who reports goods under section 12 of the Customs Act inside or outside Canada or is stopped by an officer in accordance with section 99.1 of that Act shall (a) answer truthfully any question asked by an officer with respect to the goods; and (b) if an officer so requests, present the goods to the officer, remove any covering from the goods, unload any conveyance or open any part of the conveyance, or open or unpack any package or container that the officer wishes to examine.”
26. The CBSA submitted that paragraph 99(1)(a) of the Customs Act allows BSOs to examine any goods that have been imported into Canada on a no-threshold basis (i.e., without reasonable grounds) for customs-related purposes in order to ensure compliance with the laws administered or enforced by the CBSA. Specifically, paragraph 99(1)(a) of the Customs Act states:

    99 (1) An officer may

    (a) at any time up to the time of release, examine any goods that have been imported and open or cause to be opened any package or container of imported goods and take samples of imported goods in reasonable amounts.

27. According to the CBSA, in this context, “goods” are defined in subsection 2(1) of the Customs Act to include “any document in any form” and therefore encompasses electronic documents contained on digital devices. In support of this position, the CBSA cited the decision in R. v. Gibson,^{Footnote 14} in which the Provincial Court of British Columbia concluded that “that s. 99(1)(a) [of the Customs Act] authorizes a CBSA officer to examine the data stored on any electronic device in the actual possession of, or in the accompanying baggage of the traveller.”^{Footnote 15}
28. At any point during a traveller’s interaction with a BSO at a port of entry, the traveller may be referred to the Secondary Services and Inspections area for a secondary examination. These examinations typically require the traveller to answer more in-depth questions about themselves and their travels and to present some, or all, of their goods for inspection.^{Footnote 16}
29. A BSO will rely on one of three basic types of referrals when referring a traveller for a secondary examination:
    • A “random referral” is conducted on a random basis to ensure individuals are complying with all CBSA-administered laws and regulations.
    • A “selective referral” is made by a BSO if the officer believes that an examination is warranted, based on indicators to identify high-risk individuals and goods.^{Footnote 17}
    • A “mandatory referral” requires further documentation or examination by the CBSA, or on behalf of other government departments or agencies. Examples may include form completion, duty payment, or if a lookout^{Footnote 18} exists.
30. With respect to selective referrals, an indicator is a sign that indicates, or points to a possibility of, non-compliance with legislative requirements.^{Footnote 19} The CBSA explained that indicators are comprised of a multitude of factors that may change and evolve over time, and may differ from one area of the country to another. There is no central repository for all indicators. Officers become familiar with indicators through training, on the job experience, OBs, intelligence reports, enforcement manuals, and law enforcement partners. Indicators can also be ephemeral, only relevant based on the presence of other indicators, or only valid for a certain period of time.
31. The CBSA provided us with several examples of non-verbal and situational indicators but asked that we not provide details in this Report, claiming that the disclosure of these indicators could reasonably be expected to cause injury to the conduct of lawful investigations.
32. According to the CBSA, the verification of a traveller’s customs declaration in a secondary examination involves conducting a progressive examination of their goods to verify compliance with CBSA-mandated legislation. The CBSA stated that BSOs must conduct such examinations in accordance with Canadian law as well as CBSA policies.

The CBSA’s Policy – Operational Bulletin PRG-2015-31

33. While the CBSA’s legal authority for the examination of goods is found in the Customs Act, the CBSA has established its own policy on the examination of electronic goods. The Policy spells out to BSOs their authorities when examining digital devices or media at ports of entry, when such examinations can or should be performed, and explains current limitations on those authorities. It provides that digital devices and media, along with digital documents and software, continue to be classified as “goods” in the context of the border. Accordingly, the Policy clearly states that the “examination of digital devices and media must always be performed with a clear nexus to administering or enforcing CBSA-mandated program legislation that governs the cross-border movement of people and goods, plants, or animals” [emphasis in original].
34. Additionally, the Policy clarifies that the examination of digital devices should not be conducted as a matter of routine. Rather, BSOs are only authorized to conduct progressive examinations of digital devices or media where there is a multiplicity of indicators or further to the discovery of undeclared, prohibited, or falsely reported goods, in order to search for evidence of contraventions or to support allegations. Evidence may include electronic receipts for goods, information that refers to the acquisition or origin of the goods, or information that may afford evidence of a contravention of CBSA-mandated legislation. The Policy suggests that this evidence may uncover such things as confirmation of identity, receipts and invoices for imported goods, contraband smuggling, the importation of obscenity, hate propaganda, or child pornography.
35. In cases where evidence of a criminal offence is discovered during the examination process, the Policy states that BSOs must be cognizant of where the regulatory examination crosses over to the realm of a criminal investigation. BSOs must determine on a case-by-case basis, through consultation with their supervisor, whether or not to continue the regulatory examination and identify any possible impacts on potential criminal investigations. BSOs must also follow the instructions on securing evidence and on referrals to Criminal Investigations, as well as regional requirements for referrals to Inland Enforcement or Intelligence found in Part 9 of the CBSA Enforcement Manual.
36. The Policy states that CBSA officers shall conduct examinations of digital devices and media with as much respect for the traveller’s privacy as possible, considering that these examinations are usually more personal in nature than baggage examinations. BSOs must be able to explain their reasoning for examining the device, and how each type of information or program/application they examined may reasonably be expected to confirm or refute those concerns. Accordingly, the officer’s notes shall clearly articulate the types of data they examined and their reason for doing so.
37. In this regard, the Policy states that “CBSA officers shall notate in their notebooks the indicators that led to the progressive search of the digital device or media; and what areas of the media were accessed during the search; and why. This is to protect both the integrity of the information within the digital device and the officer.”
38. Moreover, the Policy states that CBSA officers shall only examine what is stored within the device. BSOs are not to read emails on digital devices and media unless the information is already downloaded and has been opened (i.e., marked as read). Passwords are not to be sought to gain access to any type of account (including any social media, professional, corporate, or user accounts), files, or information that might potentially be stored remotely or on-line. BSOs may only request and make note of passwords required to gain access to information or files if the information or file is known or suspected to exist within the digital device or media being examined.
39. The Policy also requires that, “prior to the examination of digital devices or media, and where possible, officers shall disable wireless and Internet connectivity (e.g., set the device to airplane mode) to limit the ability of the device to connect to remote hosts or services.”^{Footnote 20} This reduces the possibility of a connected device accessing the Internet or data stored external to the device, for instance, on social media or in the cloud, or triggering remote wiping software or changing version numbers or dates.
40. The CBSA submitted that information collected from digital devices is treated with the same respect for privacy and under the same parameters as any other type of information held by the CBSA. Any documents, electronic or otherwise, collected and/or subsequently disclosed are subject to the Privacy Act as well as the Customs Act (i.e., section 107 regarding the disclosure of information). The collection of documents may only be done insofar as the purpose is to administer CBSA-mandated legislation and the collection complies with any additional parameters set by those Acts (e.g., Customs Act, Immigration and Refugee Protection Act, Customs Tariff, Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), etc.).

The Complaints

41. Each of the six complainants reported that the CBSA conducted searches of their personal digital device(s) as part of a customs inspection upon their return to Canada from travelling abroad. All six complainants questioned the CBSA’s authority for the searches.
42. The complainants arrived in Canada either by air at a major airport or at a highway-based port of entry. In all cases, the complainants were referred for secondary examinations, where their devices were searched by one or more BSOs.
43. In its representations, the CBSA provided information regarding the circumstances surrounding the secondary examinations of each complainant, including:
    • a description of the indicators that led the BSO to examine the complainant’s digital device(s) in each case;
    • a description of the specific devices and content that was examined in each case;
    • what information was recorded by the BSO(s);
    • any other actions taken by the BSOs;
    • the CBSA-mandated legislation that was being administered or enforced; and
    • its overall position in relation to the BSOs’ actions during the secondary examination of each complainant.
44. The CBSA submitted that in all six cases, the examinations of the complainants’ digital devices were conducted for the purposes of ensuring compliance with CBSA-mandated legislation. According to the CBSA, multiple indicators led the BSOs to refer the complainants for a secondary examination in four cases. However, in two cases, the CBSA confirmed that the complainants were subject to mandatory referral for secondary examination. The CBSA reported that in all cases, the individual examinations concluded once the officers’ concerns were negated, the digital devices were returned to the complainants, and they were free to go.
45. We provide below a summary of each of the individual cases we reviewed during our investigation.

Case 1: PA-048509

46. The CBSA submitted that the BSO who conducted the secondary examination in this case observed multiple indicators during his examination, including a positive Ion Scan^{Footnote 21} of the complainant’s personal items. This resulted in the BSO conducting a more thorough examination, including a search of the complainant’s cell phone. The BSO asked the complainant to unlock the phone. The complainant complied with the BSO’s request by entering his passcode.
47. The BSO reviewed the complainant’s text messages and photo gallery to assist in establishing whether the complainant might be in contravention of the Customs Act. The BSO conducted a keyword search, which revealed a text conversation with another individual about purchasing narcotics and also identified a website of interest. Following the BSO’s examination, it was determined that the messages did not provide any evidence of a contravention, so he concluded his examination.
48. While limited details regarding the text conversation found on the complainant’s cell phone were recorded by the BSO during the examination (the name of the website, the names of the individuals involved in the conversation, phone numbers, and cell service provider), the BSO did not record any details about the examination itself or the reasons why a progressive examination of the complainant’s cell phone was necessary.
49. The CBSA advised that, based on the BSO’s recollection, no information was downloaded or copied from the complainant’s cell phone but that he neglected to enable airplane mode prior to conducting the search.
50. The CBSA submitted that paragraph 99(1)(a) and section 159 of the Customs Act and section 6 of the Controlled Drugs and Substances Act^{Footnote 22} were being administered or enforced in this case.
51. Based on its own internal review of the facts, despite the apparent failure to follow the Policy with respect to notetaking and enabling airplane mode, the CBSA submitted that the BSO acted within his legal authorities and followed established policies with respect to the progression and justification of the examination of the digital device.

Case 2: PA-048620

52. The CBSA reported that multiple indicators were present in this case, which justified the progression of the secondary examination. Based on these indicators, the CBSA submitted that the BSO proceeded to examine the complainant’s digital devices in order to determine whether any of the contents were prohibited under the Customs Act. This included the complainant’s cell phone, iPad, and USB drives.
53. The complainant made no mention in his written representations of having to provide a password or passcode to unlock any of his devices. According to his letter of complaint, the BSO reviewed photos and videos on the cell phone and iPad and the entire content of the USB drives. Following the examination of the devices, the BSO’s concerns were negated and the devices were returned to the complainant.
54. The CBSA confirmed that no notes were taken by the BSO during the secondary examination. The CBSA advised that, based on the BSO’s recollection, no information was downloaded or copied from the complainant’s digital devices during the examination. The BSO in question did not recall inspecting the complainant’s cell phone or iPad but claimed that if such devices were inspected, he would have enabled the airplane mode before proceeding with the examination.
55. The CBSA submitted that paragraph 99(1)(a) of the Customs Act was being administered or enforced in this case.
56. Notwithstanding that the BSO failed to follow the Policy with respect to notetaking and that the BSO could not confirm that he enabled airplane mode prior to conducting the search of the complainant’s cell phone, the CBSA submitted that the BSO acted within his legal authorities and followed established policies with respect to the progression and justification of the examination of the digital devices.

Case 3: PA-048694

57. The complainant in this case alleged that during the course of the secondary examination, which included a search of his laptop computer, the BSO connected the computer to the Internet and searched the complainant’s Gmail account, browsing history, and connected to various websites.
58. The CBSA submitted that there were a multiplicity of indicators present to justify the progression of the secondary examination.
59. Based on these indicators, the BSO conducted a progressive examination of the complainant’s cell phone and laptop computer. The BSO requested that the complainant provide him with access to the computer by entering his password, which he did. According the complainant, the BSO threatened to seize the computer if he did not enter the password. The CBSA confirmed that the data examined on the cell phone included conversations in WhatsApp, various text messages, and pictures. Approximately 10 digital photos and 2 Word documents were examined on the computer. The CBSA advised that, to the best of the BSO’s recollection, the Word documents appeared to contain work-related information.
60. The CBSA confirmed that the BSO did not record any notes in relation to the examination. The CBSA advised that, based on the BSO’s recollection, the search was negative and no data was copied or transferred from the devices during the examination.
61. The CBSA submitted that at no time did the BSO connect either of the complainants’ digital devices to the Internet, access the complainant’s Gmail account, review his browsing history, or connect to any websites using his computer – only items stored on the device were accessed. However, the CBSA also submitted that the BSO did not enable airplane mode on either of the devices before conducting the search.
62. According to the CBSA, paragraph 99(1)(a) of the Customs Act was being administered or enforced in this case.
63. Notwithstanding that the BSO failed to follow the Policy in this case with respect to notetaking and enabling airplane mode, the CBSA was of the view that the BSO acted within his legal authorities and followed established policies with respect to the progression and justification of the examination of the digital devices.

Case 4: PA-050839

64. The CBSA submitted that there were several indicators present in this case, which led to the progression of the secondary examination.
65. The BSO requested the complainant’s passcodes for both his cell phone and iPad, which he provided. The CBSA reported that, during the initial examination of the complainant’s cell phone, the BSO focused his search on the most recent text messages and pictures to confirm the information provided by the complainant regarding his trip. The CBSA submitted that the BSO discovered pictures and text messages that indicated possible involvement in organized crime related activity, which justified the progression of the examination.
66. While no criminal offence was discovered during the examination, the CBSA submitted that the BSO believed he had a responsibility to copy specific information from the complainant’s cell phone as evidence, including images in the photo gallery and several text message conversations. The CBSA confirmed that the BSO used a CBSA-issued camera at the port of entry to take photographs of the content on the complainant’s cell phone.
67. According to the CBSA, the BSO entered details of the examination into the Integrated Customs Enforcement System (ICES)^{Footnote 23} and shared the information captured from the complainant’s cell phone with the CBSA’s Enforcement Intelligence Operations Division (“EIOD”). The CBSA confirmed that the EIOD subsequently shared this information with external partners, including the local police service and the Royal Canadian Mounted Police (“RCMP”) under the authority of paragraph 107(5)(a) of the Customs Act^{Footnote 24} and also the requirements of the CBSA’s Policy on the Disclosure of Customs Information.
68. The CBSA advised that no information was entered into ICES other than the logging of the complainant’s passage across the border and that the information shared with the external partners no longer exists and therefore the CBSA could not provide it to us for the purposes of our investigation. The CBSA confirmed that the external partners destroyed the information in the fall of 2017 but was unable to provide the specific date or an explanation as to why the information was destroyed.
69. The CBSA reported that the BSO did not take any notes in relation to the secondary examination of the complainant, his cell phone, or his iPad. In addition, the BSO does not recall consulting with his supervisor during the examination and the CBSA did not assert that such a consultation occurred. The BSO also could not positively recall whether the complainant’s cell phone was set to airplane mode prior to the examination although he explained that it is his usual practice to ensure that airplane mode is enabled before proceeding with a search.
70. At first, the CBSA submitted that the BSO acted under the authority of subsection 489(2) of the Criminal Code^{Footnote 25} to take the photographs of content from the complainant’s cell phone. However, after being challenged by our Office, the CBSA acknowledged that the BSO’s actions in taking the photographs were inconsistent with its Policy guidance in respect of an officer’s authority under the Customs Act to copy records during a border examination,^{Footnote 26} the authority to seize evidence under paragraph 489(2) of the Criminal Code, as well as an officer’s notetaking responsibilities as required by the CBSA’s Policy.
71. The CBSA reported that it will review the particular provision in its Policy regarding instructions on securing evidence with a view to improving guidance to officers.^{Footnote 27} The CBSA did not report to our Office whether any other corrective measures were implemented in this case.

Case 5: PA-051902

72. The complainant in this case was referred for a secondary examination by a BSO conducting “roving duties” near the Primary Inspection Area.^{Footnote 28} The CBSA submitted that a number of indicators prompted the BSO to refer the complainant for a secondary examination. The CBSA explained that other indicators were identified during the secondary examination to justify the progression of the examination.
73. The same BSO who made the referral also conducted the secondary examination. According to the CBSA, the complainant told the BSO that “there might be something in the browser history” of his cell phone. The BSO reviewed the contents of the complainant’s cell phone to negate any concern that it may contain obscene material or child pornography. The CBSA advised that only the contents of the photo gallery were accessed during the examination and that the search was negative and no data was copied from the device during the examination.
74. The CBSA confirmed that the BSO took some notes during the examination but acknowledged that the notes did not provide any details about the examination or the reasons why a progressive examination of the complainant’s cell phone was required. The BSO did not recall obtaining a passcode or whether one was required to gain access to the complainant’s cell phone. This complainant did not make any mention of providing his passcode to the BSO in his written representations. However, the CBSA confirmed that the BSO did not enable airplane mode prior to his examination of the cell phone.
75. The CBSA submitted that paragraph 99(1)(a) of the Customs Act was being administered or enforced in this case.
76. Notwithstanding that the CBSA acknowledged that the BSO failed to follow the Policy with respect to notetaking and enabling airplane mode, the CBSA was of the view that the BSO acted within his legal authorities with respect to the progression and justification of the examination of the complainant’s cell phone.

Case 6: PA-052068

77. According to the CBSA, two BSOs conducted the secondary examination of the complainant in this case. Based on the presence of multiple indicators, the examination progressed to include more intensive questioning and a review of the contents of the complainant’s cell phone.
78. The BSO requested that the complainant unlock her cell phone, which she did. The CBSA confirmed that the complainant’s text messages, Facebook account, and WhatsApp messages were reviewed to confirm or negate concerns relating to illegal cross-border activity. The BSO subsequently asked that the complainant provide her password for a mobile banking application on the phone, which she also complied with. The CBSA also confirmed that, due to inconsistencies and vagueness with the complainant’s answers regarding her finances, combined with the existence of the lookout, the examination included a review of her finances – in particular, her online banking account.
79. According to the CBSA, the search was negative and no data was electronically copied from the complainant’s device. The CBSA also reported that the handwritten notes taken by one of the BSOs were used to complete an examination report in ICES. However, the handwritten notes were subsequently shredded by the BSO ten days after the examination. No acceptable reason was offered for this destruction of records, which was contrary to CBSA policy.
80. The CBSA confirmed that the BSO did not enable airplane mode on the cell phone prior to the examination, which allowed for the examination of social media and online banking information. According to the CBSA, the BSOs were not aware that enabling airplane mode was a requirement. The CBSA reported that the BSO was a new trainee and this was his first cell phone examination.
81. The CBSA submitted that paragraph 99(1)(a) of the Customs Act was being administered or enforced in this case.
82. The CBSA acknowledged that the BSOs’ actions were not in line with the Policy, including the examination of the complainant’s online banking information, shredding the handwritten notes, and failing to enable airplane mode on the complainant’s cell phone prior to the examination. The CBSA further acknowledged that the questioning of the complainant went above the level of normal questioning for customs regulatory purposes, and the examination and associated collection of information went beyond what was required.
83. During the course of our investigation, the CBSA advised that it would review and expunge any information entered into ICES that was excessively gathered as customs information during the secondary examination in question. However, at the time of writing this Report, the CBSA advised that it is “proceeding with deleting it from our system and is ensuring that none of this information exists elsewhere” but that this process has not been completed.
84. The CBSA also reported that a number of corrective measures were implemented as a result of this case, including:
    • Local staff was “refreshed” on secondary examination progression and strength of nexus to CBSA-mandated program legislation;
    • Additional shift briefings on the topic of electronic exams were held;
    • After the examination of a digital device, a Superintendent will review the officer’s notebooks to ensure the examination respects policy guidance;
    • Training was held locally for all officers on the examination of travellers’ digital devices and
    • The District Director briefed the Regional Director General on the progress of these corrective actions during bilateral meetings.

CBSA’s practices – record keeping and training

85. In addition to the six complaints, we also examined the CBSA’s practices in general. We sought information detailing the frequency with which BSOs examine digital devices. The CBSA advised that it does not systematically record when such searches are conducted. As such, any notes specific to the examination of an electronic good would be limited to the officer’s notebook as per the Policy, or free form narrative, text, or notes in various port of entry case processing systems.
86. However, the CBSA subsequently reported that it issued Operational Bulletin PRG-2017-61, “Collection of data related to the examination of travellers’ digital devices – interim reporting requirement” in November 2017. The OB requires BSOs to report all instances where the data contained on the digital device(s) of a traveller is examined on a digital examination tracking sheet provided by the Superintendent. We note that the requirements of this OB applied to only two of the cases – Cases 4 and 6 – in which the searches of digital devices occurred after the OB came into effect. The CBSA could not demonstrate that the new OB was followed by the BSO in one of the two cases.
87. The CBSA advised that it is planning to upgrade current operational IT systems used at ports of entry to collect precise information including why, when and where examinations of travellers’ digital devices take place. The CBSA believes that this upgrade will also allow it to better quantify the benefits the agency realizes from these examinations and will reduce the current manual practice of counting and logging at ports of entry.
88. We also asked the CBSA for information about the training and guidance given to BSOs with respect to searching digital devices and the requirement to disable Internet connectivity prior to commencing a search. The CBSA responded that it does not offer curriculum based training to new recruits specific to examining travellers’ digital goods at ports of entry, but it does provide guidance in course materials. For example, in the Examination of Goods course, students are directed to consult the 2015 OB.
89. Recognizing the BSOs’ failure to follow the Policy in all six cases, the CBSA also committed to conducting a full review of policies related to the examination of digital devices at ports of entry. In particular, the CBSA noted that the current Policy (OB PRG-2015-31) is being reviewed with the aim to replace it and to improve guidance to officers. Following this review, the CBSA will revisit associated training for all officers.

Analysis

Scope of examination of digital devices – information not stored on the device

90. Digital devices clearly contain vast amounts of personal, and sometimes sensitive, information about identifiable individuals. As highlighted in the six cases we examined, the content accessed by the BSOs included documents, text messages, photographs, and, in one case, content on Facebook and banking information.
91. Paragraph 99(1)(a) of the Customs Act, which provides that officers may examine any “goods” that have been imported into Canada, contains no specific reference to personal digital devices. According to the CBSA, the definition of “goods” under the Customs Act includes “any document in any form” and therefore encompasses electronic documents contained on digital devices. The CBSA’s Policy elaborates on this and states that digital devices and media, along with digital documents and software, continue to be classified as “goods” in the context of the border.
92. We accept that, based on the broad definition of “goods” in the Customs Act and the existing case law from lower courts, that the CBSA has the authority under the Customs Act to examine digital devices under paragraph 99(1)(a). However, this authority is limited to information stored on the devices. As noted by the Court in R. v. Gibson:

    I also conclude that the data imported on an electronic device, according to the relevant provisions of the Customs Act legislation and the evidence I have heard, is restricted to data that is stored on the electronic device at the time it is being imported. When the electronic device is being searched by the Customs officer, in order to comply with the Customs Act it should be placed in a mode that does not permit it to access the internet. For greater certainty, that means that data stored on the cloud, on remote networks, or remotely on other devices not in the possession of the traveller at the time they are crossing the border, and not stored on the device(s) in their possession at the time they cross the border, is not searchable at the instance by the BSO. Data stored remotely is not a good being imported by the traveller at the time they present imported pursuant to s. 99(1)(a). However, hard drives, USB sticks and other data storage devices in the actual possession of the traveller or in their possession in their accompanying baggage at the time they present themselves at the Customs office is a good, and subject to inspection.^{Footnote 29}

93. The CBSA does not dispute that its authority is limited to information stored on a digital device and has reflected in its Policy the requirement that, where possible, prior to the examination of digital devices, BSOs must set the device to airplane mode, which should eliminate the possibility of accessing the Internet or data stored external to the device on social media or in the cloud.
94. The Policy also states that CBSA officers shall only examine what is stored within the device, which includes, for example, photos, files, e-mails that were already downloaded and opened, and other media. BSOs may only request and make note of passwords required to gain access to information or files if the information or file is known or suspected to exist within the digital device or media being examined. In fact, we note that the CBSA has acknowledged before Parliament that if it wants to search information on a digital device that is only accessible once it is connected to the cloud, it must first obtain a warrant issued by a judge.^{Footnote 30}
95. Notwithstanding the clear requirements in its Policy, the CBSA acknowledged that in one of the cases we examined – Case 6 – the examination included a review of the complainant’s Facebook account and online banking information, which was accessible only via the Internet. In our view, the examination and associated collection of information in that instance clearly went beyond the CBSA’s legal authority under Customs Act. Given that CBSA lacked the legal authority for the collection of personal information, it also represents a clear contravention of section 4 of the Privacy Act.
96. Furthermore, in four of the six cases, the CBSA acknowledged that the BSOs failed to enable airplane mode, which is contrary to the CBSA’s own Policy and the Court’s direction in R. v. Gibson. In the remaining two cases, the CBSA could not state conclusively that the BSO had in fact enabled airplane mode due to the absence of adequate notes taken by the BSOs.
97. We also received contradictory descriptions of events from complainants and the CBSA with respect to the content that was allegedly viewed on their digital device(s) by the BSOs, such as Facebook and WhatsApp accounts, history of websites visited, Gmail accounts, etc. While the CBSA acknowledged that the BSOs reviewed the content of Facebook and WhatsApp messages during some of the secondary examinations, we are unable to confirm that the content examined was limited to content stored within the devices – particularly when the BSOs failed to disconnect or disable cellular network or Internet connectivity. Moreover, the BSOs’ failure to record details regarding the examination also impedes our ability to determine what in fact was examined and/or viewed by the CBSA at the time, and whether the examinations were limited to content stored within the devices.

Copying information on digital devices

98. In Case 4, the BSO’s actions in taking photographs of content on the complainant’s phone were not consistent with the CBSA’s legal authority or its Policy, which states that officers must follow the CBSA Enforcement Manual Part 9 instructions on securing evidence. The instructions provide that, “An officer may seize records, books or documents that relate to imported or exported goods and will seize the originals rather than make photocopies, except when specified. Note: Photocopying personal information not related to enforcing the Customs Act may be interpreted as an unlawful seizure under section 8 of the Charter of Rights and Freedoms.”^{Footnote 31}
99. BSOs are also guided by Part 4 of the CBSA’s Enforcement Manual, which states, “Photocopying documents constitutes a seizure within the meaning of section 8 of the Charter of Rights and Freedoms.” It also clearly instructs BSOs that:

    Under no circumstances are documents of any nature unrelated to the administration or enforcement of the Customs Act to be photocopied unless they are seized for some other purpose under lawful authority, or permission to photocopy the document is received from the owner or person in possession of the document. For example, personal identification of persons entering Canada may not be photocopied and passed to the police for intelligence purposes. In all instances, individuals are to be advised when documents are photocopied.^{Footnote 32}

100. The CBSA acknowledged that the officer’s actions in Case 4 were inconsistent with the CBSA’s authority under the Customs Act to copy records during a border examination and the authority to seize evidence under the Criminal Code. As a result, the CBSA’s actions in this case also contravened section 4 of the Privacy Act.
101. We also noted that information was disclosed in Case 4 by the CBSA’s EIOD to external partners. In representations to our Office, the CBSA confirmed that the information was shared by email, including a summary of the complainant’s encounter at secondary screening, along with photographs of the content found on the complainant’s cell phone. In that case, our Office was not able to independently review the information in question given that it was destroyed by both the CBSA and the external partners.
102. It is important that CBSA officers are aware of the distinction between an examination conducted for regulatory customs-related purposes, and when an examination crosses over into the realm of investigating a criminal offence. It is not clear what procedures, if any, the CBSA has implemented to train officers on the breadth of their search powers, or their responsibilities and authorities when evidence of a criminal offence or activity is discovered in the course of their duties. What is evident from our investigation, is that such training, even it is exists, was inadequate. As already noted, the CBSA has reported to our Office that it will review the particular provision in its Policy regarding instructions on securing evidence and on referrals to criminal investigations with a view to improving guidance to officers.

Requiring device passwords or passcodes

103. The CBSA Policy states that, in instances where access to digital devices are password or passcode protected, officers are to request the password or passcode and record it in their officer notebook. In fact, it states that officers shall not allow a traveller to input a password or passcode into a digital device or media themselves.
104. Canadian courts have not yet ruled on whether a BSO can compel a person to turn over their password or passcode so that their digital device(s) may be searched at a border crossing. Refusal to provide the password or passcode may result in the traveller’s digital device(s) being held for further inspection. Our Office is presently examining this issue in a separate investigation. We will therefore not offer our views with respect to the CBSA’s Policy as it relates to the requirement to compel travellers to provide their device password or passcode or a CBSA officer’s duty to record it in their notebook.
105. Nevertheless, we note that in two of the cases at hand, the BSOs failed to follow the Policy by asking the travellers to input their passwords or passcodes into their devices.

Grounds to examine and notetaking

106. Subsection 99(1)(a) of the Customs Act contains no threshold for when the CBSA may examine goods including digital devices. the Customs Act was enacted long before the prevalence of portable digital devices. We are of the view that it does not reflect the realities of modern technology and electronic communications. It has no provisions applying specifically to digital devices, the electronic information stored within or accessible through these devices, or the power to search them. We are of the view that digital devices should be considered more than mere “goods” subject to searches at the border without grounds.
107. As a matter of policy, the CBSA has established a higher threshold for the examination of these devices. The Policy explicitly requires that there must be a multiplicity of indicators that evidence of contraventions may be found on the digital device or media. In our view, this is rightly so given the dynamic and far-reaching nature of information stored on digital devices and the requirements of section 8 of the Canadian Charter of Rights and Freedoms. However, the CBSA’s Policy is simply that – a policy. In order to adequately ensure that the rights of individuals are protected, we are of the view that the Customs Act should be amended to include a legal threshold in the Customs Act that must be satisfied before personal digital devices may be examined.
108. The CBSA submitted that in all cases, specific indicators prompted the examination of the complainants’ digital devices for the purpose of ensuring that the goods and the traveller were in compliance with CBSA-mandated legislation.
109. Although the CBSA pointed to some indicators that led to the examination of the complainants’ digital devices in each case, the rationale was provided by the BSOs often months after the examinations took place and by memory due to the lack of adequate notetaking. In fact, in certain follow-up representations submitted to our Office, the CBSA reported that the BSO elaborated on the indicators that they relied on to justify the progressive examination of the complainants’ personal digital devices, providing new details not conveyed in their initial representations.
110. In our view, the indicators relied on by BSOs must be based on specific and well-documented facts recorded at the time of the examination. In all of the cases we examined, the BSOs failed to record the indicators that led to the progressive search of the complainants’ digital devices at the time, which areas of the device(s) or media were accessed during the search, and why, which is clearly required by the Policy. Rather, we had to rely on the BSOs’ evolving recollection of the circumstances of each case, often months after the examination took place.
111. Moreover, the CBSA must be able to establish that each search of a digital device was done for a valid customs purpose, which will necessarily limit the scope of a search. On this point, the Court noted in R. v. Gibson, “Firstly, the search must be conducted for a valid customs purpose. In my view, this does not always restrict the examination to a cursory search, but in practice, as described in the evidence in this case, it generally will.”
112. The breadth of searches of digital devices therefore need to be properly documented in order to establish that there was in fact a valid customs purpose. We found that in most cases, the BSOs did not document the examinations at all. In the cases where limited notes were taken by the BSOs, we found that the notes did not provide any details about the examination as required by the Policy.
113. We are also highly troubled that information relating to two secondary examinations in Cases 4 and 6 was destroyed by the CBSA. The CBSA is subject to the Act and must ensure that its privacy practices are consistent with, and respect the provisions found in, the Act and the accompanying Regulations. This includes sound privacy management practices for the creation, collection, retention, use, disclosure, accuracy, and disposition of personal information under its control. In these cases, the CBSA failed to demonstrate to our Office how they were in line with the requirements of subsection 6(1) of the Act, which, in conjunction with the Privacy Regulations, requires that personal information that has been used for an administrative purpose be retained for a minimum of two years.
114. In Case 6, a BSO even shredded his handwritten notes ten days after the complainant’s examination and three days after we notified the CBSA of the complaint. In that particular case, the CBSA submitted that the BSO was a new trainee and that it was his first cell phone examination. This reinforces our concerns regarding the adequacy of training offered to BSOs, since we would expect that newly trained BSOs would be freshly versed in proper procedure.
115. We note that the CBSA’s Enforcement Manual requires that officers support their decisions by recording the indicators that provided reasonable grounds for the examination or search. It is problematic when there is no clear justification on record to support the secondary examinations of the complainants and the specific grounds that led the BSOs to believe at the time that the devices contained evidence of a contravention of CBSA-mandated legislation and justified examination. Moreover, our Office is unable to independently confirm the specific circumstances of those examinations or to determine whether there was in fact a clear link between the grounds relied on and a potential contravention of customs-related legislation that would support the progression of the examination and the searches of the complainants’ digital devices.

Conclusion

116. The CBSA acknowledged in Case 6 that the BSOs’ line of questioning and the associated collection of information went beyond the CBSA’s authority under the Customs Act. In Case 4, the BSO’s actions in copying information from the digital device were inconsistent with an officer’s authority under the Customs Act and the Criminal Code. In both of these cases, we are of the view that the CBSA contravened section 4 of the Privacy Act.
117. We are also of the view that the CBSA contravened subsection 6(1) of the Privacy Act in both cases 4 and 6 by failing to retain personal information that it had used for an administrative purpose.
118. More generally, our review has identified failings in the CBSA’s practices, pointing to chronic issues, which in turn directly affects the CBSA’s accountability to the public – both in the exercise of the powers conferred upon it, and also in terms of meeting the requirements of the Act.
119. To this end, it is our conclusion that the Policy on its own has not proven an effective means of ensuring that examinations and searches of digital devices respect individuals’ privacy rights. There are insufficient training and accountability mechanisms in place to ensure that CBSA officers are meeting the necessary requirements established by the Policy.
120. We therefore consider all six of the complaints to be well-founded.
121. Although we are of the view that legislative changes to the Customs Act are required in order to fully modernize the CBSA’s customs inspection regime, which we elaborate on below, we also make a series of recommendations in the following section relating to operational change, which we believe will assist the CBSA in addressing areas of concern outlined in this report relating to its obligations under the Privacy Act.
122. The CBSA has agreed to implement all of our recommendations, as detailed below, with the exception of our recommendations regarding legislative reform. In light of the CBSA’s commitment, we consider the issues identified in this report, apart from legislative reform, to be conditionally resolved. We recognize that legislative reform is a Parliamentary matter and is outside the CBSA’s authority.

Recommendations

123. In light of our conclusions, we are of the view that the CBSA must take measures to ensure that the significant privacy interests at stake in searches of digital devices are recognized. Accordingly, our recommendations emphasize the need to take immediate action to ensure that the Policy is recognized and adhered to, and that there are adequate oversight controls in place for the examination of digital devices.
124. Pursuant to paragraph 35(1)(b) of the Privacy Act, we provided the CBSA with a Preliminary Report of Findings and requested that it give notice of any action taken or proposed to be taken to implement the recommendations contained in that report or reasons why no such action has been, or is proposed to be, taken.
125. Our specific recommendations are detailed below along with the CBSA’s response to each one.
126. In general, the CBSA responded that it has developed a new draft Policy on Port of Entry Examinations of Travellers’ Digital Devices, which it believes will “strengthen the compliance regime and ensure that clear guidance is provided to all our officers.” The CBSA advised that the draft policy includes a robust notetaking section that will be included in the training officers receive on examining digital devices and has created a dedicated working group to address this issue.

Recommendation 1: Mandatory training

127. We found through our investigation that there is a clear lack of awareness and consistency in applying the CBSA’s current Policy. The CBSA should implement a training program to ensure that officers are properly trained to conduct progressive examinations of digital devices and media. The CBSA’s training program should include a particular focus on:
     • the authority to examine digital devices;
     • when such examinations can be performed;
     • the examination progression;
     • regulatory examinations vs. criminal investigation;
     • a mandatory notetaking course;
     • documenting in CBSA electronic systems; and
     • the consequences of not adhering to Policy requirements.
128. We recommended that participation in training sessions be mandatory for all new and existing BSOs and their supervisors and that participation should be documented. As a further measure, the CBSA’s training strategy should be complemented by awareness sessions, bulletins, etc., to ensure ongoing compliance to the Policy requirements.
129. The CBSA accepted this recommendation, responding:

     As part of the CBSA’s implementation of the new Policy, mandatory training for existing officers and recruits undertaking the Officer Induction Training Program will be introduced. The Agency has been developing a comprehensive curriculum and job aids to ensure officers have the tools and training required to perform these examinations. Officers will be required to undertake the training and understand their responsibilities. In addition to the formal training of officers, a page on CBSA’s internal network is under development and will contain tools, tips and statistics for officers to refer to.

Recommendation 2: Oversight and monitoring compliance

130. Given the privacy interests at stake in the search of digital devices, the CBSA should ensure that appropriate oversight and review mechanisms are in place to raise accountability and to safeguard public trust and respect for individual rights. We recommended that the CBSA establish oversight and review measures to monitor BSOs’ compliance to the Policy and practices with respect to the examination of digital devices. This may include officer inspections, notebook or system audits, system flags for digital device examinations, etc.
131. The CBSA accepted this recommendation, responding:

     The CBSA will implement oversight measures to monitor compliance to ensure the Policy is being followed. Once the new Policy is implemented, the examination of digital devices will be a standing item on the Agency Operations Committee agenda to monitor compliance for the first year after the Policy is implemented and subsequently as required. The CBSA will require that the responsibilities of superintendents will include performing periodic compliance verifications (“spot checks”) to ensure officers are following the Policy. In addition, periodic Port Program Assessments (PPAs) will be conducted. PPA are used to monitor and measure operational adherence to policies and are conducted on six month cycles.

Recommendation 3: Independent audit

132. We recommended that the CBSA carry out an independent audit with respect to the application of its Policy and operational framework for the examination of digital devices under the Customs Act. An audit will assist the CBSA in assessing and improving the controls and oversight framework currently in place with a view to developing a management action plan to improve its policies, systems and practices, and to monitor compliance with its obligations under CBSA-mandated legislation and the Act as well as its commitments under recommendations 1 and 2 above.
133. In response to this recommendation, the CBSA proposed to conduct an internal audit and agreed to provide a copy of its audit report to our Office:

     The Canada Border Services Agency (CBSA) Internal Audit and Program Evaluation Directorate (IAPED) can commit to launching a comprehensive audit focused on recommendations 1 and 2 … in the next fiscal year (2020-21). The IAPED is an objective internal audit function that is independent of Agency management as they conform to the Institute of Internal Auditors’ Standards set by the Treasury Board. … As requested, the CBSA will also provide a copy of the audit to the OPC once completed.

134. Although we recommended an independent audit, in this instance, we are satisfied that the proposed internal program audit carried out by the IAPED will meet the objectives of our recommendation and therefore consider it accepted.

Recommendation 4: Update CBSA manuals

135. We recommended that the CBSA update its Enforcement Manual to reflect the requirements of the CBSA’s current Policy, including:
     • the definition of “goods” to recognize that digital devices contain sensitive personal information and are therefore subject to special examination requirements;
     • guidance to CBSA officers on their authority to examine digital devices at ports of entry;
     • clarification on when such examinations should and can be performed, and the limitations to these authorities;
     • guidance on the examination progression (i.e., properly documenting when a multiplicity of indicators are observed, when disabling wireless and Internet connectivity, when examining what is stored within the device or copying any information found on the device);
     • guidance on passwords and enforcement powers (i.e., notice of detention, arrest powers); and
     • guidance on when a regulatory examination crosses over to the realm of a criminal investigation and an officer’s powers and authorities.
136. The CBSA accepted this recommendation, responding:

     The new comprehensive Policy will be released as an Enforcement Manual chapter which will include all of the points raised by the OPC in this recommendation. The CBSA plans to release this policy by early Fall 2019 and will have in place all the requisite training plans and oversight mechanisms that accompany it.

Recommendation 5: Transparency and accountability

137. The CBSA should make its current Policy, including any other relevant manuals, Operational Bulletins, etc., available on its website to provide greater transparency and accountability to the public regarding the examination of digital devices.
138. The CBSA partially accepted this recommendation, responding:

     The CBSA is committed to transparency and accountability while balancing the need to protect the Agency’s investigative techniques. The Agency recognizes the importance of the Government of Canada’s initiatives regarding open information and open data and will provide additional information to the public on its website. The CBSA is developing a guidance document for travellers outlining what they can expect in regards to their digital devices when crossing the border. This is in line with the CBSA’s efforts to improve overall compliance and ensure the travelling public is fully informed of what is required when crossing the border.

139. We are satisfied that the actions proposed by the CBSA will meet the objectives of our recommendation and therefore consider it accepted.

Recommendation 6: Tracking and reporting on examinations of digital devices

140. Since November 2017, it is our understanding that the CBSA is tracking the examination of digital devices by systematically recording how frequently such examinations occur. We recommend that the CBSA compile and produce statistical data relating to its examination of digital devices and proactively make this information available to the public.
141. The CBSA accepted this recommendation, responding:

     The CBSA has been collecting statistics on the examination of digital devices since November 2017. Since then, the Agency has already disclosed this information to the media, the OPC and Parliamentarians. The Government of Canada has committed to maximizing the release of open data in recognition of the importance of transparency and, in line with this, the Agency will provide statistics on the number of examinations of digital devices on its external website.

Other – Legislative Change

142. Our Office has previously raised concerns about privacy rights at the border. As we have emphasized in the course of Parliamentary studies and appearances, the search of an electronic device at the border is an extremely privacy intrusive procedure.
143. We have also highlighted the inherent problems associated with considering digital devices to be simply “goods” in terms of the application of the Customs Act. As a practical consequence of that interpretation, any and all personal devices are subject to search at the border without any legal grounds. This is clearly an outdated notion and does not reflect the realities of modern technology.^{Footnote 33} the Customs Act was enacted in 1985, long before cell phones and other digital devices became so ubiquitous.
144. Moreover, we note that in its 2017 Report, the ETHI Committee found that the CBSA’s policy cannot be effectively enforced because it does not have the force of law. It therefore made recommendations to Parliament with a view to establishing a clear legal framework for searches of digital devices at the border and enhancing accountability. The facts brought to light in this investigation further validates these concerns. Recommendations 1 and 2 in the 2017 ETHI Report are directly relevant to the matter before us.^{Footnote 34} We fully agree with those recommendations and expand on them below.
145. We acknowledge that since these recommendations relate to legislative change, they will require consultations and action broader than the CBSA’s abilities. To that end, we are also sharing this Report with Public Safety Canada and we may reference and present our final findings in a report to Parliament.

Recommendation 7: Update the definition of “goods” under the Customs Act

146. We recommend that the Customs Act be updated to recognize that digital devices contain sensitive personal information and that these devices are not mere “goods” within the meaning of the Customs Act.
147. In its response, the CBSA disagreed with this recommendation, providing the following reasoning:

     Though potentially sensitive, the information contained within digital devices is not necessarily always personal. It is understood that people increasingly mix official, business and personal documents on their digital devices. In addition, governments and airlines and other transportation agencies are issuing travel documents in digital form. Receipts and other supporting documentation are also increasingly being provided in a digital format. Examinations of these types of documents are essential to border controls. It would undermine the CBSA’s basic functions if an officer could examine a printed receipt as a matter of routine but not one stored as a PDF file on an electronic device.

     Courts have previously held that digital devices and their content are recognized as goods within the meaning of the Customs Act. Changing the definition of “goods” in the Customs Act would, in effect, create a distinction whereby goods brought into Canada within electronic devices are subject to a higher inspection threshold than goods stored in a more traditional manner. As smart phones and related technologies continue to advance, this distinction would only expand to exempt more and more goods from the ambit of the CBSA’s long-standing powers of no-threshold inspection. This would have the effect of impeding the CBSA in meeting its legislated mandate, including its role in enabling Canada to meet its international obligations.

Recommendation 8: Develop a clear legal framework

148. We recommend that the Customs Act be amended to include a clear legal framework for the examination of digital devices, and specific rules that impose a higher threshold for the examination of such devices, in line with the requirements of the CBSA’s Policy.
149. This recommendation is consistent with Recommendation 1 in the ETHI 2017 Report, which suggested “the guidelines in the operational bulletin of the Canada Border Services Agency entitled Examination of Digital Devices and Media at the Port of Entry – Guidelines be written into the Customs Act.”
150. The CBSA also disagreed with this recommendation, providing the following rationale:

     Both technology and the operating environment at the border are changing at a rapid pace. Because of this, it is important that the CBSA is able to adapt and update its policies to keep up with these changes. The courts have recognized that it is open to government to protect Charter rights by departmental practice. The modalities used to ensure this protection will vary with the context. Since the manner of conducting a lawful search can violate the Charter, and many variables are involved, policy direction to officers is a suitable control mechanism in the specific context.

Recommendation 9: Elevate the threshold to “reasonable grounds to suspect”

151. We recommend that the expression “multiplicity of indicators” in the CBSA’s Policy be replaced with “reasonable grounds to suspect” for digital devices and that the Customs Act be amended to reflect this higher threshold.
152. This recommendation is virtually the same as Recommendation 2 in the ETHI 2017 Report, which suggests that “the threshold of “multiplicity of indicators” required for the search of electronic devices set out in the operational bulletin of the Canada Border Services Agency entitled Examination of Digital Devices and Media at the Port of Entry – Guidelines be replaced with the threshold defined in law of ‘reasonable grounds to suspect.’”
153. Again, the CBSA disagreed with this recommendation, providing the following response:

     The CBSA has a legislated mandate to provide “integrated border services that support national security and public safety priorities and facilitate the free flow of persons and goods.” One of the most fundamental methods of meeting this mandate is through the examination of goods crossing the border, which is key to classifying goods, assessing the value for duty, collecting duty and taxes, determining the admissibility of the goods, ensuring compliance with the laws of Canada, detecting non-compliance, and providing a deterrent against non-compliance.

     The authorities contained within the Customs Act are used to enforce many laws at the border. It is in the very nature of the border environment that there is a lack of prior knowledge or control over goods before they reach the border. With no prior knowledge or information, it can be impossible to formulate reasonable suspicion relation to goods.

     The CBSA also imposes a higher threshold than legally required for the examination of digital devices. Indeed, the OPC has previously recognized that “the CBSA’s policy establishes a higher threshold and accountability for the examination of digital devices” than the Agency is required to. The CBSA is concerned that if a legal threshold of individualized reasonable suspicion was imposed, even despite anomalies observed by officers, circumstances would fall short of reasonable individualized suspicion, and would leave officers with no means to further advance to that threshold.

     As mentioned above, more and more documentation is going digital and it is as necessary for CBSA officers to view such documentation as it is for those officers to be able to search the traveller’s baggage. Imposing an inspection threshold only on digital documents makes it more likely that travellers seeking to circumvent Canadian prohibitions on imported goods or evade duties and taxes or, indeed, conceal their true identities will be able to do so.

     Lastly, digital devices do not always accompany travellers across the border, they are also shipped by mail or courier. With no person present to question, it is practically impossible to form reasonable suspicion in relation to these goods.

Comments

154. We are pleased that the CBSA has largely agreed with our operational recommendations and has drafted a new comprehensive policy. However, we are surprised and disappointed that the CBSA disagrees with all of our recommendations relating to legislative change, especially since (i) the ETHI Committee independently reached the same conclusions in its 2017 report; and (ii) the CBSA itself recognizes that digital devices should be subject to “special examination requirements” due to the likelihood of sensitive personal information being contained within or accessible by these devices. Again, it should be noted that the current legislation was enacted at a time when digital devices and the related impact on the storage and transmission of personal information had not been contemplated.
155. We note that the CBSA’s rationale for disagreeing with our Recommendations 7 and 9 draws comparisons between digital documents and traditional paper documents, suggesting that the changes to legislation would create a higher threshold for the inspection of digital documents. However, CBSA itself has recognized that a higher threshold is appropriate for digital devices given the wealth of information that can be stored on them. Simply put, searching a digital device is not the same as, for instance, consulting a paper receipt and this is already reflected in CBSA policy.
156. We also fail to see how our recommendations would prevent the CBSA from viewing travel documents stored electronically as part of its normal operations. The requirement to produce a travel document – in electronic form or otherwise – for inspection does not entail handing over a device and all its contents to be searched and would not be affected by our recommendations. In our view, CBSA is wrongly asserting operational barriers to legislative reform; barriers that are belied by the fact that its Policy already distinguishes and applies a higher threshold for digital devices.
157. With respect to Recommendation 8, the CBSA asserts that policy controls are the most appropriate mechanisms for ensuring that BSOs respect travellers’ Charter rights. We are of the view that our investigation has clearly demonstrated that this is not the case, since policy controls have not proven effective in achieving their objectives. In all six cases at issue, we found that the BSOs in some way failed to follow CBSA policies, whether it was in terms of the procedures by which the digital devices were searched or the failure to adequately document searches.
158. Additionally, as noted at paragraph 86 of this report, the CBSA implemented Operational Bulletin PRG-2017-61 in November 2017, requiring BSOs to report all instances where the data contained on the digital device(s) of a traveller is examined on a digital examination tracking sheet provided by the Superintendent. The CBSA could not demonstrate that the new OB was followed by the BSO in one of the two cases we investigated in which the search was conducted after the implementation of that policy.
159. For these reasons, we have reason to doubt the effectiveness of policy controls on their own. We therefore strongly encourage the CBSA, the Minister of Public Safety, and the Minister of Border Security and Organized Crime Reduction to further consider our Recommendations 7-9, which we believe are necessary reforms in order to adequately protect the privacy and Charter rights of Canadians as they return home from travels abroad.