HRPD Committee Meeting

STANDING COMMITTEE ON HUMAN RESOURCES DEVELOPMENT AND THE STATUS OF PERSONS WITH DISABILITIES

COMITÉ PERMANENT DU DÉVELOPPEMENT DES RESSOURCES HUMAINES ET DE LA CONDITION DES PERSONNES HANDICAPÉES

EVIDENCE

[Recorded by Electronic Apparatus]

Thursday, November 26, 1998

• 1108

[English]

The Chair (Ms. Albina Guarnieri (Mississauga East, Lib.)): As I see a quorum, we'll proceed to hear witnesses.

Mr. Johnston.

Mr. Dale Johnston (Wetaskiwin, Ref.): Madam Chairman, I wonder if I could have a brief intervention before we start.

The Chair: Mr. Johnston, because we're kind of pressed for time, you can have a very short intervention. If it's business of the committee, can we leave it until the end of the meeting? We do have guests, and we also have other guests too.

Mr. Dale Johnston: It's in reference to the witnesses.

The Chair: Please, go ahead.

Mr. Dale Johnston: Madam Chairman, I would like to state right up front that my party is here in deference to the witnesses. We think the issue they're going to be presenting to us today is of the utmost importance. As for our attendance at future committee meetings, it's all dependent on the meeting of our House leaders. So I want to make it perfectly clear that I'm here to make sure we learn something from these expert witnesses.

The Chair: We're very happy to see you here. Without further ado, we'll proceed.

Two weeks ago, we received the analysis and recommendations of the Auditor General with respect to the social insurance number. He shone a light on a problem that has been festering for more than 30 years that certainly begs action. He told us that $100 billion in transactions occurs annually based on the use of SIN numbers as client identifiers. In addition, there are endless cases where SIN numbers are a vehicle for identity fraud and other criminal activity.

So in response to the Auditor General's report, I've asked the department to tell the committee how it intends to meet the challenge posted by the weakened SIN system and to outline the government's action plan and timelines.

• 1110

We're fortunate to have with us today—I'm told this is on a little bit of short notice—Mr. Hy Braiter, senior assistant deputy minister in the service delivery network; Bob Nichols, director of insurance program services; and Jacques Bourdages, associate director of national services in Bathurst.

So without further ado, please begin.

Mr. Hy Braiter (Senior Assistant Deputy Minister, Service Delivery Network, Human Resources Development Canada): Thank you, Madam Chair.

I welcome the opportunity to address the Standing Committee on Human Resource Development and the Status of Persons with Disabilities. My goal today is to demonstrate how we're moving forward to improve the administration of the social insurance number and address the recommendations of the Auditor General.

As you mentioned, I'm accompanied today by Jacques Bourdages, who manages the SIN registry in Bathurst and all the operations surrounding the social insurance card. Bob Nichols is the director of insurance services. He's also looking at our plan to improve the administration of the social insurance number.

Madam Chair, we were invited last week to appear before the public accounts committee, where we did respond to each of the Auditor General's recommendations and elaborated on our goals to modernize the management of the SIN.

Today, I'd like to focus on two main points. First, there's no doubt that we need to improve the administrative processes and the data integrity of the social insurance number and its registry. In this matter, Human Resources Development Canada is totally responsible for doing this. We play the key role.

Second, there's a broader issue that needs discussion. This discussion will have to take place, as the Auditor General pointed out, among parliamentarians. It's to consider whether Canada should go beyond what the current social insurance number provides, and whether the policy should or shouldn't be changed. Also, should the social insurance number officially become viewed as an identity card, or should it remain as an account number for certain government programs only, as it is today?

On this broader issue, we are just one player. Although we don't have primary responsibility, we have taken the liberty to start bringing our partners together—this means Treasury Board, Justice, Revenue Canada, and people from the Privacy Commissioner's office—so that we, as civil servants, could start talking about the implications of this and give advice and options to our ministers. Of course, we're all aware that going beyond the current policy on usage does require direction from government and legislators.

Madam Chair, HRD's mandate is to issue and control the social insurance number, as well as to maintain the register. Our department will take the lead on all initiatives to improve the administrative processes.

In doing so, it's recognized that there are some issues that will have to be addressed. First, it will cost money. Second, there are some privacy issues we will have to respect in terms of getting the data updated, getting death information from various sources, and so on. So we'll have to work very closely with the Privacy Commissioner's office and the legislation in force both at the federal and provincial levels in this improvement process.

I'd like to talk a little bit about the history of the SIN, because it does impact on how we administer and what problems we have today. The SIN was introduced in 1964. At that time, there was a great debate also on whether it should be an identity card, file number, or account number.

At that time, it was resolved that it was simply a file number for several federal programs at that time: unemployment insurance, Canada Pension Plan, and Quebec Pension Plan. Later, taxation was added. Those were the programs for which the SIN number would act as an account number.

At the time, the real priority was to get everybody a SIN number. So in 1964 there was a great rush to get everybody a SIN number so they could start doing business with this single account number for those programs.

At first, the SIN number was recorded on a little piece of paper, which some of you may still have. It was just a narrow little piece of paper that you folded up and put in your wallet. Its only purpose was so you didn't forget your SIN number. Even today, when you go for a job, very few employers ask to see your social insurance number. Instead, they give you an application form on which you put your social insurance number.

Today, we have a plastic card to remind us of that number. It has no security features whatsoever. It's just a card that will last longer than the paper so you'll be able to remember your number when asked for it by the appropriate agencies.

• 1115

Until 1976, 12 years ago, the federal government did not ask for any proof of identity from individuals applying for the card. If you applied for one, you got one. If you applied for another one, you probably got another one. If you lost it, you applied for another one, so you got a third one. There was no proof of identity asked for. After all, it was viewed as an account number.

In those first 12 years, we issued over 18 million cards, which is more than half the cards that exist today. These were issued without any proof of identity. Now, I can't go back in time and rationalize why we didn't go back to re-identify people and so on, but cost was a likely issue and also the inconvenience to individuals. So we live today with a situation whereby we never asked for proof of identity for half of the cards, whereas we did ask for that proof for the other half, which are the ones issued since 1976.

The Auditor General has pointed out to us that over time people have forgotten the original purpose of the card. Its use has proliferated in the private sector. People and organizations are viewing it as an ID card.

Say you walk into an IGA. I know when my wife walks into the local IGA and wants to cash a cheque, they ask for her SIN card. I stand in the background mumbling that it's of no use to them. I say we'll never give you any ID with this. It's the worst ID card you could ask for, because Bathurst will never tell you who belongs to a SIN number. They'll never tell the IGA. So why they're asking for it, I don't know. The perception is that it's an ID card, but it's not. It's not administered as an ID card.

In the public accounts committee, we were told of situations where people couldn't rent the premises because the landlord wanted to see a SIN card. There are no penalties for people who ask for SIN numbers who may not rent you a place if you don't give it to them. There's nothing in the law to say we should go after this landlord. There isn't a really good awareness program for landlords and so on to tell them it's a useless piece and not an ID card.

In any case, be that as it may, the Auditor General has pointed out the reality that people think it is an ID card. It's being used more and more and more in the private sector and by the provinces as either an account number or an ID card.

The implications of an organization like HRD administering an ID card, a national identity card, is far, far different from the implications of administering an account number. That's not to say that for the account number, the SIN number, we shouldn't have accurate data of who belongs to it or we shouldn't record people when they die, if we know about it, or when they leave the country. Nevertheless, if we were going to administer an ID card, we would at least have a picture on that card, as on your licence. Also, we would have to update that picture as we age, sad as that is. Perhaps we could use new technologies, like embedded chips, biometrics, fingerprints, and whatnot.

It would be quite an interesting thing to administer, because people are now applying for social insurance cards for babies. With the new RESP program, registered educational savings program, that's very attractive. The government gives you 20% of what you put in. People are now applying for SIN numbers for two-month-olds and three-month-olds. My big priority this year is to issue a million SIN numbers to those people who will need it to open up RESPs.

So you could see that, as an identity card, we would have to call these people in several times as they age to get their picture, their footprint, and so on. It has major implications administratively and also in terms of public policy in terms of whether you want such a card from birth to death.

In terms of the specifics of the Auditor General's recommendations, we've already developed an action plan. In fact, in the public accounts committee, one of the Reform members complimented us at the end on the record for what he considered to be an excellent action plan and one that was done so quickly. In any case, we will share it with the public accounts committee, and I'm sure you would like to see it as well.

Now, five working groups have been established within our department to look at different slices. The first group is going to look at the slice of accuracy and completeness of the personal information contained in the registry. The objective here is really to improve the integrity by marking all the deaths, marking all those people who left the country, and get the birthdates and information of the people who got their cards before 1976 so as to be more accurate. This is so we have some confidence in the data in that registry. We've accomplished a lot on this in the last five years, because technology and some access to files have become more and more available. But we can go into that later.

Minister Pettigrew has also approached the ministers of social services during recent meetings to tell them that we will want their help in terms of getting access to their information. That's the key: provinces hold the information on births and deaths, mortality, and vital statistics. We would like to get that information.

• 1120

Over the years, we've not been as successful as we would have liked in terms of getting that information. We also have to look at the provincial legislation, such as privacy, and so on. So they're a key.

The second group is looking at the proof of identity requirements. When you come in right now, you just need one piece of proof, such as a birth certificate or citizenship paper. We need some proof of your status in Canada, and that's considered accurate.

We're going to look to see if we need to do more on this area. If we need to validate it with databases, we might be able to get it from the provinces, which is the most efficient way to do it, by the way. We won't bother individuals. We'll validate what they've given us in terms of birth certificates with a database that goes back to when they were really born in Canada, if that's the case, or when they immigrated.

The third team will look at SIN offences. They'll try to prevent people from abusing the SIN card. There are some real challenges here. The fact that somebody might have two SIN numbers or three, or didn't hand in his parents' SIN numbers when they died or what have you, is not an offence in itself. The legislation is very weak as far as what we do if we find a person who has 25 SIN numbers or is selling what looks like SIN cards.

First, in the legislation today, under the EI Act, you have to prosecute the person. You have to take him to court, which is a long process in itself.

Second, once you do that, the maximum fine the court will apply is $1,000 or one year of imprisonment. Typically, when this has happened, as the AG pointed out, the fines are more like $200. So you can go through two or three years of chasing a person down, waiting for a court date, going to court, after which the person gets a $200 fine.

In the EI program, we do take people to court. But we also have the ability in the law to have an administrative penalty. This means we could actually penalize a person up to three times the amount they fraudulently collected from EI. So not only do they have to pay back the $10,000 they might have fraudulently collected, but we will give them a fine of $30,000. That's quite a penalty. We can also fine the employer, if he was involved, for the amount of all of the overpayments that everybody committed if the employer did something wrong.

What we would like to do here with this team is to investigate sharpening up the penalties to see whether we can introduce something like an administrative penalty. If you're going to put a lot of effort in, then it's really frustrating for an investigator to catch this person and then see the legal system just not doing anything.

The fourth working group will look at issues of SIN investigations themselves. We have quite a sophisticated team of investigators in the EI program. But as for pure SIN investigations, we did about 2,700 last year. We feel we need to up that effort.

The other thing to point out is that although these are pure SIN investigations, whenever we investigate with these investigators for potential EI, CPP, or OAS fraud, we would catch anybody trying to defraud these programs when using the social insurance number. We actually focus on detecting fraud at the point where they're trying to defraud the benefit program. At the moment, we're not just chasing people who might have several SIN numbers.

I should point out that our investigations today return more than $700 million, which is more than $14 for every $1 we spend. That means EI, CPP, and OAS investigations. But they do identify SIN fraud in the process. We're quite confident that if anybody were going to defraud the EI program using SIN number manipulation, they would be caught at the point they defraud. The Auditor General last week agreed with us. Revenue Canada, who was at the table of the public accounts committee, also said that anybody trying to do some tax fraud would be caught, and if SIN numbers were involved, it would be at that point. In any case, we are looking at how to shore up both sides and also do some preventative work so people are aware that they shouldn't be doing certain things.

The fifth team will look at security features on the social insurance number. The Auditor General said we have no security features. It's true. It's just a plastic card. It has no photograph. It has nothing. We'll look at what we can do to add security features.

This is not rocket science. We operate the issuance of gun registration certificates in Miramichi under Jacques Bourdages. Those are secure cards—or they will be secure, as the program is just starting—that have photographs, and so on.

We would love to administer anything the government would like us to administer. We think we can do it well, but we have to investigate what it is we should do.

If the government decides it's an ID card, we will go full force into improving the security features of the card. It will cost money, and it does require some government direction. In terms of the money, it costs us $10 a card today. So if you want to reissue all the cards in Canada, it will be a quarter of a billion dollars. If you want to add something more than what's there today, add something more to that quarter of a billion dollars. It's not a cheap and light decision that the government would be taking.

• 1125

But in terms of temporary cards for people who come into Canada and get a card temporarily, like circus workers and musicians, and perhaps athletes in some cases, or just permanent temporary residents, we will look at the idea of having an expiry date on those cards so that they don't last forever after the people have left the country.

Madam Chairman, I will close on this point. Our overriding goal is to have accurate and complete information on the social insurance register to prevent abuse and to ensure that benefits go only to those people who qualify. We're quite confident we can achieve this now that we have a new focus on doing this, and we're quite confident that we'll fulfil the mandate of the minister by providing a better service to all Canadians in doing this. Thank you.

The Chair: Thank you for a very forthright presentation.

Mr. Johnston.

Mr. Dale Johnston: Actually, Madam Chairman, I think at this point most of my questions have been answered, and I'm going to defer to my colleague, Mr. Epp.

Mr. Ken Epp (Elk Island, Ref.): Thank you. I am intrigued with this idea of personal identification. You say the social insurance number as it is now designated really means nothing.

Could there be someone in there, for example, who has my identity and has a different social insurance number from me and you wouldn't know it?

Mr. Hy Braiter: I'm not saying it means nothing. I'm saying the current policy—and I see you have Treasury Board people here and others—that we as administrators are administering to has the social insurance number as a file identifier for the programs I mentioned: CPP, OAS, and UI. The RESP, the registered educational savings plan, was just added.

It is being used well beyond this, the Auditor General points out. Do we go out and have a public awareness program, saying, look, don't do this, don't use it? Or do we say that even as an account number we can't use this as an excuse for not having good administration? I'm not using it as an excuse. I still think as an account number it's registered. We should have the right person with the right SIN. We should have your right birthdate. We should be able to avoid anybody trying to apply for a SIN number pretending it's you and so on. We need to clean up the file.

The major problem with the file, although there are a lot of words in the press, is that there are probably about 300,000 plus records where people have died and we did not get the information that they died, so it wasn't updated.

There's a history of why we get it and how we get it. We're determined now to go after the provinces and get agreement so that they give us the information. Only in this past year did it become legal for us to use the old age security files. This is bizarre, because we also manage old age security. But it only became legal for us to use those files to update social insurance files. Most people collect OAS when they turn 65—in fact, everybody's entitled to it—and when they die there's a good chance that someone will eventually tell them to stop paying this money because the person's dead. We would like to take those records and match them. We now legally can do it. We have a plan within the next three months to actually do massive updates on the files.

We also get Revenue Canada's files if people declare their deaths there. We do have an agreement with New Brunswick. We had one or two sessions with all provinces in the mid-1980s, but the technology wasn't quite there.

If we can clean up that, and if can clean up the people who have left the country, these temporary numbers, then the Auditor General wouldn't be able to make his statement that there are over three million more SIN cards than there are people in Canada. Those are the two big reasons.

It's not as simple as all that. You are also entitled to a SIN card if you are an investor in Canada, because Revenue Canada, of course, would like to get you to pay taxes on your gains. So we give out SIN cards to people outside the country who invest in Canada. We'd have to clearly make sure we distinguish those.

We are thinking that if we can't get the matches legally—and we would only do it if it's legal—we're going to do something like this in the next few months. We're going to take a look at the whole SIN registry and compare it to Revenue Canada, CPP, OAS, QPP, and Immigration, and if we see anybody over the age of 65 where there's been no economic activity, no sign of this person paying premiums of any sort, collecting anything, paying tax and so on, we're going to add a new flag to it that says it's dormant. It's not dead. It would be very embarrassing for us to declare somebody dead who shows up as alive, but at least it would add a new security feature saying if this person ever shows up on any of these programs, let's take a look at who he or she is. This person hasn't paid taxes, hasn't done anything for five years, so we'll mark him dormant. That's the kind of thing we're trying to do.

• 1130

Also, in terms of proof, if somebody wanted to walk in and say I am such a person, we would try to... Right now we do ask for birth certificates, but it's only as good as the value of the quality of the birth certificate. If it's easy to get a fraudulent birth certificate, it's easy to get a SIN number. It's the weakest link. What we need really are the databases of the provinces, so even if you bring us a phoney birth certificate, by the time we check it out later, we'll say something is suspect here. The person didn't know his mother's name, didn't know his age, didn't know his sex, so on.

Mr. Ken Epp: I have a question with respect to your database. There are some 24 different agencies that use the SIN number. Do they use a common database or do they each maintain their own numbers? I would think they probably have their own. Revenue Canada, for example, will have my social insurance number on my income tax account. Who else do I deal with? I don't know. CPP, the premiums.

Mr. Hy Braiter: EI premiums.

Mr. Ken Epp: Do they have a separate database?

Mr. Hy Braiter: By law those programs you just mentioned, plus RESPs and the Quebec Pension Plan, are legally entitled to our database. They take the SIN number as an account number. If you want to call Revenue Canada and say you have a question about your taxes, they'll ask for your SIN number and then they get all the information. But they also have access to the entire social insurance number file. So if they want to do matches to see... Say on your tax return you said you were about 41 years old and really in the social insurance file it says you're 35. They would then call you and say, look, who are you? So, yes, those programs have access to the social insurance number file.

Also, the Quebec government has negotiated an agreement with us to have access to the file for their QPP, the Quebec Pension Plan, and also for their sickness plan.

Mr. Ken Epp: Maybe you don't know, but nobody else has it?

Mr. Hy Braiter: No other province or organization has our file. No other province or organization can know who belongs to a certain SIN number. So if they're using it without that, they're using it at their own peril, so to speak.

Mr. Ken Epp: Who is it, though, that updates these data on the file? It's you guys, right?

Mr. Hy Braiter: Why don't I give Jacques a chance?

Mr. Jacques Bourdages (Associate Director, National Services, Bathurst, Human Resources Development Canada): In response to your question, and to add to what Mr. Braiter was saying, essentially we're responsible for maintaining and updating what is known as the social insurance registry. It is maintained in our computer centre in Moncton. But in terms of the registration process, all applications are received in Bathurst and processed, and ultimately new accounts are created on the SIN register.

The SIN register contains basic personal identity information about individuals who apply for numbers and cards. In terms of sharing information contained in the SIN register with authorized users of the SIN, as Mr. Braiter indicated, at the present time there are Revenue Canada, the Canada Pension Plan, and la Régie des rentes du Québec that basically have a copy of the SIN register.

As far as other users who have access to information contained in the register are concerned, they have the legislative basis for access and information is provided to them to help them validate information such as from people who apply for their various programs, whether it be old age security or la Régie d'assurance-maladie du Québec. There are a number of other agencies that do request SIN validations in terms of individuals applying for benefits under their programs.

Mr. Ken Epp: I want to know what your database contains. Don't tell me if it's secret. Is this privileged information?

For example, for me, my name—my real name isn't Ken Epp. I hope you know that, but that's my pseudonym. I go by that and I have a social insurance number.

The Chair: This is very enlightening.

Mr. Ken Epp: Actually, I can explain it very easily. When I was born, my two-year-old brother couldn't say Marvin, so my parents called me by second name and I've gone by that all my life.

Anyway, what do you have on me? Do you have my address, my phone number, what province I live in, how much I weigh? Do you have my new weight, because I've lost 25 pounds? What do you have on me?

• 1135

Mr. Jacques Bourdages: Essentially, each record in the registry contains, first of all, your social insurance number; your names, both at birth and the names you go under currently; your parents' names, your father's surname and given names, as well as your mother's surname and given names; your date of birth; obviously your sex; and we do have an address for administrative purposes. When somebody applies, we do maintain the address for five years in case it could be used if somebody applies for a replacement card. That's essentially what is maintained. If you've had married names, other surnames, and so on, it would be in the database. It's basically identity information or personal information of the individual.

Mr. Ken Epp: You talked about accuracy in your database. The big question now, though, is, what mechanism do you have to keep it up to date?

I have been moved four times by the post office in the last ten years. I'm still in the same house, in the same location, but they've reallocated how they identify me in their postal system. Do you have those? Do you get those from Revenue Canada, or how do you do that?

Mr. Hy Braiter: No, we don't get them. We don't try to get addresses. What happens is when you do business with Revenue Canada or with EI, you supply them with your latest address, of course, to do business with them. They have access to our files, so if there's some illegality going on, they would know that perhaps you're not you, because you'd have to have all the other information correct.

You see, when you go to collect your Canada Pension Plan, we're not just going to take the card and start sending you the money. You're going to have to prove your identity all over again. The programs have their own security. The account number links all of your data for that program. So in CPP, with your SIN number, they know how much you've contributed over the years, so they can determine what your benefit is. In fact, they're sending you and will be sending you regular updates so that you know what you're entitled to.

So in managing each program, the SIN number is strictly an account number, and the rest flows from there. The program should have its own integrity features and control features to make sure the rest is not abusive.

Mr. Ken Epp: Okay.

The Chair: Mr. Epp, this has to be your last question.

Mr. Ken Epp: Really? I'm having so much fun.

The Chair: I'm actually being indulgent.

Mr. Ken Epp: Are you?

The Chair: You're over your ten minutes. You'll have ample opportunity in the next round.

Mr. Ken Epp: If I fill in my income tax, and in that little form where it asks if your address is the same as last year I say it isn't and give my new address, does that automatically flow back to your system?

Mr. Hy Braiter: No.

Mr. Ken Epp: Why not?

Mr. Hy Braiter: It can, but it doesn't, because we don't typically mail you stuff. If we wanted to mail you stuff, as we may be in this integrity improvement process, we would be looking at the Revenue Canada files, the old age security, the CPP and Quebec Pension Plan, and we will be doing a validation of your birthdate again. If there are any discrepancies, we may go back to the public and try to get them cleared up. This is what we're talking about improving, the integrity of the file.

But the answer to “why not” is that it did not seem to be an imperative over the past, because we don't typically mail all the individuals material. If we needed the addresses, what we would do is take the Revenue Canada files and use the latest address, or the latest on the EI files or CPP or OAS.

Mr. Ken Epp: Okay, I'm going to have to quit. I'm being pressured by the chairman.

The Chair: There's no pressure. You'll survive my pressure.

Mr. Vellacott, please.

Mr. Maurice Vellacott (Wanuskewin, Ref.): I want to address my question to Mr. Braiter.

If I understood you correctly, you made a statement in your concluding remarks, under the “fifth team”, to the effect that some day in the future, tentative or possible, these could be as secure as the soon-to-be-implemented gun registry card. I find that interesting.

First off, is that what I heard you say?

Mr. Hy Braiter: I was merely trying to say that if the government wants to make this an ID card, I was giving an example of where we as an organization administer something that's more like an ID card. So we're capable, and I was doing a sales pitch to say give it to us to administer if you'd like to make an ID card.

Mr. Maurice Vellacott: Being that you made that statement then, Hy, and the comparative that was used in your concluding remarks, I am curious. We know, or there's pretty good speculation or suspicion, that there will be a breaking into or a possibility of breaking into those databanks. Would you say there's any possibility of that?

Mr. Hy Braiter: Breaking into...?

Mr. Maurice Vellacott: Your SIN databanks.

Mr. Hy Braiter: We haven't had any incidents of that sort of thing happening, in terms of people breaking in. We have all the normal computer protection, and we don't use public lines to transmit information. Our security people are quite involved in making sure these data are secure. We don't know of any incidents of a break-in to the actual files or stealing all of the files all at one time. We don't give them out except to the provinces we mentioned.

• 1140

Mr. Maurice Vellacott: I ask that because if in fact we move the SIN card up to another level, if you say beyond the kind of marginal importance it might have right now, then maybe there would be more attempts. I guess that's—

Mr. Hy Braiter: Sure, and that's why the card itself would have to be more sophisticated. Without being a scientist...a picture would at least help.

Mr. Maurice Vellacott: Right.

Mr. Hy Braiter: A picture that was updated every five years, and a card that was hard to copy, like the dollar bill, that had certain background features, chips, and so on.

Mr. Maurice Vellacott: We're getting a bit into the realm...as we look at the future. I guess that is part of our mandate here too, the speculative possibly.

Again, let me get back to the gun control registry, the whole suspicion of it possibly being used in arbitrary orders in council, where certain long guns are banned thereafter down the road, this type of thing, invasion of privacy...

If we have a greater level of importance attached to the SIN cards down the road, looking to the future, what kinds of means would it be used for? Could it be used for nefarious kinds of things?

Mr. Hy Braiter: I can only give you a personal view. I can also tell you what some interprovincial and federal-provincial studies have concluded.

A few years ago a Treasury Board review asked whether we need a common client identifier to make it easier to match data or to record data against a certain individual. The conclusion was that there's nothing federal government departments want to do today that a common client identifier would help them do. That was from my personal recollection. So it was dropped.

But at the federal-provincial level, they still thought the common client identifier would be helpful in terms of efficiency. I understand that recently they wrote their report and they concluded that they don't really need it.

The big issue is whether you have one number against which everybody logs everything. But today the number is only to be used officially for certain programs. If you have a number against which all your hospital records, all your bank records, all criminal records, all your report cards in elementary school are logged, then you have to consider what this means from a public policy perspective or a privacy perspective. My personal opinion is, sure, if you made one common ID card and if you also encouraged everybody to use this as an account number, it would be much easier to link all the data on an individual. That's not to say it can't be done today.

Mr. Maurice Vellacott: Right. That being the case then, and I guess if we speculate on the future, the greater value then attached...no question, you'd really require security to the maximum. I think that would be acknowledged.

I guess I'll have to say—I think you probably caught that from the inference in my lead question—that I wasn't greatly assured in terms of the security of the SIN's future with respect to likening it to the gun control registry card.

Mr. Hy Braiter: No. The gun control registry card is a little more secure, and it has a photograph.

But if you really want to go future, you start looking at DNA. You could have a hair sample with every application for a SIN number, and we'll have your DNA on file forever.

Mr. Maurice Vellacott: You can appreciate that I want to be reassured, and that particular illustration was not particularly reassuring for me.

Mr. Hy Braiter: No. It's a really complicated issue when you move efficiency, common client identifier, and privacy issues together.

Mr. Maurice Vellacott: Right. When you complicate it, you have the value, but it's much more by way of those other added features. Thank you so much, sir.

The Chair: Thank you, Mr. Vellacott.

Mr. Wilfert.

Mr. Bryon Wilfert (Oak Ridges, Lib.): Thank you, Madam Chair.

First of all, Mr. Braiter, it's an interesting presentation. It's a pleasure to hear a bureaucrat who has a sense of humour and actually has a personal opinion, which—

The Chair: I have to correct the record. I've met many who have a good sense of humour.

Mr. Bryon Wilfert: Well, I don't know. Sometimes I think they're trying to be funny when they're not, and then sometimes I think—

An hon. member: Just like politicians.

Mr. Bryon Wilfert: But they never have a personal opinion. So I must say that's very refreshing. I had some bureaucrats in the other day who had absolutely no personal opinion about anything, it seems.

Mr. Hy Braiter: I have 30 years of service, and it helps.

Mr. Bryon Wilfert: Oh, that's good. You obviously started when you were ten as well, I see.

Some hon. members: Oh, oh!

Mr. Bryon Wilfert: The situation described by the Auditor General, and which you have talked about, has led me to wonder whether the system can in fact be fixed. I tend to lean towards the view that it can't be fixed and that it should be replaced.

Having said that, I'm in a personal quandary as to the issue of a common client identifier and the fact that I do believe that in many ways we give out too much information in this country.

• 1145

The United States has suggested that there are 15 to 20 active files on every American. I have no idea how many there are here, but the fact is that we have a system in which I think the public has lost confidence. Certainly it doesn't understand the system, and I think that's been very clear. The perception is one that is not very good.

You indicated that you want to provide accurate information, you want to eliminate abuse, and the benefits only, of course, would be going to those who qualify. I certainly would agree with all of those.

The difficulty is that it seemed to have got out of control. The fact that it took 12 years before we really started to do anything of any nature would tell me that it can't go to the shop to be repaired.

My concern is that I would hate to think we are... You're talking about taking certain actions already, and I certainly understand the need for that, except I wouldn't want to go down that road too quickly. If in fact we come up with a policy decision, which I would hope we will do soon rather than later, instead of spending moneys in areas that... And governments are great at spending money and then coming back with a different policy.

Having been in politics for 13 years, I can tell you that I hate to see us start something and then decide, well, no, we'd better do something else.

As policymakers, I think we have to make a decision as to what way to go. Obviously the Privacy Commissioner in his presentation, and others, will provide us with information.

But I do believe that we're way off in terms of the card number. I certainly think that a minimum of a picture and all sorts of things... I mean, we have it for driver's licences.

Really what it comes down to is that we are in a situation where basically we have no confidence in a system where your suggestion would cost us a quarter of a billion dollars. That would be the cost to at least reissue the SIN numbers, and then whatever other dollars on top of that. In many respects, that may not be too high a price.

It's a situation where you're taking specific steps on security features, upgrading. Will you be able to provide the kinds of dollars and tell us what types of features you're bringing in? How much is that costing? What kind of mandate do you have to do that? Is there a working paper, or some kind of strategy, at least in the short term, to deal with...?

The fact that people abuse it and you're... You said it's $1,000 for... It's ludicrous. Surely there are some temporary things we could bring in, in the meantime, to deal with these.

Mr. Hy Braiter: I fully agree that we have to do something. Regardless of the decision, are we moving towards a personal identity card, or are we going to stay with this process or policy for a while?

As an administrator, I think the onus is on us to fix what we have at the lowest possible cost.

So in the next three or four months we will be moving forward with what we call the immediate steps. That is to bring up to date the information using the old age security files, go after the provinces for their vital statistics, bring our information up to date using those data, and similarly bring it up to date using Revenue Canada data.

I pointed out today that it's not that we were dumb over the years and should have done this; it's that we didn't have the legal access to some of it. We only changed the law in OAS a year or so ago.

We will also do this new concept: if there's no activity, flag it so anybody could know. If this person shows up for benefits, take a look at the person, because he's been out of sight for years, and he's also 100 years old.

So we're going to try to clean that up. That's not going to cost a quarter of a billion dollars. We're going to work on that, and naturally, whatever money we spend on it, we have Treasury Board to look over our shoulder, to approve the money. We can't just spend money on things at our whim.

So we will be going forward with a short-term plan to Treasury Board. We also have these five teams looking at other things we can do, like improving ID and stepping up on the investigations.

We will stop short of reissuing all SIN cards. That would only be done hypothetically, if you decided you wanted it to be an ID card. We would then get into the quarter of a billion dollars, but we wouldn't get into that kind of money. We're talking money to get files and programmers to match files and update some data. That is not a big, high-cost item; that's an issue of programming systems people, some money and legal clearances to use the data we want to use.

The other thing that was brought up at the public accounts committee is whether we have an awareness program saying to people, this is it, so don't ask for these SINs when asking a tenant to sign a lease; it's a useless thing. Or you go the other way. If you go the other way, whether you call it upgrading the SIN number or starting a new system, it amounts to the same thing. You're starting off with a new card, you have to call everybody in, you need ID, you need pictures, fingerprints, whatever you want, however sophisticated you want to get. But in terms of what we have today, we can make it a lot better in short order.

• 1150

The AG was asked the same question you asked. He said if we do what we have in our plan, he thinks it will go a long way to regain confidence in the integrity of the SIN. That would not be in the SIN card as an ID card, but in the SIN for what it was intended to be used, and for what it is still intended to be used by policy today.

The Chair: Thank you.

Mr. Johnston, you have ten minutes.

Mr. Dale Johnston: Thank you, Madam Chairman.

I am intrigued with the idea that, as you say, if you want to cash a cheque, the IGA asks for your SIN card. You also say it's not meant to be an identifier, but people like the IGA or the Hudson's Bay Company, whatever, if they assume it's an identifier, I'm sure a lot of other people out there could...

So could that be the starting point of someone building a new identity? Whether or not it is an identifier, all that's necessary to make it become an identifier is to have enough people believe it is. Then you can start the process of acquiring credit cards, building yourself a credit rating, bank accounts, and all the rest of that stuff with a fraudulent SIN. What can be done to prevent that from happening, short of DNA or fingerprints, which I think is far too large a leap to make?

Mr. Hy Braiter: Well, I think improving the integrity of the file itself would help, as well as improving the ID that's needed at the front end. Getting an extra card or ten extra cards would help, as well as getting the databases from the provinces to double-check that after you did get your card and showed us your birth certificate...

We may find out that this was not a real birth certificate. We could only know that if if we went back to the source, which is on the records of the provinces, to check if the data match.

Ensuring that this integrity in the database is improved and that the proof of ID needed to get a card is improved would go a long way. And wiping out the three or four million dormant cards that are there, where people obviously have died or left the country... Wiping those out so that you don't get one of those cards to start your proof of identity going would be very helpful. If you did use it, we'd catch you the first time you tried to use it for taxes, EI, or whatever. Those would all be helpful ways of making sure this is not an identity card.

Also, I think what would also be helpful would be a public awareness program that says, don't rely on this card, don't ask for it unless you're EI, taxation, or a bank and need to record the interest that is being paid.

I think those could go a long way towards...

Mr. Dale Johnston: I think that touches on the second part of my point. People need to become aware that places like the IGA—just for demonstration purposes—should not be asking you for your SIN. Also, if someone like that asks you for it, you are under absolutely no obligation to give it to them. So I think that would go a long way in preventing people from starting off with new identities.

But I have to think about things like people coming in to me with their birth certificates. I've known these people for 20 years or so, and their 65th birthday is coming up. They bring in a birth certificate to me and say they would like to apply for their old age pension, but they need somebody to verify that this is them on the birth certificate.

Well, certainly I've known that person for 20 years, but for the first 40 years it could have been somebody else. Here I am signing that this is a true likeness of the person on the birth certificate. It gives information that certainly sounds plausible, but I have no way of verifying every bit of information on there. All I can say is that to me this seems to be a true likeness of the person.

• 1155

So it seems to me that if someone really was determined to build a new identity here, they could do that. They could apply for the old age pension, they could maybe even have an account with Revenue Canada, and it would all go through. I hear you saying that the first time they tried to use this they would be caught, but I just wonder if that is exactly the case.

Mr. Hy Braiter: Well, there are a lot of very clever people out there, and where there's money, there's a will to try to defraud. This is why we said that one of our tranches was to take a look at the investigations and our capacity to investigate. It is also why I pointed out that it's not that bad. We do catch people, quite a number who try to defraud EI or CPP.

But it's not that easy. I'm trying to point out that you would need that new birth certificate to go to CPP. You would need an honourable person to say that this is the person. You would need a whole history of contributions to collect the CPP. Then we would check back with the registers in Bathurst to see that everything lines up, so that you're beyond suspicion.

Then, of course, if there's another person who's really the person belonging to that SIN, eventually that person would come forward or have a different address on the taxation files, and so on. So there are a lot of checks and balances in the system.

But the Auditor General said that there is potential for fraud. I think that perhaps at this committee he mentioned that his estimates were perhaps $30 million or $33 million. Well, we catch $700 million a year in EI abuse. So it's a question of where you put your emphasis: catch them when they're trying to abuse the program or catch them when they're trying to set themselves up.

We have to do both. We have to do preventative...but also make sure that whatever scheme they have in mind, that scheme will be thwarted.

Mr. Dale Johnston: It would seem to me that—

The Chair: Mr. Johnston, this is your last question.

Mr. Dale Johnston: My last question? Boy, time goes fast when you're asking questions.

It would seem to me that if, as you say, the provinces are more aware, it's the provinces that keep track of things like births and deaths, and so forth. Perhaps there's a lack of communication, or the communication could be improved between provincial departments and Human Resources to keep track of these things, if there are some 300,000 people over 100 years old.

Mr. Hy Braiter: You're absolutely right, and we're going to work with them to try to get them to share their data with us, as long as it's legal.

In the past there have been problems. Their data weren't always in a technological format that was usable, and their legislation didn't always allow them to give us their data. Their motivation to cooperate with the federal government wasn't always there.

I think some of those things have wound up. The AG report will help us as a lever. I think there's a new spirit of cooperation. Also, they're using the social insurance number for a lot of programs, like welfare and social assistance, and so on. There's a mutual interest in making sure they get some benefits. So our minister has already made the first launch. That would be good.

If I may, I could tell you an example of success in New Brunswick. I understand the New Brunswick government was not hindered by legislation and has given us their vital statistics file. Anybody in New Brunswick who applies for a social insurance number can get it within 30 to 40 seconds, as opposed to two to three weeks.

That sounds scary, but what happens is they call us up and say, I'm so-and-so, my birth certificate number is such-and-such. On our computer screen in the office in Bathurst we look at it and say, yes, we have your birth certificate in front of us. We're not worried about a phony photocopy of a birth certificate; we have the provincial file right in front of us. We ask that person all sorts of information that's on the birth certificate and all sorts of information about that person that the provincial government has. If they pass the 5, 10 or 15 questions, we say to the person, do you have a pencil handy? Here is your new social insurance number and account number; you can start work. We will send you the card in the mail.

We have done a six-month pilot on this. The pilot has been closed down, because now we want to put the case together to go forward.

The attractiveness to provinces of having their clients served in 30 seconds as opposed to three weeks is going to be a very big selling point.

We actually have a neat video on it that we're going to market to the provinces.

Mr. Dale Johnston: Very briefly, surely there wouldn't be any need for additional legislation just to have the provinces share the information as to who has died and therefore doesn't need a SIN number any more.

Mr. Hy Braiter: Well, I can give you the example of our own federal old age security files. We just got the appropriate wording in place about a year or so ago to allow them to share the information.

• 1200

There are all sort of programs with all sorts of legislation. This is to protect privacy, and it has valid reasons. Some provinces have stronger legislation than others, so there is a problem in that respect. We can only do what we can legally do.

The Chair: Thank you, Mr. Braiter.

Mr. Clouthier and Mr. Wilfert will be sharing time.

Mr. Hec Clouthier (Renfrew—Nipissing—Pembroke, Lib.): Thank you very much, Madam Chair.

First of all, I did find out something I didn't know this morning, and it's that Ken Epp's first name is Marvin. It's rather startling to make that discovery.

Mr. Ken Epp: Marvellous Marvin.

Mr. Hec Clouthier: Marvellous Marvin? Well, we'll ask Preston about that.

Gentlemen, it's quite obvious that in 1964 the SIN number certainly was meant for something different from what it is used for today. I come from the field of business, and I know the very first thing I ask any potential employee for is a SIN number—my accountant and my administrator ask for that. I know that if my wife goes to the IGA or if I ask for a MasterCard, it seems to have taken on a whole new connotation. As we like to say in the upper Ottawa Valley, the horse is out of the barn and we don't know where it's going. I guess there are two options here: you either rein in the horse or you get on the horse and ride it where you want it to go.

I guess my question to you would be whether or not you believe—and I guess it would be rather courageous of you to answer this, yes or no—we're stuck with this fact at the end of the day. Do you believe the SIN number should be a personal identifier with the owner's picture on it? I know there is a cost factor involved, but, speaking for myself—and I know there are other people out there who feel the same—I believe we should incur that cost because it's used in so many different circumstances at the end of the day.

Listen, people are going to find out what you're all about. I don't like the fact that there are fifteen different files on Hec Clouthier, on Ken Epp, or on my colleagues on this side of the House. I just believe that incurs more cost. You're just building more bureaucracies or more associations that are looking after those things. Why not coordinate them all into one? My goodness gracious, at the end of the day, we basically know what's going on about one another anyway. Do you believe there should be perhaps a monolithic identifier and that we should have that as the social insurance number?

Mr. Hy Braiter: I believe there really should be a public debate around this. The people of Canada should have an influence in deciding what the future direction should be. I think this is too big a question for any one person, one bureaucrat, or even one minister to decide. It really is a fundamental question of values and principles and privacies. I think this is what needs to be done, as the Auditor General said in that respect. And at the same time we're doing that, whatever we do have should have integrity and should have good administration.

Mr. Hec Clouthier: But you see where I'm coming from. It's just unbelievable that you need this social insurance number for basically anything you do in life currently.

Mr. Hy Braiter: If I may, two out of the three examples you gave are legitimate. For hiring an individual, you need a social insurance number. You're going to start deducting taxes, CPP, and EI premiums against that account number, and you're going to submit it to the government. That's legit. Banks needing it is legit because they'll credit interest and they'll give a T-5 to Revenue Canada and the individual. The IGA is not legitimate. That's silly, because they'll never get—

Mr. Hec Clouthier: Irrespective of saying that—

Mr. Hy Braiter: It's the perception.

Mr. Hec Clouthier: —they still ask, whether you like it or not. It's the same with rent or buying pieces of equipment. It's just unbelievable. It has taken on a life of its own. Like I said, the horse is out of the stable, so what are you going to do with it?

Mr. Hy Braiter: One thing you can do is re-educate the public. The other thing you can do is strengthen the legislation a bit so that the public is not denied service by not giving out their SIN number.

Mr. Hec Clouthier: Okay, thank you.

The Chair: Mr. Wilfert.

Mr. Bryon Wilfert: In terms of public education, it's not just on SIN numbers. Even for Visa cards, people ask you for your phone number. That's none of their business. You can have a public education campaign. That's very nice. On the other hand, I want to nail them. How do I nail them, and with what kinds of penalties? I think we have abuse. Canadians are always willing to hand things over. That's part of our make-up. We're very compliant, yes. On the other hand, I do think we need to have appropriate, stiff administrative penalties, certainly in the short term. That wouldn't take much to get into place.

Mr. Hy Braiter: That's correct. We have a precedent with the EI Act for EI benefits. The penalties are up to three times the amount you've collected invalidly, based on how many times you did it. It's not always three times. There is a policy.

• 1205

If you were to take the $1,000 court maximum penalty and allowed it as an administrative penalty—depending on how many cards one has, how many abuses are involved and so on—with an appeal process, at least there is some deterrence. I don't know the amount that's right, which is why we have a team that will be consulting with Justice to look at precedents, to look at degrees, to look at what kinds of court fines were actually given. That team will try to give us, and therefore our agents, the authority to apply those kinds of penalties under strict guidelines that the commission perhaps would have. We have an employment insurance commission, so we have an independent body representing employers and employees. They may have a policy-setting role to make sure it's not going to—

Mr. Bryon Wilfert: Is any timeframe in place for that?

Mr. Hy Braiter: We are looking at a report by June on that particular issue.

Mr. Bryon Wilfert: By June. We don't work fast, do we? Why would it take until June? You've identified that there's a problem and you have an example already.

Mr. Hy Braiter: First of all, this would take legislation.

Mr. Bryon Wilfert: Right, and this Parliament, like past ones, can be pretty fast when it wants to be.

Mr. Hy Braiter: Bob is our keeper of the schedules.

Mr. Bob Nichols (Director, Insurance Program Services, Human Resources Development Canada): We have experts who are examining this issue, and this is the kind of timeframe they have proposed to us.

Mr. Bryon Wilfert: Are they getting paid by the hour?

Mr. Bob Nichols: No, they're public servants, just like we are.

There's a considerable amount of consultation required in an issue of this scope. The idea of government levying penalties as opposed to taking people to court is not one that should be treated lightly. It's possible that the timeframe could be advanced through the work that goes on over this winter. The team has started. It's connected to SIN investigations as well, because we want to come forward with a package.

Mr. Bryon Wilfert: Madam Chair, in any comments to the minister, I would certainly ask that we move as quickly as possible. In the meantime, there are still abuses going on.

On penalties rather than courts, the courts are not the avenue to take, in my view. I do think penalties are there. If you're going to use public awareness programs to tell people it's only used for X, that doesn't really mean a lot. You have a law in place. Without a penalty, the law is... I presume the only reason you don't go through a red light is that there's a penalty. Otherwise—

Mr. Bob Nichols: I think there are two—

An hon. member: Well, you don't want to get killed.

Mr. Bryon Wilfert: You could drive your car on the sidewalk.

Mr. Dale Johnston: Only in Ottawa.

Mr. Bryon Wilfert: In Ottawa? No, Ottawa only has two seasons, winter and construction, so you can't get very far anyway. Anyway, I digress.

I would like to see us speed it up, number one. Number two, I'd like to see us come in with some clear recommendations as quickly as possible. Quite frankly, in my books in any event, June is ridiculous.

The Chair: Point made. Thank you.

Mr. Bryon Wilfert: Thank you, and I know I'm only standing between this and lunch, right?

The Chair: Actually, I just need one quick point of clarification. You mentioned earlier that it would take $10 to replace a card. As you may be aware, the American Government Accounting Office has undertaken an estimate of the cost of various replacement options with respect to the social security card in the United States. I have a report here that shows their replacement cost would be 36¢ per card. To what do you attribute the excessive cost in Canada?

Mr. Hy Braiter: If we have one person in a basement in Bathurst, at a machine that just pumps out these cards, yes, that's 36¢ for the plastic and the machine. But what we're talking about is when you apply for a card for the first time as a teenager—the current cost of you coming to our local office; spending time with our agent in the local office to establish proof of identity; having us help you fill out the application form; and us shipping the application form to Bathurst; Bathurst reviewing the application and entering the data on their computers in an organized fashion; Bathurst issuing the card and mailing it; and then Bathurst maintaining these cards, matching them with all the different departments.

What we take into account is the entire cost in Bathurst. We divide it by the total number of new cards issued in a year. We then come up with a cost of about $7 million per year, which we share with Revenue Canada and QPP. That's how it's done.

• 1210

If we just wanted to issue a card, that's another story. If you want a replacement card, we charge you $10. We give you the first card free and we charge you our cost for the next one.

So, really, that's what we're considering as the cost. It's all of the costs together.

The Chair: Do you have some study you can present to the committee?

Mr. Hy Braiter: Yes, we have audited statements of our costs, because the other departments who have to share want to make sure we're not overcharging.

The Chair: I think all committee members have the greatest respect for your efforts to repair the SIN program, but, as you've said, there are a lot of clever people out there. They're using the system as a weapon to defraud the government and to rob the ordinary citizens. So we certainly wish you a speedy solution.

Mr. Epp, you had a quick question.

Mr. Ken Epp: Yes, it's really quick.

The public service has its own accounting number for its employees, its own employee number system, and so do the armed forces. Of course, this costs x number of dollars.

A voice: A lot of money.

Mr. Ken Epp: Is their system better than yours, and can you copy it? Is it worse than yours, and should it be replaced? What's the deal on that?

Mr. Hy Braiter: You may wish to speak to some of your other witnesses on this one. My recollection is that about eight years ago or thereabouts, we used to have our social insurance number on our cheques. That used to be the account number that was being used, but because of the privacy-type considerations and the proliferation of the use of the SIN, the federal government led by example and eliminated the SIN as the employee account number. As a result, we all have this unique number on our paycheques that is not the social insurance number, and all our personnel records and everything else are kept using this new unique number.

Mr. Ken Epp: Is it better?

Mr. Hy Braiter: I don't know how it's managed or controlled, or who the information is given to.

Mr. Ken Epp: Oh, you don't know that. Okay.

Mr. Hy Braiter: I have no idea. But this is an example where anybody who does create a new number has to set up an organization to manage it, or it's just another account number.

The Chair: Thank you, Mr. Braiter.

We'll adjourn for five minutes. The meeting is suspended.

• 1212

• 1229

The Chair: I encourage everyone to take their seats, and we will reconvene the meeting.

In our next segment we have with us representatives from the key departments and agencies with a policy-making role with regard to social insurance numbers. There are officials here from the Department of Justice, Treasury Board, and the Office of the Privacy Commissioner of Canada, who will provide us with their perspective as central agencies on the policy options the government and Parliament has made available to us.

We are privileged to have with us a former journalist who really knows how to keep a secret, Mr. Bruce Phillips, Privacy Commissioner; and also Julien Delisle, Executive Director of the Office of the Privacy Commissioner of Canada.

• 1230

From the Treasury Board of Canada we have Ian Sinclair, Director, Information Policy Division; and Mr. Ross Hodgins, Senior Policy Officer, Information Policy Division, Chief Information Officer Branch. From the Department of Justice we have Elizabeth Sanderson, Senior General Counsel; Mr. Brian Jarvis, Legal Counsel, Public Law Policy Section; and Lita Cyr, Counsel, Information and Privacy Law. So we have a full house.

Without further ado, because I know everybody's eager to hear what you have to say, please, Mr. Phillips, you have the floor.

Mr. Bruce Phillips (Privacy Commissioner of Canada): Thank you very much, Madam Chairman.

You referred to my previous life. I could at least claim a longstanding familiarity with this issue, because I was a working stiff up on the Hill when this subject was first brought before Parliament back in the 1960s, and I well remember some of the reservations that were expressed at the time. All of the worst expectations about SIN that were raised then have come to fruition, unhappily.

This is an old, old story. Every one of the 14 last reports of the Office of the Privacy Commissioner of Canada has drawn attention to various weaknesses in the SIN number system, and I have to congratulate both this committee and the Auditor General, who has proven to be far more persuasive in this matter than I have been because at least he has gotten you to take this subject up.

As the previous witness, Mr. Braiter, mentioned, this is something that desperately needs to be fixed. It has needed to be fixed for a very long time.

The issue of unrelated uses, to which a number of members here have made reference, is something that is reasonably easy to fix, in my opinion. It was recommended as far back as 1987 that it be made an offence under the law for people to refuse to deliver services if they didn't have an expressed legal right to require the production of a SIN number. If that had been in place in the first instance, the SIN number now would not be the convenient bookkeeping device it has become for credit reporting agencies, thousands of retail companies, and all that sort of thing. The previous witness expressed some puzzlement as to why companies ask for this number. They ask for it because it's cheap bookkeeping, and it is a common reference number for credit reporting agencies with whom they do business.

We could have stopped all that at the beginning. We could stop it today, if we want to. It was recommended in 1987 by one of your predecessor committees, the justice committee, that this be done. The justice department at the time did not accept that recommendation, but at least they did tidy up the federal government's own management of the SIN number by restricting its usage to, I think now, 20 different statutes that authorize its use. But at least as a common personal identifier in government records and with government employees that was discontinued, with some inconvenience and some expense, to be sure, but in the interest of recognizing a basic civil right here.

Some of the questions that have been put here this morning have intrigued me. Some of your members wonder why we just don't get on with the business of having everybody adequately identified probably by a biometric or photographic means on an ID card that would put any question about the authenticity of the card and its carrier to rest. My answer to that is that if you go that route—and I'm glad the previous witness said we really need a long public debate on that subject—you have put in the hands of the state the perfect control tool for unlimited surveillance. That's why.

Do we really want to go down that road? While I am anxious to see the SIN issue fixed, I hope that in fixing it we don't create a problem that is much worse than SIN, which is to put in the hands of bureaucracy and government a surveillance tool far more powerful than the one they now have.

In fact, I would almost invite this committee to contemplate life without a SIN number at all. I'm willing to bet you that if there were no SIN number in existence today, the world would not have fallen, the sky would not have tumbled upon us, and we would still be getting our CPP and our OAS.

• 1235

What the SIN number does for the government is provide a convenient bookkeeping tool, but it does nothing for the individual citizen, particularly in recognition of that person's right to some control over his or her personal information.

We already have a problem inside the government with respect to SIN, because although it is now regulating its own use of SIN to specific legislated uses, there is a huge escape hole. Something like 200 agreements exist between the Government of Canada and other provincial governments, private corporations, and foreign governments for the exchange of SIN number information.

In fact, it's easier for the government to trade that particular number with other organizations than it is within its own operations. That is true. The government does have at least a data matching policy that requires some minimal—and I do say “minimal”—attention to the privacy implications of matching all the data banks in its possession.

I would like to see those controls strengthened, not weakened. At any rate, I hope this committee will not conclude its deliberations by urging the government to press forward with a national ID card, which could make the SIN issue look pretty simple and minor by comparison.

The question we have to put to ourselves with all of these ID and information issues is this. How much surveillance power should the individual citizen be willing to give up to the hands of bureaucrats, law enforcement authorities and similar entities in the interests of catching the few fraud perpetrators as contrasted with the millions of perfectly law-abiding, honest citizens who value their personal liberty? That is the issue.

There are countries around, much older than ours, that are getting along perfectly well without a lot of these ID systems, notably Britain, which has managed, after many centuries, still to get by without a national ID card.

The subject came up in Australia a few years ago. The government proposed a national ID card, and I'm glad to say that Australians still value their right to protect their unique personal identities, because they rose up, almost to a man and woman, and said, “Bring this in, pal, and you're out”.

There is none in New Zealand. A number of European states have been only too anxious to get rid of these noxious ID systems, because they had been the tool for totalitarian control of their lives.

We have managed in this country...with the single exception of wartime, when we all, or at least those who were coming into draft age, had to carry a national registration card for draft purposes. One of the very first acts of the government of the day at the termination of the war was to dispose of the national registration card.

I hope that spirit still infuses our citizens and still infuses this committee. We have witnessed over the last ten years an explosion of surveillance of our daily lives, in almost every area. The SIN number is only the tip of the iceberg, probably not even the least offensive, if you want to get down to it.

By all means, let's fix it, but let us have this committee, let us have this Parliament, let us have this society say enough is enough—we do not wish to become digitized subjects of the state and we do not wish to be under the surveillance of cameras, night and day, all our lives. Let's put an end to this.

This committee has an opportunity to say it stands four-square behind the Supreme Court of Canada, which has said several times that privacy—that is to say, the individual ability to control your uniqueness, your identity, and what the world knows about you—is the absolute bedrock issue in personal liberty in a democratic state.

Thank you.

The Chair: Thank you for a short but very impassioned intervention, and a useful one.

We'll now be hearing from Mr. Sinclair from Treasury Board.

Mr. Ian Sinclair (Director, Information Policy Division, Treasury Board of Canada): Thank you, Madam Chair.

Hon. members, Commissioner, and colleagues, thank you for the opportunity to discuss the management of the social insurance number. My views are provided from the perspective of the policy centre responsible for supporting the role of the designated minister, the President of the Treasury Board, in the administration of the federal Privacy Act.

The designated minister is responsible for issuing the Treasury Board policy on privacy and data protection. It includes directives and guidelines pertaining to the use of a social insurance number and control of data matching of personal information. These are intended to assist heads of institutions in administering privacy legislation within their departments and agencies. The Treasury Board Secretariat remains committed to the policies on use of the SIN and data matching. Increased use of the number, and the potential to use it as a mechanism for data matching, has been the subject of a great deal of public debate.

• 1240

Privacy commissioners' reports, private members' bills, the Standing Committee on Justice and the Solicitor General, and more recently this committee, have proposed measures aimed at preventing the SIN from becoming a national identifying number and at controlling the use of personal information for data matching purposes. The current policy on the use of the social insurance number and the policy on data matching were developed in direct response to recommendations arising from the review of access to information and privacy legislation conducted by the Standing Committee on Justice and the Solicitor General in 1987.

The committee's recommendations are presented in a report Open and Shut: Enhancing the Right to Know and the Right to Privacy. The policies reflect the government's commitment to protecting the privacy of Canadians outlined in its response to Open and Shut, entitled Access and Privacy: The Steps Ahead.

The social insurance number policy reinforces the code of fair information practices, which comprises sections 4 through 8 of the Privacy Act. It states that it is the policy of the government to prevent the SIN from becoming a universal identifier by limiting collection and use of the SIN by institutions to specific acts, regulations, and programs, and notifying individuals clearly as to the purposes for collecting the SIN and whether any right, benefit or privilege could be withheld or any penalty imposed if the number is not disclosed to a federal institution requesting it.

The social insurance number was originally conceived as an account number for specific programs. The Auditor General's report confirms the SIN is being used by the public and private sectors in many ways never intended by Parliament. It also confirms that controls on its use may be inadequate. The report describes in details factors that render the SIN unreliable as a personal identifier.

There is often an underlying impression that initiatives to improve the foundation of the SIN have encountered roadblocks or barriers because of political sensitivities over privacy impacts. This impression of privacy concerns should be clarified. Ensuring that the number is reliable when used for the purposes for which it was created would be supported by many of those concerned about privacy. Reliability of the SIN is also required by subsection 6(2) of the Privacy Act, in that a government institution shall take all reasonable steps to ensure that personal information that is used for an administrative purpose by the institution is as accurate, up to date, and complete as possible.

Privacy concerns also focus on expanded use of the SIN for purposes others than those for which it was created, for purposes not approved by Parliament, and for its unregulated use by the private sector.

Treasury Board policy will continue to support use of the SIN for purposes approved by Parliament, as well as any initiatives to enhance the integrity of the number. However, the SIN is frequently only the flag for the more serious threat to privacy—data matching. In 1988 the Treasury Board issued a policy and detailed guidelines, the purpose of which are to ensure that data matching and data linkage of personal information for administrative purposes meet the requirement of the Privacy Act. The data matching policy requires that prior to initiating a matching program, government institutions must assess the feasibility of the proposed match. They must analyse the potential impact on the privacy of individuals and the cost and benefits of the data matching program.

Government institutions must notify the Privacy Commissioner of a new matching program by providing him with a copy of their assessment of the program at least 60 days before it is to begin. A data matching program must be approved only by the head of the government institution or an official specifically delegated this authority by the head. Government institutions must account for all matching activities in InfoSource. InfoSource is the public inventory of federal government information holdings that the designated minister produces pursuant to legislative requirements. Government institutions must subject information generated by a matching program to verification with original, or additional, authoritative sources before that information is used for an administrative purpose.

• 1245

It must be emphasized that the current policy and the definitions for data matching, matching program, matching institution, and matching source are consistent with the intent of and vocabulary used in the code of fair information practices. They are comprehensive and encompass all forms of data matching involving the use of personal information for administrative purposes.

When the government issued this policy, the Privacy Commissioner, in his annual report to Parliament, congratulated the government for working closely with his office in developing a new policy that gives Canada what may well be the toughest and, from a privacy protector's point of view, the most enlightened data matching code anywhere in the world.

It is important to distinguish the roles and responsibilities of the various players when debating use of the SIN in data matching activities. The roles and responsibilities assigned to stakeholder institutions by Treasury Board policy are consistent with those in the Privacy Act.

In accordance with paragraph 71(1)(d) of the act, the designated minister shall:

cause to be prepared and distributed to government institutions directives and guidelines concerning the operation of this Act and the regulations;

The head of the institution is responsible for ensuring that the institution complies with the act, regulations, and policy in its day-to-day activities and for decisions made under the act.

The Privacy Commissioner has the authority to investigate the collection, use, and disclosure of personal information under the control of federal institutions. In this context, the commissioner is empowered to monitor the use of the SIN in data matching activities of government institutions.

Parliament has the ultimate responsibility of establishing the balance for determining how best to protect the privacy rights of individuals when using their personal information and ensuring the optimum delivery and accountability of government programs and services.

The tension between these objectives has been reflected in the debates since the inception of the social insurance number and continues to arise as a result of the ongoing development of sophisticated technologies.

In conclusion, I wish to state that the Treasury Board Secretariat will continue to assist stakeholder institutions in assessing the privacy implications of their use of the social insurance number in data matching activities.

Should the government determine that reform of the Privacy Act is necessary, the policy framework governing use of the social insurance number and control of data matching activities would be reviewed accordingly. In this process, the Auditor General's report would be a valuable source of information in developing solutions to these issues.

Thank you.

The Chair: Thank you, Mr. Sinclair.

Ms. Elizabeth Sanderson will be our next presenter.

Ms. Elizabeth Sanderson (Senior General Counsel, Public Law Policy Section, Department of Justice): Thank you.

My name is Elizabeth Sanderson. I'm with the public law policy section of the Department of Justice, and I've brought along my colleagues: Brian Jarvis, who may be able to help us out in answering some of the other questions you may have, and Lita Cyr, who is with the advisory group at the Department of Justice that provides advice on the privacy and access to information acts. We're very happy to accept your invitation to answer your questions.

I just wanted to start with a point about the mandate of the Department of Justice. Unlike other departments, we do not have any direct policy or program responsibility in relation to the SIN. The minister does play a supporting legal advisory role and has policy responsibility, and some operational responsibility, for the Privacy Act. She also has a supporting role now vis-à-vis Mr. Manley's lead on the recent initiative on Bill C-54 dealing with data protection in the private sector.

I thought for today's purposes what would be most useful for me to mention is to refer to the data protection legislation, Bill C-54, because in our view, it may address some of the concerns I've heard this morning and we suspected you'd be raising today.

Bill C-54 was introduced on October 1 in the House of Commons. One of the recommendations in the Auditor General's report, 16.99, deals directly with the protection of the SIN number in the private sector. It says:

The government should seriously consider conducting an assessment of the impact and extent of private sector use of the Social Insurance Number, and use the upcoming privacy legislation as an opportunity to address long-standing concerns about related privacy issues.

• 1250

In the government's response to this recommendation, we indicated that we believe Bill C-54 will address the issue of unnecessary collection and misuse of personal information in the private sector, including the use of the SIN number, because the SIN would come within Bill C-54's definition of personal information and would therefore be caught by the bill's provisions covering the collection, use, and disclosure of personal information.

It's also worth noting that a provision of the bill requires a five-year parliamentary review of the bill's operation and specific provisions.

After hearing the questions you have this morning, I thought it might be useful to give an example of a provision in Bill C-54 that might address some of your concerns. I was mindful of the example of being required to give the SIN number at the IGA for some unnecessary purpose.

One of the provisions in the schedule attached to Bill C-54 deals specifically with requiring the consent to use personal information. Let me read the provision, and then you'll understand what it's getting at. It reads:

An organization shall not, as a condition of the supply of a product or service, require an individual to consent to the collection, use, or disclosure of information beyond that required to fulfil the explicitly specified, and legitimate purposes.

It seems to us that would address the sort of concern where organizations require individuals to consent to the use of personal information, including the SIN, to obtain a service or a product. That's the sort of thing that Bill C-54 would get at, and as we say, the SIN would be covered by the definition of personal information.

Beyond that, I'd be happy to answer any questions you have.

The Chair: Thank you.

Before we start with our round of questioning, if I may ask a point of clarification, you mentioned that in Bill C-54 consent is needed for use of the information. Could you highlight some of the penalties attached to abuse and misuse?

Ms. Elizabeth Sanderson: There's a penalty provision. I want to say from the beginning that Industry Canada has the lead on this, so the real policy experts are with that department, and you may want to hear more from them. I thought it might be useful for today's purposes that I address the previous speaker, but you may wish to have additional hearings with colleagues over there.

There is a provision in Bill C-54. It's a penalty provision.

Bill C-54 will be enforced through the Privacy Commissioner's Office. Complaints would be made to the Privacy Commissioner the way the federal Privacy Act is currently enforced, so it would be an extension of their current mandate. So if an individual felt their rights under the Data Protection Act were abused, they could make a complaint to the Privacy Commissioner and the same sort of process would be followed. That's the first level of enforcement.

Beyond that, there is a penalty provision, clause 28, and it provides some of the standard language that anybody who knowingly contravenes subsection 8(8) or obstructs the commissioner in his deliberations is guilty of an offence punishable on summary conviction and a fine up to $10,000, or by way of an indictable offence, up to $100,000. So it's a hybrid offence.

The Chair: Thank you.

Does Bill C-54 address data matching? Is there a provision within Bill C-54 that adequately deals with someone who abuses?

Ms. Elizabeth Anderson: It doesn't directly address data matching per se, but it does deal with the collection and use and authorized use of personal information.

The Chair: Thank you.

Mr. Johnston.

Mr. Dale Johnston: Thank you, Madam Chair. I was certainly delighted to hear Mr. Phillips' presentation, and I agree with his libertarian sentiments in that there seems to be very little benefit to the person who actually has the SIN number.

I wonder if he'd like an opportunity to enlarge upon his knowledge or enlighten us as to how they use systems where they simply don't have a common identifier like this. You mentioned Great Britain, New Zealand, and Australia.

• 1255

Mr. Bruce Phillips: I am quite sure that in Britain, Australia, and other jurisdictions where they do not have a national ID card—for which I think the term “common client identifier” is a euphemism, if you want my frank opinion, because unless we have the most carefully circumscribed uses of any new ID system, we'll get the same situation with that as we have with the SIN—they have various other forms of identification, or certification of entitlement; let me put it that way. A driver's licence is a certification of your entitlement to drive an automobile or to operate a vehicle under the circumstances prescribed on the licence. Nobody has any objection to those documents. I don't, and I'm sure most other people don't.

But a common client identifier, or a national ID card, is a general purpose, proof-of-identity system that has all the elements that lead to such things as internal passports. Any tram conductor who speaks authoritatively enough can demand the production of that kind of card.

The use of cards for modern practices should not be carried to the point where we put aside all of the ancient obstacles that have been erected to protect the citizen from excessive surveillance either by the state or by private organizations. So the card itself, or whatever the document is, has to have very carefully prescribed uses that could be changed not by bureaucrats operating under regulatory power but by the legislature of the day. We are dealing here with something that is so important, I think, to our basic values of society and the kind of society we want to preserve, that bureaucratic changes to this sort of thing should not be permitted. It should require an act of Parliament to decide if there will be any erosion of your right to a private life. It has been the habit in the last 15 years—10 years since I've been associated with the Office of the Privacy Commissioner—for many changes to take place without any particular reference to Parliament.

Reference has been made here to the data match policy, and I think we should be grateful to Mr. Sinclair for a very expert and professional outline of the existing regime. But it has been our experience that there are many weaknesses in our data match policy. We are required to be notified of data matches and to offer an opinion, but we have no authority to stop one, even if we don't like it. Furthermore, I'm not at all convinced that all departments refer their data match proposals to us. We don't have any evidence to that fact, except for the very small number of data matches that are brought to our attention contrasted with what we think to be the very large number that are going on. The SIN number figures, of course, in data matching, but it is not central to the problem.

I would like to see this committee broaden the focus of its study to get beyond the SIN issue and to examine the issue of the extent to which the state ought to be intruding upon its citizens' lives by advocating, using, or implementing new forms of identification that constitute another form of surveillance.

If I may be allowed a brief digression here, I want to refer this committee to a case with which we are currently contending—which is not, strictly speaking, a SIN issue, although SIN is a feature of it, possibly, but it is a data match issue—in which Revenue Canada and the Department of Health have combined using databases that were constructed for specific purposes, for a totally unrelated purpose, and I'm talking about the E311 Customs case.

• 1300

If any of you are familiar with it, forgive me for giving a brief repetition of what this case is all about. All of you, I'm sure, are familiar with the little card you fill in when you fly back to Canada from a holiday. You say how long you've been out of the country and how much money you've spent. That goes to Revenue Canada Customs for the legitimate purpose of determining any duties that may be owing to the exchequer while you were out of the country.

Some bright young lad in HRDC decided that it would be a very useful device to capture people who might not have been in compliance with all of the regulations pertaining to the collection of unemployment insurance benefits, which is to say we can find out who was out of the country and collecting unemployment insurance when they should have been in the country reporting for work every day. You can do that, certainly, if you put those two databases together, the list of unemployment insurance claimants and the list of people who have been out of the country.

In my opinion, that was a gross misuse of information that was collected for one purpose being used for a totally unrelated purpose without the consent of the people from whom the information was collected, which is stipulated in the Privacy Act. It's the bedrock of respect for people's privacy rights. The information is taken on trust by the Government of Canada for a specific purpose. Citizens recognize the need for that, and they give it up. They trust the government not to misuse it, now fortified by a privacy statute that says you're going to have to keep your word.

But the bureaucrats got together and said, gee, this is a good idea, and they did it. I haven't the slightest doubt that they caught some people who were in violation of their unemployment insurance terms. But to do that, they had to go fishing around through the records of millions of totally innocent people.

I invite you to contemplate what's involved here. That is, in my opinion, if I could use a rather crude analogy, the same as a policeman coming through your front door and saying, there has been a crime committed in the city of Ottawa, and we're coming in here in case it might have taken place in this room, without any permission, without any notice, without any consent.

That is the danger of unrestricted data matching. That case is now in court, by the way. We're contesting it.

I think it is the kind of thing that I would like to see this committee, of all committees, given your mandate, consider as to how much more of this we're going to tolerate. ID systems are an integral and important part of that question. I was very glad to hear—I think I may be repeating myself—the previous witness say that any consideration of a common client identifier, a.k.a. a national ID card, should involve a very thorough public debate. I certainly hope you will encourage that debate, before we go down that very slippery slope.

The Chair: Mr. Johnston.

Mr. Dale Johnston: I am going to defer to my colleague.

The Chair: Mr. Vellacott.

Mr. Maurice Vellacott: My question could be directed either to Bruce or Ian. It may have been stated here before, but what were the government departments that SIN was first intended for? Are we looking at unemployment insurance?

Mr. Bruce Phillips: It was CPP, OAS, and unemployment insurance, I think. Is that right, Ian, for the first three?

Mr. Dale Johnston: And Revenue Canada.

Mr. Bruce Phillips: And Revenue Canada, but that came later.

Mr. Maurice Vellacott: The initial three were CPP, OAS—

Mr. Bruce Phillips: And unemployment insurance.

Mr. Maurice Vellacott: Revenue Canada then came in about how long ago?

Mr. Bruce Phillips: It came in a little later, after several years. In fact, it's a very interesting and amusing historical item, because the then Prime Minister, Mr. Pearson, was challenged in the House by the leader of the opposition to give an assurance that it would never be used for Revenue Canada purposes, and Mr. Pearson said, certainly not. I think it was only about three years later that Revenue Canada did hook onto the system.

Mr. Maurice Vellacott: Right.

To follow up on that, Mr. Phillips, with these new matching programs, if I understand you correctly, it's kind of a done deal. There's really nothing you can do other than to raise your concerns about it.

To Mr. Sinclair, from your side of things, you have, I take it, some protocol, some format, that requires justifying doing that. What kind of a procedure do you have before it gets dished off to Mr. Phillips' office?

• 1305

Mr. Ian Sinclair: It is not a sequence of events as you have described them.

Mr. Maurice Vellacott: I think what I'm getting at is whether there are criteria or guidelines.

Mr. Ian Sinclair: Yes. I've tried to frame the policies as falling out from the Privacy Act, because this is the bureaucratic process you're now getting into. Those policies give guidance to the head of the institution in terms of applying the Privacy Act to his particular institution, and the responsibilities of that institution, including such things as some of the programs that have been mentioned here.

If an institution is proposing they use the social insurance number, or if they are going to be engaging in data matching practices, then they are expected to notify the central agency as well as the commissioner's office to that effect. If it is a new program, in the case of program approval being sought or a funding submission, those issues are addressed in the proposal to the Treasury Board. Where most of the instances of that are not happening is with the application of the new technologies, as people are really exploiting the benefit of being suddenly able to take a lot of data and match it, compare it, in ways you couldn't when you had the old manual filing systems.

Mr. Maurice Vellacott: It would be too burdensome or cumbersome in your point of view if in fact...because the Canadian public are never notified in advance. Would there be any merit in having—it's obviously going to take more time—this proposal go forward to the Office of the Privacy Commissioner and be aired there? He states his concerns, or he has no concerns about it. At that point, there may be public outcry or outrage about it or not, but if there's no big concern about it, we have approval. Has there ever been any consideration of that kind of possibility? Could we pursue it in that fashion?

Mr. Ian Sinclair: That is an interesting proposal. One of the things we always view, of course, is the fact of how you would in fact inform the public. It's not a trivial matter. A number of 200 for potential data matches was mentioned. I would have no idea how much activity there is in terms of data matching. Certainly, some of the experience I've had with other programs in terms of notifying the public leads me to the question: who outside of Ottawa is really paying attention?

Mr. Maurice Vellacott: That would be my point, Mr. Sinclair, in the fact that there obviously would be members of Parliament monitoring this stuff pretty closely—committees and that kind of thing. And if in fact there were expressions of concern by the commissioner, that would raise the alarms and people would scrutinize it, and then possibly from there... I'm not talking about putting it in some obscure gazette or journal, or something like that, or on the Internet. But where the Privacy Commissioner is raising concerns, we would find out about it, and then there's a whole thing that kicks in at that point.

I would be interested, Mr. Phillips, if you would respond to that and tell me whether that's ever been proposed. It would take more time, but if it's in the interest of the Canadian public, and on their side in protecting the privacy rights, would there not be some merits to that kind of approach?

Mr. Bruce Phillips: I certainly think all data linkages and data matches should be subjected to a privacy impact assessment by the Office of the Privacy Commissioner. I think Mr. Sinclair would agree with me that is the general intent of the existing Treasury Board policy. I am not at all certain that policy is being respected by all the departments. Some of the provincial privacy commissioners have the authority to block data matches. I do not; I can only comment.

Whether my observations should be a subject for publication is an interesting point. I would be only too happy in the case of serious objections to make them available to Parliament, if that were Parliament's interest. I can tell you those data matches that are proposed to us usually wind up with a long series of discussions and negotiations between my office and departmental officials in an effort to find a modus vivendi. Objections have been removed. They have improved many of them that we have seen, to make them, if not completely inoffensive, at least a good deal less offensive.

• 1310

Nearly all these data matches, to be practical, really involve bending the rules a little bit, because the Privacy Act stipulates as one of its basic principles that information collected for one purpose shall not be used for an unrelated purpose without the consent of the individual to whom it relates. Most of these data matches in one way or another seek to get around that problem.

We're practical. We want to see the government improve its efficiency, and we try to help them in dealing with these issues. But there have to be lines drawn in the sand from time to time, and we've drawn a couple. I wish I had the authority, when I feel that the offence against good privacy practices is altogether insupportable, that I could block it by saying no, you can't do this. I don't have that authority. Some provincial commissioners do. But absent that, and absent the more rigorous respect for the existing guidelines requiring consultation with my office, I don't think the policy is all that bad.

Mr. Maurice Vellacott: I think Mr. Hodgins was wanting to get in.

I could see that you were just chafing to get at this one. Do you have a quick response on that? In effect, we're almost hearing that this is almost skirting the law, or at least the original intent of it, and I know we've worked around that. What is your response?

Mr. Ross Hodgins (Senior Policy Officer, Information Policy Division, Chief Information Officer Branch, Treasury Board of Canada): I just wanted to clarify your question on whether we have policies and guidelines. Yes, we do. In fact Treasury Board, being sort of the bureaucrat's bureaucracy, has a very thick policy relating to privacy and data protection, a chunk of which relates to data matching activities.

When that policy was put in place, as a result actually of a parliamentary committee's recommendation, we introduced two elements in there that really fortified that code of fair information practices to which Ian referred earlier. The first was that departments and agencies must conduct cost-benefit analysis of the data matching activity and conduct a privacy impact of that activity. The second major element of it was that they must notify the Privacy Commissioner within 60 days of when that match was going to take place. That was intended to respect the Privacy Commissioner's role as being able to make representations should he feel that the privacy of Canadians was going to be seriously impacted. As an agent of Parliament, of course he could in fact do that.

As Mr. Phillips has pointed out, however, he does not have the binding authority his colleagues do in the provinces, so he cannot actually block it. But if the departments and agencies provide the information to him, then he can evaluate that information and make the appropriate representations.

Mr. Maurice Vellacott: He must in some ways feel a bit impotent, needing Viagra possibly. Having no teeth, he can basically try to resist you, but if your intent is to get through this kind of—

Mr. Bruce Phillips: Viagra doesn't work on your teeth, does it?

Mr. Vellacott, I don't feel all that impotent.

The Chair: You're going into uncharted waters here.

Ms. Bruce Phillips: Yes, thank you, Madam Chair. I'll do my best to bear that admonition in mind.

I think I would claim for the existing process that it has improved a number of the data matches that have been brought to our attention. Government departments have shown themselves responsive to the suggestions we make. I do not detect among the many bureaucracies with whom we have done business over the years anything other than a willingness to listen to us and an effort to observe good privacy practice.

The problem really comes when bureaucrats feel themselves under immense pressure—political, parliamentary, or simply their own sense of getting best value for the taxpayer's dollar—to save money and to catch cheaters. Those are laudable objectives; there's no doubt about that. The real issue to me is what price do you pay in these matters. It's very easy for a bureaucrat or a politician to say it is in the public interest to sacrifice privacy because we're going to catch 200 unemployment insurance cheats and we may save the taxpayers $5 million or $6 million. Those are very compelling arguments, and I have difficulty with them. Parliamentarians will ask why we shouldn't save the $5 million or $6 million. I have to say, what do you save first, citizens' rights to private life, or $5 million or $6 million?

• 1315

After all, you can obtain perfect security, perfect order, and a perfectly crimeless regime if you want to put everybody in your country under constant surveillance all day, every day, in every circumstance. And it would be very easy to defend that argument: by golly, look at the money we've saved.

Democracy is always going to have some rough-and-ready edges to it. The price of liberty in a modern technical society frequently involves the acceptance of less than perfect means of operating your bookkeeping.

I like to quote one of my colleagues, the Alberta commissioner, who said “For goodness' sake, let's not have the technocrats take over from the democrats.” Hallelujah. I really do endorse that proposition.

I feel that a great many of the proposals that come forward for data matching, for common client identifiers—a.k.a. a national ID system—are born in the minds of bureaucrats who feel a lot of heat on them to do it more efficiently, for less cost, and who, wittingly or unwittingly, knowingly or unknowingly, or perhaps even having considered it at length, are prepared to accept a loss of personal control of our information in the interests of efficiency.

Efficiency, in my opinion, is not a sufficient justification for the constant erosion of democratic values. We can go on saying let's take these on a case-by-case basis. With UIC, let's balance out the public good against the private interest here, and the public good justifies this erosion of privacy. Well, you can run that right down the system and do it 300 or 400 times and you've not done a balancing act; you have balanced privacy right out of the equation, because it won't be there any more.

That's why now, well into the birth of the information and technology age, people have to start taking a much harder look at what is happening to them. We always think of privacy as being somebody else's privacy. This is a collective problem; all of us are involved in that. It's not just balancing the Sandersons' privacy against the public good, or mine; all of us are involved in this. If we now accept the domination of the computer as the determinant of the way society is going to conduct its affairs, we really now have God coming out of the machine and not out of our own heads.

We have to consider each one of these technological applications in terms of what it does to the essential nature of human interaction. That's what's involved here. Are we going to continue to respect each other as individual, unique, autonomous, free human beings, or simply another bite spat out of a piece of computing machinery? That's the issue. The SIN issue, the common client identifier issue, the unemployment insurance issue all come back to these very simple basic equations: how much farther do we go down the road to making ourselves prisoners of computers?

I'm sorry to sermonize about these things, but I get very few opportunities to make this case to a parliamentary committee. I believe it is of supervening importance at this stage in the evolution of society that we begin to really get on this one.

The Chair: We certainly will be happy to have you back. Our concern right now is how the key issues of privacy, as you've so eloquently championed, don't end up by being information barriers that fuel criminal activity. That's going to be one of our challenges as a committee. But certainly we will have you back.

Ms. Brown

Ms. Bonnie Brown (Oakville, Lib.): Thank you, Madam Chair.

I have a couple of quick questions for Ms. Sanderson and a couple for Mr. Phillips.

• 1320

Ms. Sanderson, you quoted a section of Bill C-54 that suggested that a private enterprise could not request information of a private nature if that information was not in fact necessary to the purpose for which they were gathering it. Earlier, we had the example of a grocery store asking for a SIN, probably for cheque-cashing privileges. You also suggested later that there were penalties in that act of up to $10,000. Would the penalty aspect apply to such a case as the IGA requesting your SIN? If it did, I'm sure it wouldn't be $10,000, but a lesser amount of money. What would be the mechanism that would trigger the investigation and the application of the fine? Would one have to go to court? Would a citizen initiate it? How would it work?

Ms. Elizabeth Sanderson: I think it follows the basic model of the existing Privacy Act. If somebody is offended by that—say, the individual forced to give his or her SIN in order to do something at the IGA—that person can see Mr. Phillips and Mr. Delisle to make a complaint. That matter is then investigated by the Privacy Commissioner's organization.

If the offending body tries to circumvent the investigation during that process, or if the offending body impedes the investigation, that's when this offence provision comes into effect, according to the words “obstructs the Commissioner or the Commissioner's delegate in the investigation of a complaint”. And it's a hybrid offence, meaning that it can either go by way of summary conviction up to a $10,000 fine, or by way of an indictable offence, which carries up to a $100,000 fine.

Ms. Bonnie Brown: But the onus is on individual—

Ms. Elizabeth Sanderson: Yes, it's a complainant-based response system.

Ms. Bonnie Brown: —Canadian citizens, most of whom have no idea that such a process exists or don't know what to do with it. To actually get this thing working in a way that would at least prevent the private sector from asking for the number, you'd have to do a public education campaign.

Ms. Elizabeth Sanderson: Absolutely.

Ms. Bonnie Brown: Okay, thank you.

Ms. Elizabeth Sanderson: And I think there would be public education with the citizens and public education with the companies.

Ms. Bonnie Brown: Exactly, but at least we are now getting something on the books with this new bill.

Ms. Elizabeth Sanderson: In the private sector.

Ms. Bonnie Brown: In the private sector, yes.

Mr. Phillips, I just want to make sure I understand you. You said you would prefer no card, because you're sure the sky will not fall in. You've heard a lot of discussions about that national identifier system, so let me ask you this question. If the SIN card were restricted to government programs; if it had an accurate registry; if there were penalties for its misuse, either by an individual or by a company; and if we had a public education campaign to alert citizens to their right to refuse to divulge it, would you consider a revamped social insurance number, with such conditions attached to it, the least offensive road for us to follow?

Mr. Bruce Phillips: If the government is going to continue to use the SIN—and I can see the utility of a numerical identification system for such things as Revenue Canada tax filing and so on—then the act certainly has to be cleaned up. The suggestions you make seem to be very much in line with the other useful suggestions that have already been put forward.

When it comes to unrelated usages, such as IGA—actually, we shouldn't be too hard on IGA—

Ms. Bonnie Brown: Say Loblaws.

Mr. Bruce Phillips: —it must be made clear in law that any refusal to provide a good or service because of a person's unwillingness to produce a SIN should be an offence. I think that is, somehow or other, the most expeditious way of dealing with that problem. Somebody else may have a different suggestion.

I agree with you that much more public education is necessary, but in the last few years there has been a slow dawning among private sector entities of growing public irritation with constantly being asked to produce a SIN, so a number of companies have voluntarily given it up. So, yes, it is.

• 1325

Ms. Bonnie Brown: I have one more question for you. I noticed that in closing your remarks you were suggesting that we broaden our study beyond the SIN card and to some of these larger privacy issues. I'm aware that the Standing Committee on Human Rights did what I would consider to be a major investigation last year. Certainly, the size of the book they produced would suggest so.

Mr. Bruce Phillips: First class.

Ms. Bonnie Brown: It contained 21 recommendations, but you're now asking us to do a similar exercise. I'm wondering if you were not satisfied with those recommendations. Or would you be satisfied if we, as a committee, looked to those recommendations to monitor what has happened since last April in order to help with their implementation?

Mr. Bruce Phillips: That's a very useful suggestion, in my view.

The Chair: Actually, if I might just add a quick point of information, apparently Parliament dissolved before there was a reply to the report.

Ms. Bonnie Brown: Okay, so it's still sitting here. The point then is that we could pick up all the work they did and ask how this applies to what we're thinking about. But you don't want us to hold public hearings on all this stuff again, like they did, do you?

The Chair: No, I think his suggestion is that we act more expeditiously with the information we have.

Mr. Bruce Phillips: Well, the study done by Mrs. Finestone's committee is a first-class piece of work, I must say. It was extraordinarily wide-ranging and comprehensive in its nature. I am proposing that, because of its topicality, some special attention should be given to the whole subject of a national ID card in order to ensure that Parliament is not behind the curve on this one. There is a fair head of steam building up in various elements of the Government of Canada for getting on with this project, but I agree with the sentiments expressed by the previous witness. Nothing should happen on that side of the issue until there has been a thoroughgoing public debate, and until some sense has been taken of the prevailing sentiment of Parliament and the country at large, because it would certainly represent a dramatic change in the way we're relating to each other. That's all I'm saying.

Ms. Bonnie Brown: Thank you, Mr. Phillips, and thank you, Madam Chair.

The Chair: Thank you.

Mr. Epp, this will unfortunately only be a five-minute round, because we're running out the clock.

Mr. Ken Epp: Thank you. I was going to have as my preamble that I'll easily be finished with Mr. Phillips in half an hour, so I guess I'll have to compress it.

Mr. Phillips, I'm on the finance committee. When we were talking about financial institutions, one of the complaints we heard is that people walk into the banks and cannot cash their cheques because the banks can't determine for sure who they are. How would you solve that problem?

Mr. Bruce Phillips: I think a bank is entitled to satisfy itself about the person tendering a document for whatever purpose. It is entitled to verify the identity of the person, absolutely. But you just heard somebody say that asking for a SIN card is not likely to do that because of the deficiencies of the card.

I have no objection to banks saying to me that if I want their money, I have to show something to prove I am who I say I am. That's a different matter than having a company say it wants your SIN, that it's going to write it down, and that it's going to keep it in company records for company purposes, none of which it is going to disclose to you. One of those purposes is probably to use it to check with other companies, including credit reporting agencies. It becomes a cheap bookkeeping tool for the company's purposes. But if the bank is satisfied with the driver's licence or other credit cards, that's okay. Nobody can object to that.

Mr. Ken Epp: Okay. Let me ask you another question. There are people who don't drive cars, so they don't have a driver's licence. The social insurance number is no ID at all for people—and there are many of them. I was amazed at how many we heard from. We heard from groups who represented poor people, and sometimes from people on welfare and people who are isolated and can't have access to this. If the Government of Canada were to offer to provide to anyone who wants it, on a voluntary basis, a national, universal ID card that will be assured, would you have objections?

• 1330

Mr. Bruce Phillips: The Government of Canada already offers such a card that is suitable for that purpose.

Mr. Ken Epp: And it is?

Mr. Bruce Phillips: It's the Canada citizenship card. And the provinces also offer a card suitable for that purpose. It's called a birth certificate.

Mr. Ken Epp: But it's not a good ID card. It's easily forged.

Mr. Bruce Phillips: I see. Well, let me put it to you this way, then: whatever deficiencies those cards may have could equally apply to any other kind of card, no matter what you call it. Everything therefore depends on the design of the card.

Mr. Ken Epp: We're thinking of a pretty high-tech card, though. We're thinking of something that really solves that problem.

Mr. Bruce Phillips: Can't you do that with your citizenship card?

Mr. Ken Epp: I suppose you could, sure.

I have a further question for you. Somebody goes across the border, buys some things, comes back, tries to avoid the taxes or whatever. Meanwhile, I'm saying I'm available for a job. There are thousands of students in this country who can't get UIC because, when they're students, they don't qualify under the employment insurance provisions. The person I was talking about a minute ago is a person who goes down to the States for a holiday and then comes back. By doing a little bit of data crossing, they're able to catch that person. Do you really object to that?

Mr. Bruce Phillips: What I object to is people rifling through my files without probable cause.

Mr. Ken Epp: But that's a probable cause. They're looking for people who do this type of thing.

Mr. Bruce Phillips: Not me. I haven't even been out of the country, but some bureaucrat is going through my—

Mr. Ken Epp: But you don't match, so there's no problem.

Mr. Bruce Phillips: Exactly. I don't want policemen coming through my front door unless they have a damn good reason to do it. That's what I'm saying.

Mr. Ken Epp: I agree with you on that.

Mr. Bruce Phillips: I don't want to get involved in a long debate about UIC regulations, but I might say that we have had hundreds and hundreds of complaints on this particular issue. Some of these cases are very interesting, and they raise good questions about the utility of a regulation as vague as the one the UIC now has in force with respect to people being out of the country. On the one hand, they're only too happy to use modern technology to go through files—including those of everybody sitting around this room—to see whether somebody none of us knows has contravened the UIC regulations. On the other hand, they're not prepared to use modern technology to examine the way people behave these days. You can leave this country, go 10,000 miles away, and be available for work in 24 hours. We have a number of complaints that have come to us from people who have been caught in this system. They really make the way the thing is being administered look pretty silly. But that's a whole different issue.

What I am sticking to here, sir, is a defence of long established, deeply embedded principles in the administration of justice in this country, one of which is that you don't go on fishing expeditions to get evidence about people. The government could always make the case, “Well, if you have nothing to hide...”. There is the slippery slope: if you have nothing to hide, you have nothing to fear. That's not the point. The point here is whether governments are going to have the power to go rifling through masses of personal data that they have collected on trust from us, the Canadian citizens, on behalf of the very few numbers among us who may have broken the law. I say no. I say that is a breach of a long-standing principle in our system, and we shouldn't tolerate it.

Mr. Ken Epp: Madam Chair, I shall exercise self-discipline and quit. I actually quit at 4 minutes, 18 seconds. It was Mr. Phillips who went overtime.

Some hon. members: Oh, oh!

The Chair: I'm impressed.

Mr. Bruce Phillips: I'm sorry, I'm the worst for that.

The Chair: This has been an enlightening round.

If I may very quickly add a supplementary to Mr. Epp's question, notwithstanding the very valid and valuable points you make with respect to privacy, we do have a system that has become a weapon to defraud government and to rob ordinary citizens of their identity in some cases. In the cases in which a SIN is abused, and in the cases in which we can use that number to flag a more serious threat to privacy through data matching—and I speak from personal experience, because my husband's SIN card was fraudulently used. I guess my question is really to Treasury Board, who has been sitting there very patiently as you make your valuable points. In these cases, how hard would it be to have a system of informing people, for instance, who want to be informed each time their SIN number is used fraudulently? How hard would it be to set up a system, for instance, much like the credit card companies have in use?

• 1335

Mr. Ian Sinclair: My understanding is that the administrators of the SIN very much appreciate if the holder of the SIN number is aware of the fact that their number has been taken, the card has been stolen, or whatever. In instances where you, as the number holder, as the client, are unaware, then there is indeed a problem.

I don't want to speak for HRDC, but once again, I believe where they intercept fraudulent use of such numbers is when someone uses that number to try to avail themselves of a benefit they may not be entitled to. They do this on the basis of something that becomes very apparent, where you have someone who is 25 years of age and is applying for an old age benefit, for example.

That's a very superficial answer to your question, but I think HRDC, as well as the administrators of the programs, can better answer you in terms of how they detect such fraud.

The Chair: I guess I'm thinking out loud, but what protection does my husband have, for instance?

I notified Human Resources. I notified the police, who told me that there's pretty well no point in even arresting the individual or going to see him.

What's the sequence of events for someone who has had his identity taken, and what protection does my husband have 20 years down the road if this individual decides to reactivate? He could, if he's a wily, clever individual, as we've heard earlier that such people do exist. He could access our bank accounts; he could access any of our personal files using this number. What recourse does the individual have?

Mr. Ian Sinclair: From an administrative point, there is a social insurance registry, which is maintained by HRDC. That number, of course, is used for the 20-odd other programs in government.

In terms of what happens 20 years down the road, it's the same situation as if your credit card is stolen and someone decides not to activate it for a long period of time. You are at risk, and that is one of the reasons—

The Chair: That's an invasion of privacy that I am concerned about personally.

Mr. Bruce Phillips: False identity? Yes, it's about as serious as it gets.

The Chair: Yes, it is a more serious one.

Mr. Bruce Phillips: Let me put it to you this way. I don't think there is any perfect answer to any of these things, but certainly the system under which these things are issued, the record that is kept, all of these things, could, should, and must be tightened up, but we're not going to solve that problem by issuing an even more comprehensive card that has to be produced for a larger variety of purposes.

The Chair: Thank you. We're getting very witty here. We're SIN-less, then.

Mr. Wilfert, you have the last round of questioning.

Mr. Bryon Wilfert: Madam Chair, Rousseau, the great French philosopher, in 1755 wrote the social contract, the issue being the relationship between the governed and the governors. It was not in that work, but I do remember him saying basically that protecting the public interest is often done at the expense of individual liberty.

There's no question, and I think Mr. Sinclair mentioned in his brief the fact that we have responsibility here to try to establish a balance between the privacy of the individual and delivering government programs. Obviously, if we were going to redo the SIN program, what would be the purpose for doing so? I think we've had some ideas here. What objectives do we want to set for that program? What kind of a system, then, would we design in order to balance this issue of delivery of program versus individual rights? How do we police it so that we don't get back to the situation we are currently in? And of course there is the issue of penalties.

• 1340

The fact that we have so many here today, including the other three gentlemen who are here, means it's not all under one roof, which is in itself a concern to me. Too many cooks spoil the broth. We have four government departments at least, we have the Privacy Commissioner—we have a difficulty here.

The public of course doesn't like to see abuse of the kind where, for example in Quebec, the government issued a new health card and 75,000 people didn't reapply. Now that's great. But the problem then is, how did they do that?

I know in the 1980s the government in Massachusetts went through the individual records of welfare recipients, then went through bank accounts and were able to match up who was defrauding the State of Massachusetts. That's very laudable, but the question then is, as you say...

Mr. Phillips, you're speaking like a 19th century classical liberal, and I must say many of us have veered away from that in many respects. But in fact that is classical liberalism, the issue of individual liberty. So I would agree with you that the issue of SIN is simply the tip of the iceberg.

When I hear that in 1987 there were recommendations on criminal offences dealing with the misuse of SIN... I was in a committee the other day where I pulled out a report that was six years old, and the same issues and recommendations were dealt with six years ago. I have better things to do than sit around and rehash. Unfortunately, we create all these wonderful documents—and this is probably a lovely document, which I haven't read, and it probably has great ideas—but whatever happens?

So I'd like us to look very clearly at a debate on it. I'd like to see us look at whether we're going to design a system, and what the objectives would be. I'd like to know why it would take all this valuable time of all these individuals. Put it under one house and let's deal with something. Let's have the debate we perhaps should have had 20 years ago, or maybe in 1964, about where we're going. Efficiency is great. On the other hand, it can be expensive. I'm not just talking dollars; I'm also talking in terms of liberty.

I guess my major question is why does it take so many cooks to deal with this one issue? What about the centralization of it, and what about the idea of creating a system in which we have to have very specific rules and regulations? I think we need, not to fix it, but to start over again.

Maybe in terms of identification... Bank teller machines are great, but you can also then tell... If you want to use it, people could have an idea where you've been at any particular time, how much money you've taken, and what you're buying. I mean, convenience is great, but what do we give up?

The Chair: Would anyone like to venture an answer or a comment?

Ms. Elizabeth Sanderson: As a public servant and a member of the Department of Justice, I thought I'd just comment on why it takes so many cooks to make the broth. There are some responsibilities that are brought to the study of the SIN and trying to assess the balancing of values and interests that no one department can deal with.

For instance, my minister is responsible for giving the bottom-line opinions on whether or not we're respecting the charter. The charter would be smack in the middle of any discussion about the use of a national identifier. Section 8 protects against unreasonable search and seizure, and if there's a risk of something like this, or if it involved section 7, the right to life, liberty, and security of person, she would have to be part and parcel of that discussion. But we cannot then be the administrative arm, we don't have the skill sets to administer such a card, so we'd look to our colleagues at Treasury Board or HRDC. So already, we're invariably going to have more than one, just because of the nature of it.

Mr. Bryon Wilfert: You have Treasury Board dealing with the responsibility for setting policy and guidelines, you have the Privacy Commissioner, who is of course concerned with the Privacy Act implications, you've got HRDC... The fact is with so many people and so many bureaucrats all tripping over each other...

The Chair: I'd like to add a quick question. Do HRDC's actions regarding data matching fall within the Treasury Board guidelines?

Mr. Ian Sinclair: All federal institutions do. But as we all know, in terms of policy and guidelines, how effectively they're followed is another question.

The Chair: You've all been very patient. We've overkept you, and obviously we could easily keep you here for the next month.

• 1345

I think it's important at this juncture to ensure that we have on record a specific response to each of the questions the Auditor General provided. We don't have time to delve into the eight recommendations, but it would be helpful if you could provide us with a departmental response to what the Auditor General recommended. It was remiss of me, because I should have asked the same of the Human Resources Department, so we'll also be following up with them in writing.

So I really appreciate your patience, your indulgence, and certainly it's been one of the more interesting meetings we have had.

Thank you all for coming.

The meeting is adjourned.