Breach within Global Affairs affected minister’s office in 2017-18, sparked report to privacy commissioner – iPolitics.ca

by admin ·

Sometime during the 2017-18 year, a breach took place within Global Affairs Canada that affected a federal ministers office, and warranted a report to Canadas top privacy watchdog, newly tabled documents reveal.

Global Affairs disclosed the breach as part of a response to an order paper question from NDP MP Charlie Angus. The response, which was tabled earlier this month, is sparse on detail but specified that just one individual in a ministers office had been affected by the breach that took place that year. The Prime Ministers Office was included among the category of ministers offices for Angus question.

READ MORE: SNC-Lavalin probe, Obama endorsement and bed bugs? Here are the latest Order Paper queries

The breach was not known to have led to criminal activity, federal officials wrote back to Angus.

They did not specify which individual was affected at the time. In 2017-18, now-deputy prime minister Chrystia Freeland was serving as the federal minister for foreign affairs, Marie-Claude Bibeau as minister for international development and Franois-Philippe Champagne as minister for trade.

The summer of 2017 thrust the global affairs portfolio into the spotlight, as it included the start of negotiations over a new North American free trade agreement then called NAFTA, now known as USMCA. A government official told iPolitics on Thursday that the reported breach was unrelated to the negotiations.

A privacy breach was defined in the question as improper or unauthorized collection, use, disclosure, retention or disposal of protected personal information, including both hard copies and electronic data.

Global Affairs was asked several questions about the breach by iPolitics on Thursday morning, including what information was involved and whether Freeland, Bibeau or Champagne were affected by the breach. A response was not provided to iPolitics inquiry by the time of publication on Thursday.

The privacy commissioners office, meanwhile, told iPolitics that Global Affairs Canada had reported three privacy act breaches to their office during the 2017-18 fiscal year but declined to provide details, including the outcomes of the three reports, with spokesperson Vito Pilieci citing restrictions under the federal privacy act. The commissioners annual report to parliament for 2017-18 notes those three reported breaches.

Angus order paper question had asked the federal Liberals to break down exactly how many data, information or privacy breaches had occurred and affected Ministers offices, inclusive of the PMO, since they took office for their first term in November of 2015. The time period covered extended out to February 19 of this year. Angus requested a breakdown of incidents according to ministers office, number of individuals affected, year, and how many breaches were known to have led to criminal activity such as fraud or identity theft with no departments indicating in their responses that the latter had happened.

Several departments reported breaches with two breaches affecting ministers offices reported by the privy council office from 2017 and 2018; one breach reported by Public Services and Procurement Canada from 2019; and one breach reported by the department for Women and Gender Equity from 2019. None of the breaches aside from the incident involving Global Affairs were flagged to the commissioner.

READ MORE: Latest batch of House order paper replies shows the art in asking (and answering) written questions

Not all departments provided answers. The Department of National Defence cited the upheaval of work arrangements due to the coronavirus as an explanation. Due to the unprecedented COVID-19 situation, public servants are required to work remotely and have limited access to the tools and files required. At this time, National Defence is unable to prepare and validate a comprehensive response, DND wrote.

Employment and Social Development Canada also declined to answer Angus question for their part, citing both the privacy act as well as policies and guidelines from the Treasury Board. Ministers Offices do not fall within the definition of a government institution, ESDC wrote in their response.

The federal government has previously refused to disclose publicly whether the PMO or most cabinet ministers offices had experienced privacy breaches, as reported by The Logic earlier this year. The outlet noted in January that federal privacy commissioner Daniel Therrien didnt have jurisdiction over those offices, leaving the public in the dark about potential information compromises within them.

The feds pledged a review and modernization of the nearly four-decade old Privacy Act in 2016. That year, the Standing Committee on Access to Information, Privacy and Ethics conducted a study and issued a report, in which Therrien recommended that the Privacy Act be amended to cover all government institutions including Ministers offices and the PMO. There is personal information held in ministers offices and the PMO that is extremely relevant to service delivery and how rights are delivered, Therrien was cited as saying. It shouldnt matter whether the information rests in the bureaucracy or in a ministers office if its the same kind of information that can potentially be used for the same statutory purposes.

The idea was backed by a number of witnesses who participated in the committees examination process, as well as by the committee itself. (The governments response, written by then-Justice Minister Jody Wilson-Raybould, did not commit in their response to any specific recommendations.)

There is personal information held or could be held in these offices that is not currently protected, Chantal Bernier, the former interim privacy commissioner for Canada, argued in the 2016 report. When you look at the fact that the government in power, the ministers, the Prime Minister, do exercise the powers of government, they should be held to the standards of the Privacy Act to collect, use, or disclose that information.

More from iPolitics

Go here to read the rest:
Breach within Global Affairs affected minister's office in 2017-18, sparked report to privacy commissioner - iPolitics.ca

Related Post

Comments are closed.