Federal agencies fumble privacy safeguards on asylum system revamp, risking refugee data

2025/09/09 Leave a comment

Sigh….:

Three government agencies that partnered on a $68-million project to revamp Canada’s asylum system failed to complete mandatory privacy safeguard tests for years while the project was being implemented, CBC News has learned. 

The lack of privacy protections raises “red flags,” lawyers say, and may have put refugee claimants’ data and applications at risk.

Immigration, Refugees and Citizenship Canada (IRCC), the Canada Border Services Agency (CBSA) and the Immigration and Refugee Board (IRB) worked together on the “asylum interoperability project,” which would transform the asylum system into a more efficient digital one and address the ever-growing backlog of pending asylum applications, which currently sits at more than 290,000.

Earlier this year, CBC reported that the project, which launched in 2019, had been prematurely shut down in 2024 in what CBSA called an “unexpected” move.

Now, documents obtained through access-to-information legislation show there were “outstanding” privacy impact assessments (PIA) for the project, which was quietly scrapped when it was only 64 per cent complete.

According to a government digital privacy playbook, a PIA is a “policy process to identify, assess, and mitigate potential privacy risks before they happen.”

“All these steps need to be completed before the launch of the initiative,” that guide says.

Even though the interoperability project has now been scrapped, it implemented changes to how data is collected digitally and used — meaning that the completion of PIAs remains an essential part of that risk identification process, said  Andrew Koltun, an immigration and refugee lawyer who also practices privacy law.

The departments told CBC over email, however, that the privacy assessments are still incomplete. IRCC said it’s currently drafting its portion of the PIA and expects it to be done by the end of 2025.

The fact they still aren’t finished, Koltun said,  raises “a lot of red flags.”

Source: Federal agencies fumble privacy safeguards on asylum system revamp, risking refugee data

Filed under Immigration Tagged with , , , ,

Unknown's avatarAbout Andrew
Andrew blogs and tweets public policy issues, particularly the relationship between the political and bureaucratic levels, citizenship and multiculturalism. His latest book, Policy Arrogance or Innocent Bias, recounts his experience as a senior public servant in this area.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.