The Privacy Act defines “administrative purposes” to be the use of an individual’s personal information in a decision making process that directly affects that individual.
Confidentiality
The Policy on Government Security defines confidentiality to be the attribute that information must not be disclosed to unauthorized individuals, because of the resulting injury to national or other interests, with reference to specific provisions of the Access to Information Act and the Privacy Act.
Government information
Information created, received, used, and maintained regardless of physical form, and information prepared for or produced by the Government of Canada and deemed to be under its control in the conduct of government activities or in pursuance of legal obligations.
Information management
A discipline that directs and supports effective and efficient management of information in an organization, from planning and systems development to disposal and/or long-term preservation.
Management of information
An element of every job function in the Government of Canada that has to do with treating the information used or produced in the course of performing job duties as a strategic business resource and in line with legal and policy requirements.
Personal Information
Information about an identifiable individual as defined in Section 3 of the Privacy Act. This definition, although lengthy, is not exhaustive, as indicated by the introductory phrase, “including, without restricting the generality of the foregoing” that appears prior to the list of examples. Information that is not specifically mentioned in the list of examples may still be included in the definition of personal information if it qualifies as “information about an identifiable individual”.
Personal Information Bank
A collection or grouping of personal information under the control of a government institution which has been used, is being used or is available for use for an administrative purpose, or is organized or intended to be retrieved by the name of an individual or by an identifying number, symbol or other particular assigned to an individual.
Privacy
The OPC describes “privacy” as meaning “...the right to control access to one’s person and information about one’s self. The right to privacy means that individuals get to decide what and how much information to give up, to whom it is given, and for what uses.”
In 2008, the Canadian Radio-television and Telecommunications Commission (CRTC) launched the National DNCL pursuant to the Telecommunications Act, SC 1993 c 38 (in particular the regime regarding unsolicited telecommunications set out in sections 41 and 72.01). At the time, Bell Canada was appointed as the National DNCL Operator following a public consultation process and contracting process which began in 2006. The National DNCL Operator was responsible for creating, implementing and operating the DNCL database or information system.
The information collected by the CRTC and the National DNCL Operator relating to the National DNCL necessarily includes personal information. This information is essential for the CRTC to meet its statutory mandate in respect of unsolicited telecommunications as set out in the Telecommunications Act and the Unsolicited Telecommunications Rules (the Rules). Pursuant to the Privacy Act, and in keeping with the CRTC’s commitment to ensuring Canadians’ privacy rights are respected, the CRTC created a privacy impact assessment (PIA) and personal information bank (PIB) in relation to the National DNCL. As well, the National DNCL Operator created a PIA. In 2013, this delegation was extended, so Bell Canada operated the National DNCL for another five-year term.
In 2017, the CRTC delegated the ability to operate the National DNCL to Raymond Chabot Grant Thornton Inc. (operating as Oxaro as of 1 July 2023) effective 15 January 2018. On 11 October 2022, the CRTC extended RCGT as the National DNCL Operator for a total of 5 years, until 17 October 2027.
The development of a renewed PIA was prompted by the appointment of the new National DNCL Operator in 2017, the renewal of the National DNCL Operator contract in 2022 and changes in the CRTC’s DNCL systems and National DNCL Operator’s systems and processes established initially in 2008.
Objective of the National DNCL PIA
The CRTC’s renewed PIA report examines the privacy-related issues surrounding the National DNCL as it relates to the CRTC, and in view of the changes in the CRTC’s DNCL systems and National DNCL Operator’s systems and processes established initially in 2008. It examines the CRTC’s associated compliance and enforcement activities including but not limited to collection, retention, use and disclosure of personal information received from the National DNCL Operator. The initial and renewed PIA reports were developed independently by the CRTC. At the same time, a PIA was conducted by the National DNCL Operator in 2017, as well as an updated National DNCL Operator PIA Final Report in 2023. The renewed reports include updated risk assessments and recommendations, associated with the contract for service for the National DNCL Operator, pursuant to Treasury Board of Canada Secretariat policies and guidance and a review by the Office of the Privacy Commissioner of Canada.
Description of the National DNCL Program
The CRTC established the Rules to administer its mandate in respect of unsolicited telecommunications. The Rules include directions concerning telemarketing, the National DNCL and automatic dialling and announcing devices. Regarding the Rules, personal information about individuals, telemarketers and telemarketer account managers is described in the PIB. Personal information of individuals may include the name, mailing address, e-mail address, language preference, and telecommunication number associated with a home phone (i.e. landline) service, cell phone or wireless (i.e. mobile or satellite) service, VoIP service, or a fax machine. It may also include information related to a complaint about a telemarketer, including the name and/or number of the telemarketer, date of the telemarketing call, the nature of the call, and comments related to the call. Personal information of telemarketer individuals and telemarketer account managers may include their name, address, business contact information, language preference, description of telemarketing activities, telecommunications numbers used, names used/displayed while making telemarketing calls, and calling logs.
Conclusion
With existing CRTC safeguards and procedures, as well as those in place by the National DNCL Operator, the National DNCL is being operated in a manner which respects and maximizes the privacy of individuals implicated in the National DNCL.
Risk Area Identification and Categoriation
a. Type of program or activity
Description
Risk Level
Rating
Program or activity that does NOT involve a decision about an identifiable individual
1
1
Administration of Programs / Activity and Services
2
2
Compliance / Regulatory investigations and enforcement
3
3
Criminal investigation and enforcement / National Security
4
b. Type of Personal Information Involved and Context
Description
Risk Level
Rating
Only personal information, with no contextual sensitivities, collected directly from the individual or provided with the consent of the individual for disclosure under an authorized program.
1
1
Personal information, with no contextual sensitivities after the time of collection, provided by the individual with consent to also use personal information held by another source.
2
2
Social Insurance Number, medical, financial or other sensitive personal information and/or the context surrounding the personal information is sensitive. Personal information of minors or incompetent individuals or involving a representative acting on behalf of the individual.
3
Sensitive personal information, including detailed profiles, allegations or suspicions, bodily samples and/or the context surrounding the personal information is particularly sensitive.
4
c. Program or Activity Partners and Private Sector Involvement
Description
Risk Level
Rating
Within the institution (amongst one or more programs within the same institution)
1
1
With other federal institutions
2
With other or a combination of federal/ provincial and/or municipal government(s)
3
Private sector organizations or international organizations or foreign governments
4
4
d. Duration of Program or Activity
Description
Risk Level
Rating
One time program or activity
1
Short-term program
2
Long-term program
3
3
e. Program Population
Description
Risk Level
Rating
The program affects certain employees for internal administrative purposes.
1
The program affects all employees for internal administrative purposes.
2
The program affects certain individuals for external administrative purposes.
3
3
The program affects all individuals for external administrative purposes.
4
f. Technology and Privacy
Description
Yes/No
Does the new or modified program or activity involve the implementation of a new electronic system, software or application program including collaborative software (or groupware) that is implemented to support the program or activity in terms of the creation, collection or handling of personal information?
Yes
Does the new or modified program or activity require any modifications to IT legacy systems and/or services?
Yes
Does the new or modified program or activity involve the implementation of one or more of the following technologies:
Enhanced identification methods
No
Use of Surveillance
No
Use of automated personal information analysis, personal information matching and knowledge discovery techniques
Yes
g. Personal Information Transmission
Description
Risk Level
Rating
The personal information is used within a closed system.
1
The personal information is used in a system that has connections to at least one other system.
2
2
The personal information is transferred to a portable device or is printed.
3
3
The personal information is transmitted using wireless technologies.
4
h. Breach
Description
Yes/No
The impact is minimal. The PI collected from complainants is optional and is voluntarily provided. It is also non-sensitive in nature.