Privacy at the Border: Expectations of Privacy and Security in the World's Largest Trading Relationship
Since 9/11, the United States and Canada have highlighted the need for increased measures to enhance border security. To this end, several initiatives are underway to develop sophisticated identification systems that would allow border officials to instantly access the identification information of those crossing the Canada-U.S. border. The development and implementation of such technology has raised concerns regarding the ability of federal officials in each country to ensure that this information remains secure.
On February 28, 2008, the Canada Institute hosted a forum on the sometimes conflicting goals of securing citizens' personal information, while ensuring a sufficient level of security at the border. The Canada Institute was pleased to host Karim Benyekhlef, directeur du Centre de recherche en droit public, Faculté de droit, Université de Montréal; Jim Harper, director of Information Policy Studies, Cato Institute; David Sobel, senior counsel, Electronic Frontier Foundation; and Christiane Constant, commissioner, Commission d'accès à l'information du Québec, as panelists for a discussion that highlighted some of the differences and similarities between Canadian and American points of view on privacy and security issues.
Similar Views on Privacy from Both Sides of the Border
There was a consensus among the panelists that their respective governments kept too much private information, and that they kept it for too long. They also agreed that if information on a person is included in a customs agency's data bank, but is not necessary or relevant to any ongoing security concerns, then that information should be removed from the files. Canadian panelists Benyekhlef and Constant spoke at length about the specific laws within the Canadian and Quebec governments, respectively, which are designed to keep the border secure and to keep private information confidential, while the American panelists spoke of wanting less government control and more citizen access to information held in government data banks.
Harper said that an increase in security requiring a reduction in personal privacy is a trade-off asked of citizens by their government s on the grounds that it is reasonable to give up a measure of privacy in the name of security; the reasons for the trade-off, however, must be known and sound. Identity-based security measures for international travel provide an excellent example of such a compromise, where citizens allow their government to keep records and store identifying information under the assumption that it will help government agencies discover those who pose a security threat. Identity based-security systems implemented along the border can have other consequences, particularly in the economic sphere in the case of the Canada-U.S. border. Harper stated that when he undertook a rudimentary cost-benefit analysis of the U.S. Real ID Act, he found that the security benefits of implementing the Act fell far short of the costs. This calculation did not even take into effect the amount of bilateral trade between the United States and Canada that would be disrupted because of the Real ID Act.
Harper maintained that if security measures do not work, they should be avoided, especially if the proposed security initiative has the potential to do harm instead of good. He critiqued the Western Hemisphere Travel Initiative (WHTI), stating that the more stringent identification requirements within WHTI could potentially damage the U.S.-Canadian trade relationship. Any disruption to the massive amount of trade crossing the border daily can become extremely costly very quickly for both countries. Consequently, noted Harper, the gains in security obtained through WHTI are simply not sufficient to justify the economic costs and potential risk of citizens losing control of their personal information.
Exchanging Information between Two Countries
Both Canada and the United States have historically maintained the perspective that government agencies must prove that they have sufficient reason to collect and access citizen information in an effort to achieve specific national security or other policy aims. In addition, citizens in both countries have the right to access and ensure the accuracy of information collected about them. In the United States, this perspective on privacy rights was entrenched in the Privacy Act of 1974, while Canada upholds similar standards through its federal Privacy Act, passed in 1985. Nevertheless, these standards have eroded since 9/11, as both Canada and the United States have greatly increased the amount of information collected in an effort to prevent another terrorist attack in North America.
Private information is shared between Canadian and American agencies for security purposes; in his presentation, Benyekhlef discussed two international agreements for sharing such information between the United States and Canada: the Mutual Legal Assistance Treaty (MLAT) and the Customs Mutual Assistance Agreement (CMAA). He noted that Section 107 of the Customs Act permits sharing of personal information with foreign governments and organizations within the bounds of an international agreement such as the two listed above. Both of these agreements require that 1) the purpose of the investigation and how the information is relevant and necessary must be declared; and 2) that any terms of confidentiality associated with the information be respected before releasing anything to a foreign body. Benyekhlef added that the United States and Canada also exchange data within the Shared Look-out Initiative, which identifies international travelers according to a series of risk indicators and other intelligence. In particular, he said, this initiative offers an indication of the controversial shift by the Canadian and U.S. governments to rely increasingly on identity-based security to prevent terrorists and other criminals from entering North America or crossing the Canada-U.S. border.
The Challenges of Identity-Based Security
Harper said that the central problem with identity-based security is that it relies entirely on the premise that "identity equals security," which does not always hold true against the significant threats facing North Americans today. For instance, terrorists could defeat identity-based security systems by obtaining a fake ID, enlisting those not on a government watch list to carry out an attack, or targeting areas not secured by identity. In other words, he said, "Knowing who someone is doesn't actually secure you against them, if they're a sophisticated threat." Suicide bombers, for example, would be unconcerned with hiding their identity as they face no chance of sanctions after the fact.
In his remarks, Sobel also criticized identity-based security, noting that one of the reasons for keeping vast data banks of personal information is to mine the data for patterns that will help predict certain events. The Federal Bureau of Investigation, for example, maintains a watch list with approximately 700,000 names—with 20,000 new names added every month. Since many on the list are common names, Sobel said that there is a big risk of false-positive identification, increasing the number of people potentially affected into the millions. According to Sobel, although this approach of keeping and searching through vast amounts of data for patterns is highly useful in detecting crimes such as credit card fraud, it is less effective in identifying or predicting potential threats to national security. Terrorist attacks, he explained, occur rarely enough and without any discernable pattern, which greatly inhibits the ability of identification-based security methods to prevent future terrorist attacks.
According to Harper and Sobel, effective legislation allowing the collection and storage of personal information must include a recourse provision allowing citizens to access and verify the accuracy of information collected about them. Sobel cautioned that the lack of such a provision doomed the Transportation Security Administration's Computer Assisted Passenger Prescreening System and remains a problem for the program's successor, Secure Flight. During his presentation, he spoke of "... hundreds of thousands or millions of individuals who have not committed any articulable or chargeable criminal activity, and yet they have been branded by the U.S. government as, for some reason, suspicious and worthy of increased scrutiny...it is virtually impossible to apply any kind of due process to that scenario." Currently, said Sobel, one of the few ways an individual can find out about being on a government watch list is through the experience of consistently having difficulties at airport security points. It is subsequently very difficult for such individuals to find out why they have been identified as suspicious, or even to find out what is in a security agency's file under their name. This is, according to Sobel, an area of transportation and border security which is in need of reform.
In her presentation, Christiane Constant said that citizens need to be able to trust their government to keep them safe from outside threats, but also to protect their right to privacy. If trust is broken, citizens may become reluctant to divulge information about themselves, even to the point of foregoing services and financial benefits. Both Constant and Benyekhlef spoke of policies and regulations used within Canada to keep private information secure. Constant spoke of the importance of adapting the rules for protecting information to new technologies, and of the importance of establishing strict standards for the exchange of information between governments.
During the question and answer period, Jim Harper highlighted commercial interests as an avenue for increased government responsibility towards privacy rights. He said that business interests tend to get more attention than the concerns of independent private citizens; thus policies regarding business information may serve as a potential stepping stone towards policies regarding the protection of an individual's private information.
Drafted by Cami Woolam
David N. Biette
Director, Canada Institute