The federal government’s various departments and agencies have inadvertently mishandled the personal information of some 144,000 Canadians over the past two years, according to new figures.
The figures were part of the federal government’s response to an order paper query filed by Conservative MP Dean Allison last month. The response, which reached nearly 800 pages, did not offer an explanation for the errors.
According to the response, the Canada Revenue Agency (CRA) had the highest number of reported breaches, with about 3,020 separate incidents affecting nearly 60,000 Canadians between January 01, 2018 and December 10, 2019. CRA says the breaches were due to misdirected mail, security incidents, and employee misconduct.
Health Canada reported only 122 breaches during the same time period, but those breaches affected the second highest number of individuals on the list, at almost 24,000. CBC only reported 17 breaches in that time period, but those incidents affected more than 20,000 Canadians.
A list of the reported breaches per government department is as follows, in order of people affected:
|
Department/Agency |
Number of breaches reported between |
Number of people affected |
|
CRA |
3,020 |
59,065 |
|
Health Canada |
122 |
23,894 |
|
CBC |
17 |
20,129 |
|
Environment Canada |
7 |
6,028 |
|
Public Services and Procurement |
164 |
5,149 |
|
Canada Post |
59 |
5,130 |
|
Immigration |
3,005 |
4,268 |
|
PHAC |
7 |
3,725 |
|
Employment and Social Development Canada |
1,421 |
3,586 |
|
Department of National Defense |
170 |
2,273 |
“There’s a significant problem with the way that the government protects personal information,” David Fraser, a privacy lawyer at McInnes Cooper, told CBC News.
“The numbers that we’re consistently seeing reported out of the federal government are higher than they should be and significantly higher in my view.”
It has been reported that the numbers tabled in the House are not exact, so the 144,000 total could fall short of the actual number of people affected.
A representative for the privacy commissioner’s office said that it still reviewing the order paper question, and has confirmed that there have been gaps with the reporting system in the past.
“We have raised concerns about strong indications of systemic under-reporting of certain types of breaches across government,” the spokesperson for Office of the Privacy Commissioner told CBC News in an email statement.
