Federal Privacy Commissioner upholds traveller complaints about searches of electronic devices

In the most recent annual report to Parliament filed by federal Privacy Commissioner Daniel Therrien, he detailed an investigation by his office into six different complaints by travellers, regarding searches of their electronic devices and data by Border Service Officers (BSOs) employed by the Canadian Border Services Agency (CBSA). The investigation report indicated that all six complaints were “well-founded” under the federal Privacy Act, having breached sections 4 and 6(1) of that Act which proscribes and limits the collection and retention of the personal data of individuals by federal government entities. The report makes a number of recommendations for improvement of policies and their application by the CBSA, as well as for legislative change, and indicates a somewhat recalcitrant attitude on the part of CBSA towards limitations on their entitlements to search and retain data from devices.

CBSA takes the position that its power to inspect and search “goods” which are “imported” into Canada under s. 99(1)(a) of the Customs Act extends to electronic documents stored on devices. The Commissioner noted CBSA’s position that this does not include electronic documents which might be accessible from the device through an internet connection, but not stored on the device itself—a position with which the Commissioner agreed. In 2015 the CBSA created its Examination of Digital Devices and Media at the Port of Entry – Guidelines, which require inter alia that the connectivity of devices be disabled before they are searched (usually by switching to airplane mode). The Commissioner also agrees with this limitation, which the report states is “essential” in order for CBSA to be able to comply with both the Customs Act and the Privacy Act.

Here, the investigation into the complaints revealed a number of instances where this part of the Guidelines, in particular, was not complied with. In one case the BSO not only failed to disable the traveller’s phone but used it to access their social media and banking information. In three other cases searches were done without turning on airplane mode, and in the remaining two there were no notes indicating whether connectivity had been disabled. Other problems included: a BSO photographing documents on a phone for purposes other than enforcing the Customs Act (which would amount to a breach of s. 8 of the Charter); records relating to searches being destroyed, rather than being retained for two years as is required; and in several cases, failure to make notes at all regarding the circumstances/indicators that led the BSO to conduct a search (which is required by additional guidelines put in place by the CBSA in 2017), rendering the CBSA unable to legally justify the search after the fact. There were two instances in which the BSOs did not follow the Guidelines by asking the travellers to input their own passwords into the devices to unlock them, rather than asking for and writing down the password themselves; however, the Commissioner noted that this is currently a legally grey area and declined to make any findings about it.

The Commissioner’s ultimate findings reflected concern for what appeared to be poor training and inconsistent application of the Guidelines by BSOs. It outlines a number of recommendations with which CBSA has agreed:

1. mandatory training for BSOs and supervisors, with documentation of participation, in order to ensure consistent compliance with the Guidelines;

2. the creation of oversight and review mechanisms to ensure compliance with policies and practices relating to devices;

3. an independent audit with respect to the overall operational framework and its compliance with the Privacy Act (though CBSA would only agree to an internal audit, the Commissioner found that this would accomplish the purpose sought);

4. updating the CBSA’s Enforcement Manual to include comprehensive treatment of the requirements around device searches;

5. transparency and accountability by way of information regarding policies and practices around searching devices to be published on the CBSA website;

6. tracking, compiling and reporting statistics on device searches through all of CBSA’s operations.

The Commissioner also made a number of recommendations for legislative change, but noted explicitly that he was “surprised and disappointed” that CBSA disagreed with all of them—particularly in that they were entirely consistent with proposals that were made by a Parliamentary committee in 2017. These were:

7. that the definition of “goods” in the Customs Act be updated to reflect the unique nature of electronic devices, distinguishing them from other goods or receptacles which do not hold massive amounts of individual private data;

8. that the Customs Act be amended to provide “a clear legal framework for the examination of digital devices, and specific rules that impose a higher threshold for the examination of such devices, in line with the requirements of the CBSA’s Policy.” To this the CBSA responded that due to the pace of technological change, fluidity was necessary and simply using policies was sufficient to keep up and ensure Charter compliance. The Commissioner responded that the very cases under review suggested that policies were insufficient.

9. that the current threshold for engaging in a search set out in CBSA policy, “multiplicity of indicators” be replaced with a “reasonable grounds to suspect” standard, which was explicitly recommended by the Parliamentary committee and which has been argued to be the only way to ensure Charter compliance of searches. This has long been a battleground between CBSA and privacy advocates of various stripes.

On this latter point the CBSA had responded:

It is in the very nature of the border environment that there is a lack of prior knowledge or control over goods before they reach the border. With no prior knowledge or information, it can be impossible to formulate reasonable suspicion relation to goods….

…more and more documentation is going digital and it is as necessary for CBSA officers to view such documentation as it is for those officers to be able to search the traveller’s baggage. Imposing an inspection threshold only on digital documents makes it more likely that travellers seeking to circumvent Canadian prohibitions on imported goods or evade duties and taxes or, indeed, conceal their true identities will be able to do so.

The Commissioner countered with skepticism:

We note that the CBSA’s rationale for disagreeing with our Recommendations 7 and 9 draws comparisons between digital documents and traditional paper documents, suggesting that the changes to legislation would create a higher threshold for the inspection of digital documents. However, CBSA itself has recognized that a higher threshold is appropriate for digital devices given the wealth of information that can be stored on them. Simply put, searching a digital device is not the same as, for instance, consulting a paper receipt and this is already reflected in CBSA policy.

We also fail to see how our recommendations would prevent the CBSA from viewing travel documents stored electronically as part of its normal operations. The requirement to produce a travel document – in electronic form or otherwise – for inspection does not entail handing over a device and all its contents to be searched and would not be affected by our recommendations. In our view, CBSA is wrongly asserting operational barriers to legislative reform; barriers that are belied by the fact that its Policy already distinguishes and applies a higher threshold for digital devices.

The Commissioner concluded that he would be recommending the proposed legislative changes to the Minister of Public Safety, and the Minister of Border Security and Organized Crime Reduction, “ in order to adequately protect the privacy and Charter rights of Canadians as they return home from travels abroad.”