open Secondary menu

Privacy Impact Assessment – E-Registration Service

A Privacy Impact Assessment (PIA) has been conducted to determine if there are any privacy risks associated with the E-Registration Service and its management of personal information, and to make the necessary adjustments to mitigate these risks.

Section 1 – Overview and PIA Initiation

1.   Government Institution Responsible for Delivering Program or Activity

Elections Canada

2.   Delegate for Section 10 of the Privacy Act

Manager and Coordinator, Access to Information and Privacy

Government Official Responsible for PIA

Deputy Chief Electoral Officer, Electoral Events

3.    PIA Approved By

Chief Electoral Officer, Elections Canada

4.   Personal Information Bank

Voter Registration, CEO PPU 037

5.   Name of Program or Activity

Online voter registration service (E-Registration)

6.   Description of Program or Activity

On April 3, 2012, Elections Canada launched Phase 1 of its E-Registration service. This online service is designed to increase the accessibility of the electoral process by offering electors an additional and convenient way to check whether they are registered to vote, update their registration information and add themselves to the National Register of Electors.

Since the Canada Elections Actrequires a signature and/or documentary proof of identity for some transactions, only certain functionality is being made available in Phase 1. It allows electors to use online registration between elections to:

  • Confirm whether they are registered to vote (using their name, address, gender and date of birth for identification purposes).
  • Update their previously registered address (using their name, address, gender and date of birth for identification purposes).
  • Add their name to the Register (by confirming information that Elections Canada has already obtained about them from one of its administrative data sources, using their name, address, gender and date of birth for identification purposes and using their driver's licence to validate their identity).

The E-Registration service is a significant advancement in providing online services to electors and expanding their access to the electoral process.

6.1   Legal Authority for Program or Activity

The Chief Electoral Officer is responsible under section 46 of the Canada Elections Actfor the maintenance and update of the National Register of Electors. The Chief Electoral Officer updates the Register from different sources, including information provided by electors.

Section 2 – Risk Area Identification and Categorization

In accordance with the Treasury Board Directive on Privacy Impact Assessment, the following identifies and categorizes the risk areas for the new service. A risk scale is included for each risk area and is presented in ascending order: the first level (1) represents the lowest level of potential risk for the risk area, and the fourth level (4) represents the highest level of potential risk for the given risk area. To learn more about the risk scale, please refer to Appendix C of the PIA Directive.

1.   Type of Program or Activity

Administration of program or activity and services.
Level of risk: 2

2.    Type of Personal Information Involved and Context

Personal information is provided by individuals, with their consent to also use personal information held by another source. There are no contextual sensitivities after the time of collection.
Level of risk: 2

3.   Degree of Program or Activity Partners and Private Sector Involvement

There is involvement with other federal, provincial/territorial and/or municipal government institutions, either singly or in combination.
Level of risk: 3

4.   Duration of Program or Activity

This is a long-term program.
Level of risk: 3

5.    Extent of Program Population

The program affects certain individuals for external administrative purposes.
Level of risk: 3

6.    Extent of Personal Information Transmission

Personal information is transmitted using wireless technologies.
Level of risk: 4

7.    Potential Risk to and/or Impact on Institution

In the event of a privacy breach, misuse of information could cause harm to Elections Canada's reputation, embarrassment, loss of credibility and/or decreased confidence of the public. It could also thrust elected officials into the spotlight and/or compromise Elections Canada's strategic outcome.
Level of risk: 4

8.   Potential Risk to Individual or Employee

In the event of a privacy breach, misuse of information could cause the following to the individual to whom the information pertains:

  • Inconvenience
    Level of risk: 1
  • Embarrassment/harm to reputation
    Level of risk: 2
  • Financial harm
    Level of risk: 3

9.   Technology and Privacy

Does the option for the new or modified program or activity involve implementing a new electronic system, software or application program, including collaborative software (or group software), to support the management of personal information?
Yes

9.1   Specific Technological Issues and Privacy

Does the option for the new or modified program or activity involve implementing one or more of the following technologies?

  • Enhanced identification methods
    No
  • Use of surveillance
    No
  • Use of automated data analysis, data matching and knowledge discovery techniques
    Yes

Section 3 – Summary: Privacy and Risk Management Action Plan

The following actions address the risks identified in the PIA.

1.    Limiting the Collection, Use and Disclosure of Personal Information by:

  • Putting additional controls in place to grant authorization to modify, add, delete or change information. Access and changes are audited by date, user and user accounts. Rights are provided to users on a "need to know" basis.
  • Displaying privacy notice statements when personal information begins to be collected.
  • Updating the retention and disposition schedule 2001/017 for electors' registration records.
  • Using data masking tools in the production testing environment.
  • Giving regular security awareness training to all personnel who access personal information.

2.    Safeguarding Personal Information by:

  • Producing statistical reports from the E-Registration service with anonymized information.
  • Deploying E-Registration in a secure multi-zoned and multi-tiered environment provided by the Internet service provider.

3.    Protecting the Integrity of Electors' Information by:

  • Allowing only one change of address for an elector in the same transaction.
  • Displaying on-screen warnings about penalties under the Canada Elections Act and Criminal Code for false changes of information.
  • Putting mechanisms in place to actively manage potentially suspicious activities.