Canada Border Services Agency (Re), 2024 OIC 43
The complainant alleged that the Canada Border Services Agency (CBSA) improperly withheld the source code for the ArriveCAN application under subsection 16(2) of the Access to Information Act, which allows withholding information that could facilitate the commission of an offence. The CBSA argued that disclosure could allow malicious actors to hack the application or compromise user data. The Information Commissioner found that the CBSA reasonably exercised its discretion to withhold the source code at the time of the request, considering the sensitive nature of the application and the risks of disclosure.
- Whether the ArriveCAN source code could reasonably be expected to facilitate the commission of an offence if disclosed.
- Whether the CBSA reasonably exercised its discretion in deciding to withhold the source code.
- Whether severance of the source code was possible and reasonable.
Complaint not well founded
The Commissioner found that the CBSA provided sufficient evidence to demonstrate that disclosure of the source code could reasonably be expected to facilitate the commission of an offence. The Commissioner also concluded that the CBSA reasonably exercised its discretion in weighing the risks of disclosure against the public interest and other relevant factors, and that severance was not feasible.
AI-generated summary for reference only. Always verify against the official decision ↗
- s.16(2) ATIA
- s.25 ATIA
- para. 30(1)(a) ATIA
This is an informational summary and not legal advice.