PIPEDA Case Summary #2017-006: Using SIN for identity verification cannot be a condition of service
The Office of the Privacy Commissioner of Canada (OPC) investigated a complaint that a financial institution required customers to provide their Social Insurance Number (SIN) for identity verification purposes as a condition of opening a savings account. The OPC found that while the institution collected SINs for legally required income reporting, it could not mandate its use for identity verification. The institution agreed to make the use of SIN for identity verification optional rather than a condition of service.
- Requirement of SIN for identity verification as a condition of service.
- Appropriate use of SIN by private sector organizations.
- Interpretation of FINTRAC guidelines regarding identity verification.
Complaint found to be well-founded and conditionally resolved, with the institution agreeing to make SIN use for identity verification optional.
The OPC determined that the financial institution contravened PIPEDA by requiring consent to the use of SIN for identity verification as a condition of service, as no legal or regulatory requirement supported this practice.
AI-generated summary for reference only. Always verify against the official decision ↗
The financial institution agreed to make the use of SIN for identity verification optional, rather than a condition of service.
- Principle 4.3.3 of Schedule 1 of PIPEDA
This summary is informational only and not legal advice.