Review of passport protection practices of four federal institutions
This report details a review of passport protection practices by four federal institutions: IRCC, ESDC, GAC, and CPC. While the institutions generally had reasonable measures to prevent unauthorized passport disclosures, the review identified areas for improvement in incident detection, remediation for affected individuals, and learning from past breaches. The institutions agreed to implement the OPC's recommendations to enhance these processes.
- Adequacy of measures to prevent unauthorized disclosure of passports
- Effectiveness of incident detection mechanisms
- Sufficiency of remediation measures for affected individuals
- Processes for learning from past passport breach incidents
Recommendations made to improve practices and adopted by institutions.
The investigation found that while preventative measures were generally reasonable, improvements were needed in detecting breaches, remediating harm to individuals, and institutional learning from incidents. The institutions committed to implementing the OPC's recommendations.
AI-generated summary for reference only. Always verify against the official decision ↗
Institutions agreed to implement recommendations regarding consistent guidance on assessing materiality of breaches, establishing service standards for timely notification, and offering mitigation measures like credit monitoring.
- section 8 Privacy Act
- section 37 Privacy Act
This summary is for informational purposes only and does not constitute legal advice.