The following table is an overall assessment grid developed by the Treasury Board Secretariat for use in PIAs. The table evaluates the overall privacy risks in Statistics Canada's statistical programs against a suite of standard dimensions. The numbered risk scale is presented in an ascending order: level 1 represents the lowest level of potential risk for the risk dimension; the fourth level (4) represents the highest level of potential risk for the given risk dimension.
As this generic PIA, by definition, covers a wide variety of statistical programs, the selected risks in this section correspond to the highest risk level across all statistical programs. Most programs would, in fact, have a lower risk level.
Applicable risk level for each dimension is in BOLD.
| a) Type of program or activity | Risk scale |
|---|---|
| Program or activity that does NOT involve a decision about an identifiable individual | 1 |
| Administration of program or activity and services | 2 |
| Compliance or regulatory investigations and enforcement | 3 |
| Criminal investigation and enforcement or national security | 4 |
| b) Type of personal information involved and context | Risk scale |
|---|---|
| Only personal information, with no contextual sensitivities, collected directly from the individual or provided with the consent of the individual for disclosure under an authorized program. | 1 |
| Personal information, with no contextual sensitivities after the time of collection, provided by the individual with consent to also use personal information held by another source. | 2 |
| Social Insurance Number, medical, financial or other sensitive personal information or the context surrounding the personal information is sensitive; personal information of minors or of legally incompetent individuals or involving a representative acting on behalf of the individual. | 3 |
| Sensitive personal information, including detailed profiles, allegations or suspicions and bodily samples, or the context surrounding the personal information is particularly sensitive. | 4 |
| c) Program or activity partners and private sector involvement | Risk scale |
|---|---|
| Within the institution (among one or more programs within the same institution) | 1 |
| With other government institutions | 2 |
| With other institutions or a combination of federal, provincial or territorial, and municipal governments | 3 |
| Private sector organizations, international organizations or foreign governments | 4 |
| d) Duration of the program or activity | Risk scale |
|---|---|
| One-time program or activity | 1 |
| Short-term program or activity (include established end-date) | 2 |
| Long-term program or activity (ongoing, continuous) | 3 |
| e) Program population | Risk scale |
|---|---|
| The program's use of personal information for internal administrative purposes affects certain employees. | 1 |
| The program's use of personal information for internal administrative purposes affects all employees. | 2 |
| The program's use of personal information for external administrative purposes affects certain individuals. | 3 |
| The program's use of personal information for external administrative purposes affects all individuals. | 4 |
| The program's use of personal information is not for administrative purposes. Information is collected for statistical purposes, under the authority of the Statistics Act. | N/A |
| f) Personal information transmission | Risk scale |
|---|---|
| The personal information is used within a closed system (i.e., no connections to the Internet, Intranet or any other system and the circulation of hardcopy documents is controlled). | 1 |
| The personal information is used in a system that has connections to at least one other system. | 2 |
| The personal information is transferred to a portable device (i.e., USB key, diskette, laptop computer), transferred to a different medium or is printed. | 3 |
| The personal information is transmitted using wireless technologies. | 4 |
g) Technology and privacy
Does the new or substantially modified program or activity involve implementation of a new electronic system or the use of a new application or software, including collaborative software (or groupware), to support the program or activity in terms of the creation, collection or handling of personal information?
Yes. Statistics Canada regularly updates its activities, operations and systems related to its statistical programs. However, its statistical programs follow standard departmental procedures. Prior to its implementation, privacy risks for new or substantially-modified systems are assessed by comparison with this generic PIA. A separate IT evaluation may be conducted and a supplement provided to the generic PIA, if necessary, for any privacy risks not covered by the generic PIA.
Does the new or substantially modified program or activity require any modifications to information technology (IT) legacy systems?
Yes. As described in the response immediately above.
Specific technological issues and privacy
Does the new or substantially modified program or activity involve implementation of new technologies or one or more of the following activities:
- enhanced identification methods (e.g., biometric technology);
- surveillance; or
- automated personal information analysis, personal information matching and knowledge discovery techniques?
Yes. As described in the response immediately above.
A YES response indicates the potential for privacy concerns and risks, which will require consideration and, if necessary, mitigation.
h) Potential risk that in the event of a privacy breach, there will be an impact on the individual or employee.
There is a very low risk of a breach of some of the personal information being disclosed without proper authorization. The impact on the individual would depend on the nature of the information disclosed, and could include financial harm, harm to reputation, personal embarrassment and inconvenience.
i) Potential risk that in the event of a privacy breach, there will be an impact on the institution.
There is a very low risk of a breach of some of the personal information being disclosed without proper authorization. The impact on Statistics Canada's reputation could be very significant, and could have a significant impact on its ability to conduct its statistical programs afterwards. It could also involve financial risk to the organization.