From AJP member Craig Proulx:
I am wondering if this tattletale site will be used against Aboriginal peoples in Canada. They are already under surveillance by the Canadian security state and have been labelled in the past as "terrorists" by the Canadian Military. The government gets reports on Aboriginal "hot spots" each week. I wonder if some of their information comes from (SIR)? Certainly a lot of these "critical infrastructure" companies must be terrified at the thought of blockades and protests interfering with their right to make cash for the settler elite. This sounds like just the tool to keep the market "free".
Privacy Impact Assessment - Suspicious Incident Reporting (SIR): Executive Summary
The RCMP works in partnership with domestic and foreign agencies to strengthen prevention measures against the threat of terrorism in North America and elsewhere. The RCMP has primary law enforcement responsibility under sec. 6(1), *Security Offences Act* for investigating threats to the security of Canada, as defined in sec. 2, *Canadian Security Intelligence Service Act.*
Within this mandate, the RCMP is a national partner in protecting Canada’s critical infrastructure (CI). The Emergency Management Framework for Canada defines CI as “the essential underlying systems and facilities upon which our standard of life relies”. It includes physical and information technology facilities, networks, services and assets essential to the health, safety, security or economic well-being of Canadians and the effective functioning of government.
A significant proportion of Canada’s CI is managed and protected by private owners and operators. As per the Participant list in Section 3.5 .The National Security Criminal Investigations ( NSCI) of the RCMP has launched a Suspicious Incident Reporting (SIR) project to collect information on suspicious incidents that could have a nexus to national security. The information provided by external CI Stakeholders is voluntary. Therefore, CI stakeholder handling of their data prior to its submission to the SIR system is not addressed in this privacy impact assessment (PIA)
The collection, handling, storage, dissemination and disposal of personal information for the SIR system conforms to Government of Canada policies and procedures and is consistent with CMP PPU-025 (National Security Investigations Records) and CMP PPU-005 (Operational Case Records) in www.InfoSource.gc.ca. A separate PIA details any privacy issues associated to SPROS our main records system where all SIR incidents will be recorded. Retention and disposal of the SPROS/SIR record will correspond to the Occurrence Classification Table (OCT) as detailed in the SPROS PIA.
Only authorized Critical Infrastructure Stakeholder employees, Police of Local Jurisdiction, or Government agencies may be given access to the SIR system. The Web-based accessed SIR system will be composed of two secure environments: the first is Protected B and the other is a Classified Environment (CE).
Access to the Protected “B” SIR System for external users will be granted through the use of the RCMP Internet Presence Environment (IPE), a secure common web hosting environment where authentication is made through the employment of ePass. Public Works and Government Services (PWGSC) maintains and updates a separate PIA for ePass. CI Stakeholder users will be designated as points of contact through MOUs or formal agreements with participating organizations. In order to be allowed rights to be assigned to their profile prospective users will be screened for at least a Level II Secret RCMP clearance. RCMP Personnel will gain access through the use of NPSN and PMI Secure Access Portal. The Classified Environment ( CE) is an RCMP internal one with no connection to the Protected B SIR system. SIR data received will be manually transferred to the CE systems.
The external facing SIR system application has roles that assign rights to the user and dictates what information they can view at the time of submission. The complete un-vetted SIR containing personal information will be made available to RCMP and POJ for national security criminal intelligence purposes. The originator of the report can also select other participating and RCMP security cleared organizations, with a need to know, to receive a SIR submission that has been vetted of personal information.
The Classified Environment (CE) is an RCMP internal one with no connection to the Protected B SIR system. SIR data received will be manually transferred to the CE systems.
Data matching and profiling will not occur within the SIR System.
Reference section 5 (3)b of the *Privacy Act*, persons identified as being involved in suspicious incidents will not be notified about the collection of their personal information as it would defeat the purpose of collecting that information for criminal investigative purposes
This Executive Summary will be available to all stakeholders, including the general public, via the RCMP web site. Current participants in the SIR project and key government stakeholders will be notified that the PIA has been filed with the Office of the Privacy Commissioner (OPC). New participants in the SIR project will be advised that a PIA has been filed with the OPC. Communications surrounding the SIR project, including presentations and briefings, will reference key messages on privacy. A vetted version of the PIA will be available if requested under Access to Information. At the upcoming Annual Revision of Info Source, the applicable PIBs (CMP PPU 005 and 025) will be updated to mention the SIR Project.
Treasury Board is responsible for the annual creation and dissemination of a publication that provides a description of government organizations, program responsibilities and descriptions of records with sufficient clarity and detail to enable the public to exercise its rights under the *Access to Information Act*.
Treasury Board is also responsible for the annual publication of an index of personal information that will both serve to keep the public informed of how the government handles personal information, as well as facilitating the public’s ability to exercise its rights under the *Privacy Act*.