2022-2023 Annual Report on the Administration of the Privacy Act

I - Introduction

The purpose of the Privacy Act, (“the Act”), is to strengthen Canada’s laws that protect the privacy of individuals with respect to personal information about themselves held by a government institution and that provide individuals with a right of access to that information.

This Annual Report on the Canadian Air Transport Security Authority’s (CATSA) administration of the Act has been prepared in accordance with section 72(1) of the Act and is hereby submitted for tabling in Parliament under Section 72(2) of the Act.

This is CATSA’s 20th Annual Report, as this fiscal year marks the 20th anniversary of the establishment of Canadian Air Transport Security Authority . Over the last 20 years, a tremendous amount of work has gone into developing new programs and initiatives to ensure CATSA continuously delivers the highest level of air transport security for Canada.

Previous such reports are available under the “Corporate Publications” heading of the “About Us” page on the website.

II - The Canadian Air Transport Security Authority – Mandate

Established as an agent Crown Corporation on April 1, 2002, CATSA‘s mandate is to protect the public by securing critical elements of the air transportation system as assigned by the Government of Canada.

Fully funded by parliamentary appropriations, CATSA is accountable to Parliament through the Minister of Transport. CATSA is governed by a Board of Directors. Operations are directed by a senior management team. CATSA currently contracts security screening to third-party contractors.

CATSA delivers on its mandate of securing Canada’s air transportation system by conducting the following activities across 89 of Canada’s designated airports:

1. Pre-Board Screening (PBS) - The screening of passengers and their belongings prior to their entry into the secure area of an air terminal building;
2. Hold Baggage Screening (HBS) - The screening of passengers checked (or hold) baggage to prevent the boarding of prohibited items;
3. Non-Passenger Screening (NPS) - The random screening of non-passengers accessing restricted areas; and
4. Restricted Area Identity Card (RAIC) - The program that uses iris and fingerprint biometric identifiers to allow non-passenger access to the restricted areas of airports.

Under an agreement concluded with Transport Canada in 2010, CATSA has the authorization to conduct screening of cargo at smaller airports if there is capacity to do so. Each of these activities is carried out effectively, efficiently, consistently, and in the public interest, as required by the CATSA Act.

Implementation of the Privacy Act at CATSA

The Manager of Privacy and ATIP, who is also the organization’s Access to Information and Privacy (ATIP) Coordinator, is responsible for processing requests received under the Act, and privacy policy and compliance. A Senior ATIP Advisor supports the ATIP Coordinator in processing requests under the Act, and a Privacy Advisor supports the privacy policy and compliance functions. A Disclosure Advisor provided support for disclosures of personal information under Paragraph 8 of the Act.

The ATIP Coordinator reports directly to the General Manager, Corporate Security, Facilities, and Information Management. The Vice-President, Corporate Services and Corporate Secretary serves as CATSA’s Chief Privacy Officer (CPO) and reports directly to the President and Chief Executive Officer.

CATSA’s Privacy Office responsibilities regarding the Act are as follows:

• receive and process all requests in accordance with the Act;
• assist requesters in formulating their requests when required;
• gather all pertinent records and ensure that the search for information is rigorous and complete; receive and process all disclosure requests in accordance with the Act;
• conduct the initial record review and provide recommendations to the program areas;
• conduct all internal and external consultations;
• consolidate recommendations and apply all discretionary and mandatory exemptions under the Act;
• assist the Office of the Privacy Commissioner (OPC) in all privacy-related matters including complaints against CATSA;
• prepare annual reports on the administration of the Act;
• coordinate the annual Info Source update;
• work with representatives throughout the organization, complete Privacy Impact Assessments for any new or substantially modified activity, program or system that collects or uses personal information;
• provide ongoing advice and guidance to senior management and staff on matters related to privacy;
• promote privacy of personal information awareness and training sessions to ensure that all staff are aware of the obligations imposed by legislation;
• respond to consultations received from external organizations;
• develop and maintain privacy policies and guidelines;
• stay current on, and promulgate within CATSA, any changes to administrative requirements for the Act from the Treasury Board of Canada Secretariat, or guidance prepared by the Office of the Privacy Commissioner; and
• participate in ATIP community activities and ATIP community meetings.

During 2022-2023, CATSA regularly engaged the OPC to discuss initiatives potentially impacting privacy.

III - Delegation of Signing Authority

In accordance with section 73(1) of the Act, a delegation order, signed by CATSA’s President and Chief Executive Officer (CEO), designates the person holding the position of ATIP Coordinator to exercise and perform the privacy duties on behalf of the organization. CATSA welcomed a new President and CEO, Nada Semaan on April 3, 2023. A new delegation order was issued on July 27, 2023.

The signed and dated delegation order is attached to this report as Annex A.

IV - Statistical Report Interpretation

Privacy Act Requests Received and Completed

In the fiscal year, CATSA received four new Privacy Act requests, which is approximately 50% less requests processed than in the previous fiscal year.

One file was carried over from the previous fiscal year. Of the five Privacy Act requests completed during 2022-2023, CATSA processed 763 pages; an average of 153 pages per request.

Multi-Year Trend

Over the past number of fiscal years, the number of Privacy Act requests submitted to CATSA has fluctuated. Some CATSA Privacy Act requests are from members of the travelling public who wish to know if CATSA has any of their personal information on file.

Completion Time

Of the five Privacy Act requests completed during the 2022-2023 fiscal year, CATSA was successful in responding to 88% of them within the statutory time frame. This result demonstrates CATSA’s commitment to ensuring that all efforts are made to complete its requests in a timely manner and in compliance with the Privacy Act. 

Disposition of Completed Requests

Of the five completed requests:

• 3 files (60%) were disclosed in part.
• All requests disclosed were delivered electronically and two files in video format.

Exemptions Invoked

Where privacy exemptions were invoked, these reasons were cited:

Reason	Subject	Number of Cases
International affairs	S. 21	1
Personal information	S. 26	3
Legal advice	S. 27	3

Extensions

For the five requests completed in 2022-2023, three extensions of an additional period between 16 to 30 days was taken due to two files needing further review to determine exemptions. The files were for the viewing of video footage and making arrangements for the individuals to view the footage make the requests more complex, costly, and labour intensive. The third extension was for one file that contained a large volume of pages for review.

Consultations

During this reporting period, CATSA received no consultations from other government departments. No consultations were pending at the end of the previous reporting period.

The full Statistical Report on the Administration of the Act is attached as Annex B and Supplemental Statistical Report on Access to Information Act and the Privacy Act is attached as Annex C.

V - Training and Awareness

The Privacy Advisor and ATIP Coordinator are actively pursuing the designation of Certified Information Privacy Professional - Canada (CIPP/C), and keep current through professional development opportunities such as attendance at conferences and peer communication in order to provide the most up to date privacy training.

CATSA continues to provide staff with privacy training, most recently in accordance with its Privacy Training and Awareness Plan adopted in June of 2020. The training plan outlines specific privacy training and awareness activities accessible to various groups, including specific and relevant guidance on how CATSA employees should incorporate privacy considerations into their day-today job functions, especially for those with elevated access to personal information.

In 2022-2023 CATSA continued to make the privacy e-module training mandatory within 90 days of start of employment. At the end of the fiscal year, 92% of the all CATSA employees had complied and completed the training.

For the upcoming fiscal year, CATSA will be working to update this training by changing the requirement to within 30 days of the start of employment and updating the e-module as per the training plan on a triennial basis.

CATSA offers additional privacy training during a virtual orientation sessions for new employees and directed training to business areas.

VI - Policies, Guidelines, Procedures and Initiatives

In October 2022, TBS published additional privacy safeguards for contracts and information sharing agreements (ISAs) as part of their Directive on Privacy Practices. CATSA elected to implement the requirements that were straight forward immediately, to work towards total compliance, while awaiting additional guidance from TBS on requirements that required further clarification on government expectations.

The Privacy Office undertook a continued assessment of the activities and evidence in our Privacy Management Framework. The review confirmed that no gaps were identified in the framework itself. Methods of monitoring compliance were noted as needing ongoing refreshing such as the Risk Registry and Personal Information Inventory. These documents need to be consistently updated to include the actual present practices and any changes in processes undertaken. The Privacy Office also intends to document longer-term activities and projects to maintain CATSA’s compliance to privacy laws, regulations and best practices as part of a strategic plan to be completed in 2023-2024.

VII - Response to Key Issues Raised

During the reporting period, one new complaint has been received under the Act. The complaint was resolved. 

VIII - Monitoring Compliance

CATSA’s Privacy Monitoring Plan serves to strengthen compliance monitoring practices beyond the Privacy Impact Assessment (PIA) and breach management processes, and provides an effective way to evaluate the status and maturity of CATSA’s Privacy Program.

Reports on the CATSA’s Privacy Program are submitted to senior management semi-annually, with a briefing in June and again in October.

IX - Material Privacy Breaches

No material privacy breaches occurred during the reporting period.

X - Privacy Impact Assessments

Privacy Impact Assessments (PIAs) provide a framework to ensure that the protection of personal information is considered throughout the design or re-design of a program or service. PIAs identify the extent to which proposals comply with all appropriate statutes and legislation. They assist managers and decision-makers to avoid or mitigate privacy risks and promote only fully informed policy, program and system design choices.

During the 2022-2023 fiscal year, there were no PIAs completed.

XI - Public Interest Disclosures

There was one disclosures were made under paragraph 8(2)(m) of the Act during the reporting period. The disclosure was to benefit the individual and a very limited amount of personal information was disclosed.

Collaboration

CATSA is a strong advocate of collaboration, both internally within the organization as well as within the Privacy Community.

CATSA – The Privacy Office regularly engages with various internal groups to provide advice, ideas and best practices. Regularly engaging with representatives from across the organization naturally allows a better understanding of issues and activities that are occurring operationally, and what may impact or be of interest as a whole.

Privacy Community – The Privacy Office also has regular consultations with other Crown Corporation privacy offices as well as with the Treasury Board Secretariat through quarterly ATIP community meetings. These discussions encourage the sharing of valuable knowledge and experience.

Regulatory Community– The Privacy Office seeks out advice and guidance form regulators such as the Government Advisory Directorate of the Office of the Privacy Commissioner. Their office provides informal, proactive advice and guidance on programs and activities where there is clearly privacy impacts.

ANNEXES

Annex A: Delegation Order – Privacy Act
Annex B: Statistical Report on the Administration of the Privacy Act
Annex C: Supplemental Statistical Report on Access to Information Act and the Privacy Act

Annex A: Delegation Order – Privacy Act

Privacy Act Delegation of Authority

I, Nada Semaan, President and CEO of CATSA, pursuant to subsection 73(1) of the Privacy Act, designate the persons holding the positions set out in the attached Schedule ‘A’, or persons acting in those positions, to exercise the powers and perform the duties and functions that have been given to me as head of a government institution under the sections of the Privacy Act, as set out in the Schedule.

Nada Semaan
President and Chief Executive Officer
Canadian Air Transport Security Authority

Signed in Ottawa, Ontario, Canada this 27 day of July 2023

---

Schedule "A"
Delegation Pursuant to Subsection 73(1) of the Act

Section	Description	ATIP Coordinator	Vice-President, Corporate Services, General Counsel and Corporate Secretary (CPO)	Senior Vice-President, Operations	Senior Director, Operations	General Manager, Program Delivery	General Manager, Corporate Security	Director HR	Senior ATIP Advisor
			For requests related to passenger and non-passenger records					For requests related to employee records
8(2) (b)	For any purpose in accordance with any Act of Parliament or any regulation made thereunder that authorizes its disclosure	Yes	Yes	Yes	Yes	Yes	Yes	Yes	No
8(2) (c)	For the purpose of complying with a subpoena or warrant issued or order made by a court, person or body with jurisdiction to compel the production of information or for the purpose of complying with rules of court relating to the production of information	Yes	Yes	Yes	Yes	Yes	Yes	Yes	No
8(2) (d)	To the Attorney General of Canada for use in legal proceedings involving the Crown in right of Canada or the Government of Canada	Yes	Yes	No	No	No	Yes	Yes	No
8(2) (e)	To an investigative body specified in the regulations, on the written request of the body, for the purpose of enforcing any law of Canada or a province or carrying out a lawful investigation, if the request specifies the purpose and describes the information to be disclosed	Yes	Yes	Yes	Yes	Yes	Yes	Yes	No
8(2) (f)	Under an agreement or arrangement between the Government of Canada or an institution thereof and the government of a province, the council of the Westbank First Nation, the council of a participating First Nation — as defined in subsection 2(1) of the First Nations Jurisdiction over Education in British Columbia Act —, the government of a foreign state, an international organization of states or an international organization established by the governments of states, or any institution of any such government or organization, for the purpose of administering or enforcing any law or carrying out a lawful Investigation	Yes	Yes	Yes	Yes	Yes	Yes	Yes	No
8(2) (g)	To a member of Parliament for the purpose of assisting the individual to whom the information relates in resolving a problem	Yes	Yes	No	No	No	No	Yes	No
8(2) (h)	To officers or employees of the institution for internal audit purposes, or to the office of the Comptroller General or any other person or body specified in the regulations for audit purposes	Yes	Yes	No	No	No	No	No	No
8(2) (i)	To the Library and Archives of Canada for archival purposes	Yes	Yes	No	No	No	No	No	No
8(2) (j)	To any person or body for research or statistical purpose when satisfied that the purpose for which the information is disclosed meets the conditions referred to in that paragraph	Yes	Yes	No	No	No	No	No	No
8(2) (k)	To any aboriginal government, association of aboriginal people, Indian band, government institution or part thereof, or to any person acting on behalf of such government, association, band, institution or part thereof, for the purpose of researching or validating the claims, disputes or grievances of any of the aboriginal peoples of Canada	Yes	Yes	No	No	No	No	No	No
8(2) (l)	To any government institution for the purpose of locating an individual in order to collect a debt owing to Her Majesty in right of Canada by that individual or make a payment owing to that individual by Her Majesty in right of Canada	Yes	Yes	No	No	No	No	Yes	No
8(2) (m) (i)	For any purpose where, in the opinion of the head of the institution the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure	Yes	Yes	Yes	Yes	No	Yes	No	No
8(2) (m) (ii)	For any purpose where, in the opinion of the head of the institution, disclosure would clearly benefit the individual to whom the information relates	Yes	Yes	Yes	Yes	Yes	Yes	No	No
8(4)	To keep copies of requests made under 8(2)(e), keep records of information disclosed pursuant to such requests and to make those copies and records available to Privacy Commissioner	Yes	Yes	No	No	No	Yes	No	No
8(5)	To notify the Privacy Commissioner in writing of disclosure under paragraph 8(2)(m)	Yes	Yes	No	No	No	No	No	No
9(1)	To retain a record of use of personal information	Yes	Yes	No	No	No	Yes	No	Yes
9(4)	To notify the Privacy Commissioner of consistent use of personal information and update index accordingly	Yes	Yes	No	No	No	No	No	No
10	To include personal information in personal information banks	Yes	Yes	No	No	No	No	No	No
4( a) (b)	To give notice to applicant that access will be given and to give access to requester	Yes	Yes	No	No	No	No	No	Yes
15	To extend time limit and give notice	Yes	Yes	No	No	No	No	No	Yes
18(2)	To refuse to disclose any personal information requested under that subsection	Yes	Yes	No	No	No	No	No	Yes
19 - 28	To refuse to disclose any personal information requested under that subsection	Yes	Yes	No	No	No	No	No	Yes
33(2)	To make representations to the Privacy Commissioner	Yes	Yes	No	No	No	No	No	Yes
35(1) (b)	To receive the report of findings of the investigation and give notice of action taken or proposed to be taken or reasons why no action has been or is proposed to be taken	Yes	Yes	No	No	No	No	No	No
35(4)	To provide access to personal information	Yes	Yes	No	No	No	No	No	No
37(3)	To receive the report of findings after investigation in respect of personal information	Yes	Yes	No	No	No	No	No	No
69	To refuse to disclose a record referred to in that section	Yes	Yes	No	No	No	No	No	Yes
70	To refuse to disclose a record referred to in that section	Yes	Yes	No	No	No	No	No	Yes
72(1)	To prepare annual report for submission to Parliament	Yes	Yes	No	No	No	No	No	Yes
77	To carry out responsibilities conferred on the Head of the institution by regulations made under section 77 which are not included above	Yes	Yes	No	No	No	No	No	No

The ATIP Coordinator, the Vice-President, Corporate Services, General Counsel, Corporate Secretary (CPO), the Senior Vice-President, Operations, the Senior Director, Program Delivery, the General Manager, Program Delivery, the General Manager, Corporate Security and the Director, HR are authorized to designate in writing a member of their staff to act on their behalf in case of absence or unavailability.

Annex B: Statistical Report on the Administration of the Privacy Act

Name of institution: Canadian Air Transport Security Authority

Reporting period: 4/1/2022 to 3/31/2023

Section 1: Requests Under the Privacy Act

1.1 Number of requests received

1.2 Channels of requests

Section 2: Informal requests

2.1 Number of informal requests

Description		Number of Requests
Received during reporting period		0
Outstanding from previous reporting periods		0
Outstanding from previous reporting period	0
Outstanding from more than one reporting period	0
Total		0
Closed during reporting period		0
Carried over to next reporting period		0
Carried over within legislated timeline	0
Carried over beyond legislated timeline	0

3.2 Exemptions

3.3 Exclusions

3.4 Format of information released

3.5 Complexity

3.5.1 Relevant pages processed and disclosed for paper and e-record formats

 3.5.2 Relevant pages processed by request disposition for paper and e-record formats by size of requests

3.5.3 Relevant minutes processed and disclosed for audio formats

3.5.4 Relevant minutes processed per request disposition for audio formats by size of requests

3.5.5 Relevant minutes processed and disclosed for video formats

Number of Minutes Processed	Number of Minutes Disclosed	Number of Requests
3	3	2

3.5.6 Relevant minutes processed per request disposition for video formats by size of requests

Disposition	Less than 60 Minutes processed		60-120 Minutes processed		More than 120 Minutes processed
	Number of requests	Minutes Processed	Number of requests	Minutes Processed	Number of requests	Minutes Processed
All disclosed	2	3	0	0	0	0
Disclosed in part	0	0	0	0	0	0
All exempted	0	0	0	0	0	0
All excluded	0	0	0	0	0	0
Request abandoned	0	0	0	0	0	0
Neither confirmed nor denied	0	0	0	0	0	0
Total	0	0	0	0	0	0

3.5.7 Other complexities

Disposition	Consultation Required	Legal Advice Sought	Interwoven Information	Other	Total
All disclosed	0	0	0	0	0
Disclosed in part	0	3	0	0	3
All exempted	0	0	0	0	0
All excluded	0	0	0	0	0
Request abandoned	0	0	0	0	0
Neither confirmed nor denied	0	0	0	0	0
Total	0	3	0	0	3

3.6 Closed requests

3.6.1 Number of requests closed within legislated timelines

3.7 Deemed refusals

3.7.1 Reasons for not meeting legislated timelines

3.7.2 Request closed beyond legislated timelines (including any extension taken)

3.8 Requests for translation

Section 4: Disclosures Under Subsections 8(2) and 8(5)

Section 5: Requests for Correction of Personal Information and Notations

Section 6: Extensions

6.1 Reasons for extensions

Section	15(a)(i) Interference with operations				15 (a)(ii) Consultation			15(b) Translation purposes or conversion
Number of extensions taken	Further review required to determine exemptions	Large volume of pages	Large volume of requests	Documents are difficult to obtain	Cabinet Confidence Section (Section 70)	External	Internal
3	2	1	0	0	0	0	0	0

6.2 Length of extensions

Section	15(a)(i) Interference with operations				15 (a)(ii) Consultation			15(b) Translation purposes or conversion
Length of Extensions	Further review required to determine exemptions	Large volume of pages	Large volume of requests	Documents are difficult to obtain	Cabinet Confidence Section (Section 70)	External	Internal
1 to 15 days	0	0	0	0	0	0	0	0
16 to 30 days	2	1	0	0	0	0	0	0
31 days or greater	-	-	-	-	-	-	-	-
Total	2	1	0	0	0	0	0	0

Section 7: Consultations Received From Other Institutions and Organizations

7.1 Consultations received from other Government of Canada institutions and other organizations

7.2 Recommendations and completion time for consultations received from other Government of Canada institutions

7.3 Recommendations and completion time for consultations received from other organizations outside the Government of Canada

Number of days required to complete consultation requests

Recommendation	1 to 15 Days	16 to 30 Days	31 to 60 Days	61 to 120 Days	121 to 180 Days	181 to 365 Days	More Than 365 Days	Total
Disclose entirely	0	0	0	0	0	0	0	0
Disclose in part	0	0	0	0	0	0	0	0
Exempt entirely	0	0	0	0	0	0	0	0
Exclude entirely	0	0	0	0	0	0	0	0
Consult other institution	0	0	0	0	0	0	0	0
Other	0	0	0	0	0	0	0	0
Total	0	0	0	0	0	0	0	0

Section 8: Completion Time of Consultations on Cabinet Confidences

8.1 Requests with Legal Services

8.2 Requests with Privy Council Office

Pages	Less Than 100 Pages Processed		100-500 Pages Processed		500-1000 Pages Processed		1001-5000 Pages Processed		More Than 5000 Pages Processed
Number of Days	Number of Requests	Pages Processed	Number of Requests	Pages Processed	Number of Requests	Pages Processed	Number of Requests	Pages Disclosed	Number of Requests	Pages Disclosed
1 to 15	0	0	0	0	0	0	0	0	0	0
16 to 30	0	0	0	0	0	0	0	0	0	0
31 to 60	0	0	0	0	0	0	0	0	0	0
61 to 120	0	0	0	0	0	0	0	0	0	0
121 to 180	0	0	0	0	0	0	0	0	0	0
181 to 365	0	0	0	0	0	0	0	0	0	0
Total	0	0	0	0	0	0	0	0	0	0

Section 9: Complaints and Investigations Notices Received

Section 10: Privacy Impact Assessments (PIAs) and Personal Information Banks (PIBs)

10.1 Privacy Impact Assessments

Description	Number
Number of PIAs completed	0
Number of PIAs modified	0

10.2 Institution-specific and Central Personal Information Banks

Section 11: Privacy Breaches

11.1 Material Privacy Breaches reported

Description	Number
Number of material privacy breaches reported to TBS	0
Number of material privacy breaches reported to OPC	0

11.2 Non-Material Privacy Breaches

Description	Number
Number of non-material privacy breaches	7

Section 12: Resources Related to the Privacy Act

12.1 Allocated Costs

12.2 Human Resources

Note: Enter values to three decimal places.

Annex C: Supplemental Statistical Report on Access to Information Act and the Privacy Act

Name of institution: Canadian Air Transport Security Authority

Reporting period: 2022-04-01 to 2023-03-31

Section 1: Capacity to Receive Requests under the Access to Information Act and the Privacy Act

Enter the number of weeks your institution was able to receive ATIP requests through the different channels.

Description	Number of Weeks
Able to receive requests by mail	52
Able to receive requests by email	52
Able to receive requests through the digital request service	0

Section 2: Capacity to Process Records under the Access to Information Act and the Privacy Act

2.1 Enter the number of weeks your institution was able to process paper records in different classification levels

2.2 Enter the number of weeks your institution was able to process electronic records in different classification levels.

Description	No Capacity	Partial Capacity	Full Capacity	Total
Unclassified Paper Records	0	0	52	52
Protected B Paper Records	0	0	52	52
Secret and Top Secret Paper Records	0	0	52	52

Section 3: Open Requests and Complaints Under the Access to Information Act

3.1 Enter the number of open requests that are outstanding from previous reporting periods.

3.2 Enter the number of open complaints with the Information Commissioner of Canada that are outstanding from previous reporting periods.

Fiscal Year Open Complaints Were Received by Institution	Number of Open Complaints
Received in 2022-2023	1
Received in 2021-2022	0
Received in 2020-2021	0
Received in 2019-2020	0
Received in 2018-2019	0
Received in 2017-2018	0
Received in 2016-2017	0
Received in 2015-2016	0
Received in 2014-2015	0
Received in 2013-2014 or earlier	0
Total	1

Section 4: Open Requests and Complaints Under the Privacy Act

4.1 Enter the number of open requests that are outstanding from previous reporting periods.

Fiscal Year Open Requests Were Received	Open Requests that are Within Legislated Timelines as of March 31, 2023	Open Requests that are Beyond Legislated Timelines as of March 31, 2023	Total
Received in 2022-2023	0	0	0
Received in 2021-2022	0	0	0
Received in 2020-2021	0	0	0
Received in 2019-2020	0	0	0
Received in 2018-2019	0	0	0
Received in 2017-2018	0	0	0
Received in 2016-2017	0	0	0
Received in 2015-2016	0	0	0
Received in 2014-2015	0	0	0
Received in 2013-2014 or earlier	0	0	0
Total	0	0	0

4.2 Enter the number of open complaints with the Privacy Commissioner of Canada that are outstanding from previous reporting periods.

Fiscal Year Open Complaints Were Received by Institution	Number of Open Complaints
Received in 2022-2023	0
Received in 2021-2022	1
Received in 2020-2021	0
Received in 2019-2020	0
Received in 2018-2019	0
Received in 2017-2018	0
Received in 2016-2017	0
Received in 2015-2016	0
Received in 2014-2015	0
Received in 2013-2014 or earlier	0
Total	1

Section 5: Social Insurance Number

Question	Answer
Has your institution begun a new collection or a new consistent use of the SIN in 2022-2023?	No

Section 6: Universal Access under the Privacy Act

Question	Number
How many requests were received from confirmed foreign nationals outside of Canada in 2022-2023?	0