February 21, 2025
Following the announcement made by Immigration, Refugees and Citizenship (IRCC) regarding amendments to the 2012 Beyond the Border Action Plan, partner Molly Reynolds spoke with CBA National about the implications these changes could have on the privacy and security of residents’ data.
The new Plan, which allows for non-residents’ personal data to automatically be shared between Canada and the United States when applying for visas, will now extend to include permanent residents. This means their data will be shared when they move between the two countries—a change the IRCC says will help “reduce fraud and improve border security.”
This amendment, however, comes without any external consultations or privacy and algorithmic assessments, which make it difficult to understand exactly what biometric and biographic data will be collected.
“It is challenging when we see language like ‘biographic’ or ‘biometric’ data to always know what that means because the sources of that data change over time and are not necessarily transparent to the public,” Molly said, noting that issues around vagueness have come up in past iterations of cross-border information-sharing agreements as well.
Nonetheless, mandatory data sharing is not new, Molly pointed out. “I don’t think it’s a completely unusual increase or anything other than a gradual expansion, similar to what we’ve seen so far.”
Molly said the real concerns are less about the specific data the Beyond the Border Action Plan gathers, and more about how the recent amendments were introduced—which did not offer room for public dialogue and regulatory oversight.
“This is a space where there’s so much uncertainty about what exactly is being shared and how the U.S. is using it,” Molly said.
“People want to know that the Canadian agencies have been doing this by the book and have been thoughtful about balancing all the interests.”
Press Contact
Richard Coombs | Senior Manager, Marketing
416.865.3815