ICNL logo

The International Journal
of Not-for-Profit Law

Volume 7, Issue 1, November 2004

A publication of the International Center for Not-for-Profit Law

Table of Contents

Letter from the Editor

Nurturing Civil Society

The UN and Civil Society
John D. Clark

Civil Society and Media Freedom: Problems of Purpose and Sustainability in Democratic Transition
Craig L. LaMay

Religion in its Place
Jim Sleeper

Women, Civil Society, and NGOs in Post-Soviet Azerbaijan
Nayereh Tohidi


Legal Changes Affecting Not-for-Profits in Japan
J. Hana Heinekin and Robert Pekkanen

Lazarus Rising: Civil Society and Sierra Leone's Return from the Grave
J. Peter Pham

Ten Emerging Principles of Governance by Nonprofit Corporations and Guides to a Safe Harbor
Thomas Silk

Emerging International Information Collection and Sharing Regimes: The Consequences for Canadian Charities
Terrance S. Carter and Sean S. Carter

Politics and the Pulpit
Milton Cerny


Effective Economic Decisionmaking by Nonprofit Organizations
By Dennis R. Young
Reviewed by David Robinson

Framing Democracy: Civil Society and Civic Movements in Eastern Europe
By John K. Glenn III
Reviewed by Gerald M. Easter

American Creed: Philanthropy and the Rise of Civil Society, 1700 - 1865
By Kathleen D. McCarthy
Reviewed by Matthew Crenson

- - - - - - - - - -

Download this issue (PDF) | Editorial Board

Emerging International Information Collection and Sharing Regimes: The Consequences for Canadian Charities

By Terrance S. Carter, B.A., L.L.B., and Sean S. Carter*


Information sharing and centralized databases of personal information are fundamental mechanisms of anti-terrorism initiatives worldwide. Such sharing and collection of information has exponentially increased in recent years, not only between domestic government agencies, but also between security agencies of different states. A manifestation of these data collection and sharing initiatives in Canada of interest to charities are the Advance Passenger Information/Passenger Name Record (“API”/”PNR”) programs, which have been gradually implemented since the fall of 2002. The API/PNR programs involve the Canadian Border Services Agency (“CBSA”) maintaining a database of airline passenger information that will be collected and subjected to ongoing analysis.[1] As part of the federal government’s anti-terrorism initiative, these programs were introduced under a purported concern for public safety and security, but they may have much broader implications. Charities with representatives who travel internationally need to be aware of the potential risks that the charity and the individual may consequently be subject to as a result of these programs.


The API program, implemented by the CBSA in October 2002, is a database of basic information about passengers collected during the check-in process for air travel. The PNR program, which began its staged implementation during the summer of 2003, involves information concerning the individual traveler’s reservation and itinerary as recorded by the carrier’s reservation system, a travel agent or reservation system. The PNR collects the passenger’s full name, date of birth, gender, citizenship or nationality, and “any other information relating to the person in a reservation system.”[2] The PNR program is in its final stage of implementation, which involves the automated sharing of information with authorities in the United States, and began in the spring of 2004.

Information collected under the API/PNR programs is subject to ongoing intelligence analysis for not only present but “future threats” pertaining to anti-terrorism and to “security, public health and criminal activity.” This information will be kept for six years. Additionally, the information, which is stored in a central database, may be shared with other agencies or departments for non-customs purposes under certain circumstances. The CBSA has further indicated that these programs, which are currently limited to air travel, will ultimately be expanded to all modes of transportation. All Canadian API/PNR information on potentially “high-risk” persons will be shared with U.S. customs and immigration authorities, in accordance with a “Memorandum of Understanding” between Canada and the United States.[3]

Information sharing and collection initiatives, such as the API/PNR programs, stem from a collection of non-legislated bilateral security agreements with the United States, international conventions, and domestic legislation and regulations. This includes the “32 Point Smart Border Agreement,” which calls for increased coordination and information sharing between Canadian and U.S. police and intelligence services, and the aforementioned “Memorandum of Understanding.” Data collection initiatives like the API/PNR programs were given statutory and regulatory force in fulfilment of the bilateral security agreements.

One of the central pieces of legislation implementing the bilateral security agreements is the controversial Public Safety Act, 2002, S.C. 2004, c. 15, which received Royal Assent on May 7, 2004 (the “Public Safety Act”). The Public Safety Act contains provisions for the collection and sharing of personal information through the API/PNR programs between airlines, Canadian Security Intelligence Services, the Royal Canadian Mounted Police, and various government agencies, as well as with foreign governments, for purposes that extend beyond air safety and national security. The API/PNR programs have come under criticism from many fronts. The Privacy Commissioner of Canada, Jennifer Stoddart, and organizations such as the Canadian Bar Association (“CBA”) have openly raised concerns about this type of data collection system in Canada. In its submission on the Public Safety Act, the CBA said the Act “fails to find any appropriate balance between security and privacy and human rights.”[4] In a March 2004 submission to the Senate Standing Committee on Transport and Communications regarding the Public Safety Act, the Privacy Commissioner stated that “the legislation goes beyond fighting terrorism and enhancing transportation safety” and that would set a “very dangerous precedent.”[5]

Two further pieces of legislation were used to implement the initiatives of the bilateral security agreements: the Senate’s An Act to amend the Customs Act and to make related amendments to other Acts, S.C. 2001, c. 25 (“Bill S-23”), and the House of Common’s An Act to amend the Aeronautics Act, S.C. 2001, c. 38 (“Bill C-44”). Under Bill S-23, Canada Customs has access to all information in airline or travel agent reservation systems pertaining to travelers arriving in Canada, and can widely share the information. Bill C-44 authorizes Canadian air carriers to provide passenger information to authorities in foreign states. Canada’s commitment to these initiatives was clearly reiterated in Canada’s first “National Security Policy,” which was released in April 2004.[6] A new National Risk Assessment Centre (the “Centre”) was opened in Ottawa in January 2004 in order to implement the program. The Centre will receive all passenger information, analyze it, and share it with U.S. counterparts, with virtually no restrictions on what happens to information once it passes out of Canadian hands.[7] Concerns about the implications of the new regime of information sharing and collection, and what happens to information once it leaves Canada, were highlighted by the Maher Arar case and his deportation to Syria by the United States. The outcome and recommendations of the public inquiry into his deportation and the events surrounding it may play an important role in reforming the current information collection and sharing system.

Implications for Canadian Charities

The API/PNR programs should be of particular concern to directors, officers, employees, and volunteers of charities who travel internationally, especially to regions that may be considered ‘conflict zones’. An individual’s travel patterns may subject that person and the organization that he or she represents to an investigation as a potential ‘security threat’ under the API/PNR programs. This type of information may be considered in an investigation for the deregistration process of charities under the Charities Registration (Security Information) Act, as amended by the Anti-terrorism Act, S.C. 2001, c. 41, s. 6 (in force December 24, 2001).[8] Charities, their directors, officers, employees, and volunteers need to also be aware that not only may the information collected under the API/PNR programs be subject to ongoing scrutiny and investigation by various Canadian and U.S. authorities, but the information may also be shared with, or obtained by, other foreign security agencies.


It is difficult to speculate on what the long-term ramifications of this unprecedented information collection and sharing regime will be, largely because many of the details of its implementation and specifics of its operation are kept from public scrutiny in the interests of ‘national security.’ However, charities need to be particularly aware of these programs and the potential risks that both the organization and involved individuals may be subject to as a result.

The API/PNR programs are part of an emerging regime of comprehensive information awareness that have been introduced and justified as anti-terrorism initiatives, but have a much broader range of application and use. These types of information collection and sharing programs are not specific to Canada or even to North America; rather, they are an ever-emerging reality internationally. In May 2004, the United States and the European Union, after protracted discussions over many months, and despite ongoing opposition by the European Parliament and human rights groups, entered into a formal agreement to share information on all airline passengers crossing the Atlantic.[9] Such programs are substantial, widespread, and likely a permanent part of the foreseeable future. It is, therefore, essential to understand, as much as possible, the scope of information that is being collected, what is being done with it, and who has access to it, in order to protect individuals and organizations that the individuals represent. More information about the API/PNR programs is available from CBSA in the form of a fact sheet[10] and press releases.[11] Additional commentary on the API/PNR programs and fact sheets advising Canadians on protecting their personal information when it crosses borders is available from the Privacy Commissioner’s website.[12]


* Terrance S. Carter of Carter & Associates in Orangeville, Ontario, practices primarily in the area of charity and not-for-profit law, and is counsel to and affiliated with Fasken Martineau DuMoulin LLP. He is a member of Canada Revenue Agency’s Charity Advisory Committee, and has been recognized as one of the leading experts in the area of charity and not-for-profit law in Canada by Lexpert. He is also a frequent writer and speaker in the area of charity and not-for-profit law across Canada and internationally, as well as editor of www.charitylaw.ca, www.churchlaw.ca, and www.antiterrorism.ca. Sean S. Carter is in his final year at the University of Toronto, completing a joint specialist degree in Political Science and Philosophy, as well as a writing assistant with Carters.

[1] The CBSA integrates several key functions previously spread among three organizations: the Customs program from the Canada Customs and Revenue Agency, the Intelligence, Interdiction and Enforcement program from Citizenship and Immigration Canada, and the Import Inspection at Ports of Entry program from the Canadian Food Inspection Agency.

[2] “The CCRA: Protecting Canadians”, Press Release, (September 27, 2002), available at http://www.ccra-adrc.gc.ca/newsroom/releases/2002/sep/api-e.html (accessed June 12, 2003).

[3] “Smart Border Action Plan: Progress Report” available at http://www.cbsa-asfc.gc.ca/general/blue_print/compliance/report-e.html (accessed August 9, 2004).

[4] “Submission on Bill C-17 Public Safety Act 2002” available at http://www.cba.org/cba/pdf/c-17-eng.pdf (accessed August 11, 2004).

[5] “Senate Standing Committee on Transport and Communications Bill C-7, the Public Safety Act,2002”available at http://www.privcom.gc.ca/speech/2004/sp-d_040318_e.asp (accessed August 11, 2004).

[6] “Securing An Open Society: Canada’s National Security Policy” available at http://www.pco-bcp.gc.ca/docs/Publications/NatSecurnat/natsecurnat_e.pdf (accessed August 9, 2004).

[7] “Anti-terrorism and the Security Agenda: Impact on Rights, Freedoms and Democracy” available at http://www.antiterrorismlaw.ca/Public%20Forum%20-%20ICLMG.pdf (accessed August 12, 2004).

[8] For more information about the deregistration process and the evidence that may initiate or be used during the process, please see Charities and Compliance with Anti-Terrorism Legislation in Canada: The Shadow of the Law available at www.antiterrorismlaw.ca

[9] “EU in passenger data deal with US” BBC Online News, May 17, 2004, available at http://news.bbc.co.uk/1/hi/world/europe/3721625.stm (accessed: August 19, 2004).

[10] “Advance Passenger Name Record” Factsheet, July 2003, available at http://www.ccra-adrc.gc.ca/newsroom/factsheets/2003/july/july_api_pnr-e.html (accessed: November 11, 2003).

[11] “The CCRA: Protecting Canadians”, Press Release, (September 27, 2002), available at http://www.ccra-adrc.gc.ca/newsroom/releases/2002/sep/api-e.html (accessed: November 11, 2003) and “Advance Passenger Information/Passenger Name Record” available at http://www.cbsa-asfc.gc.ca/newsroom/factsheets/2004/0124passenger-e.html (accessed August 19, 2004).

[12] “Privacy Commissioner of Canada criticizes CCRA's plans for "Big Brother" database”, available at http://www.privcom.gc.ca/media/nr-c/02_05_b_020926_2_e.asp (accessed: August 20, 2004), and “What Canadians Can Do to Protect Their Personal Information Transferred Across Borders” available at: http://www.privcom.gc.ca/fs-fi/02_05_d_23_e.asp (accessed: August 20, 2004).


Copyright © 2012 The International Center for Not-for-Profit Law (ICNL)
ISSN: 1556-5157