Another great audit report from the Office of the Privacy Commissioner here in Canada, investigating the Financial Transactions and Reports Analysis Centre of Canada (Fintrac) has just been released. Fintrac, created in 2001 in the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and now with even more extended powers, operates a databases which is supposed to contain details of those suspected of supporting terrorism or money laundering (often on behalf of major criminal and terrorist groups).
However, there is a good story in The Globe and Mail today which leads on the most worrying aspect identified by the audit, which is that in many cases, the Fintrac database is massively overreliant on unsubstantiated suspicions from low-level functionaries in banks, insurance firms and credit agencies. Some of these ‘suspicions’ were clearly simple prejudice as they appeared to be based entirely on ethnicity. Part of the problem is that there are no clear guidelines as to what constitutes a reasonable suspicion in the legislation.
But being put on the database can have serious consequences, firstly because of the potential penalties involved (up to $2m CAN fines and 5-years imprisonment) and secondly, because the information in the Fintrac database can be accessed by Canadian Security Intelligence Service (CSIS), the Royal Canadian Mounted Police (the RCMP – Canada’s FBI) or shared with overseas police and intelligence services. In the latter case, as we already know, mounting errors can result in innocent people being subject to ever more harsh treatment including being excluded from countries, placed on no-fly lists or even the UN1267 ‘known terrorists and affiliates’ list, as well as, in the worst cases, opening them up to extraordinary rendition, imprisonment and torture.
Jennifer Stoddart, the current Privacy Commissioner, has a well-deserved reputation getting positive changes made, so let’s hope she can persuade Fintrac to get this sorted out pretty soon.