Criminal Intelligence Service Canada's (CISC) Automated Criminal Intelligence Information System (ACIIS) database

This report contains a Privacy Impact Assessment (PIA) for Criminal Intelligence Service Canada's (CISC) Automated Criminal Intelligence Information System (ACIIS) database. The scope of this PIA encompasses the current ACIIS database. It is understood that this PIA is limited to the current partners sharing information through ACIIS and will be subject to updates/amendments as new agencies gain access to the system.

CISC was established in 1970 to unite the Canadian criminal intelligence community at municipal, provincial and federal levels to more effectively and efficiently combat organized and serious crime affecting Canada. CISC consists of a Central Bureau and Provincial Bureaus in each province.

It is administered under the stewardship of the RCMP, as an integral part of the Specialized Police Services. Its seat is located in Ottawa, Ontario, Canada. The mandate of CISC is to be a strategically-focused organization which ensures the timely production and exchange of criminal information and intelligence among CISC member agencies and to be a national centre of excellence, in support of the national effort to detect, reduce, disrupt and prevent organized and serious crime affecting Canada.

ACIIS is Canada's only national criminal intelligence database. Managed by CISC, it contains criminal information and intelligence on organized and serious crime in or affecting Canada, including data on criminals or suspected criminals and businesses or organizations if they are involved in organized crime or serious crime that may affect more than one jurisdiction.

The authority to collect information is based on the RCMP's policing duties. Section 18 of the Royal Canadian Mounted Police Act and section 14 of the Royal Canadian Mounted Police Regulations confer authority to collect personal information. The personal information is collected by law enforcement and supports the CISC mandate. The system has been on-line since 1978 and has allowed the law enforcement community to securely share criminal information and intelligence. Over the past 5 years, the volume of contributions to and queries of the ACIIS system have increased annually.

Through domestic collaboration, and consultation with Public Safety Canada portfolio and federal partners, a unified Organized Crime Strategy has been developed to allow for a whole-of- government response to current and emerging threats from organized crime. Law enforcement agencies are increasingly striving to exchange timely intelligence with the goal of identifying threats posed by serious and organized crime groups in Canada. With the overarching objective of facilitating the prevention, disruption and reduction of criminal activity, ACIIS enables increased information sharing; improved communication; and enhanced service delivery to members of the law enforcement community. ACIIS is an important component in law enforcement's objective to strengthen the alignment between intelligence and operations, all in support of intelligence-led law enforcement. Partners involved in this program include federal, provincial and municipal law enforcement agencies who can view and contribute to the database, as well as private sector organizations and international organizations who can only contribute information to the database.

This PIA identified the following privacy risks along with measures for their mitigation

Control and use of personal information

ACIIS is a database where specific law enforcement data can be entered, queried and ultimately shared with law enforcement partners for intelligence purposes. CISC controls the infrastructure, which comprises ACIIS, however custody and control of the information entered on ACIIS is deemed to be the sole domain of the agency making the entry. Access to any information entered by an agency can only be granted by that agency under the authority of the federal or provincial access legislation that applies to that agency and under the premise of the Third Party Rule on information sharing. CISC grants access to ACIIS, and all agencies accessing ACIIS are governed by the policies contained in the ACIIS Policy and Regulations. All agencies enter into a memorandum of understanding, describing the responsibilities of the parties, in order to directly access ACIIS.

Data integrity

ACIIS is a national repository of law enforcement intelligence that amounts to a vital shared resource within Canada's law enforcement community. The reliability and effectiveness of this support system depends on the accuracy, validity and relevance of the data contained within its databanks. ACIIS has well-established standards and practices to ensure the accuracy, validity and relevance of its data. Each contributing agency is responsible for the data that they input. Reports are provided to ensure that records are validated at periodic intervals. As well, purge reports are generated to ensure that the expiry date of records remains current. Finally, each agency is subject to an independent audit by ACIIS auditors.

Date modified:

2019-08-07