RECOL/CAFC System Merger

Executive summary

This report is a Privacy Impact Assessment (PIA) for the merged databases: the RCMP's web-based system, Reporting Economic Crime On-Line (RECOL) database and the Canadian Anti-Fraud Centre (CAFC) database (formally known as PhoneBusters). Both of these databases are Canadian repositories for the reporting of domestic and trans-national criminal fraud complaints.

The merging of these databases will provide better coordination of efforts at all levels to deal more effectively with the problem of fraud across jurisdictions. The scope of this PIA encompasses the integration of data collection from RECOL and the CAFC into one common national fraud complaint database. For clarification the updated RECOL reporting system will be now called CAFC Public Facing Module. The updated CAFC Call-Taker system will now be called CAFC Call-Taker Module. Both of these applications will feed into the CAFC centralized Oracle database located in the CPIC Data Centre in Ottawa.

The purpose of the old and new systems is to collect and store data generated by complainants and victims of fraudulent activities. Furthermore it will be used to gather and analyze intelligence information to assist law enforcement and investigative bodies involved in detecting, prosecuting and preventing fraud and other economic crime.

In the current CAFC environment in North Bay, Ontario, the CAFC accepts unverified complaints from the public related to identity theft and a variety of fraud schemes. The information is obtained through direct communication by telephone, facsimile, e-mail and regular mail. The security cleared bilingual call-takers record pertinent information that is voluntarily provided into the CAFC system (PhoneBusters). In the new system (CAFC Call-Taker), the Call-Takers duties will not change except adding the information into a web application instead of a windows application. The new system will also have new features and an up-to-date look. A complainant filing with the CAFC may receive a material copy of their complaint by making a formal request. The CAFC, for privacy reasons, asks that the request go through their local police or through the RCMP Access to Information and Privacy Branch. The filer can amend their original complaint by calling the call-taker centre.

With the new application, a number of Law Enforcement agencies will be granted access to the system in order to query data against the CAFC database. For those Law Enforcement agencies that will not have access to the system, they will request further information from the CAFC in North Bay by phone or e-mail. The CAFC Criminal Intelligence Analytical Unit (CIAU) will run queries for these Law Enforcement Agencies that do not have access to the CAFC system. The CIAU will disseminate complaint information on a priority basis, through intelligence reports emanating from the CAFC CIAU.

History of old applications

PhoneBusters commenced in 1993, as an OPP initiative, with a mandate to identify, investigate, and prosecute illegal telemarketers from Montreal who were preying on residents in Ontario and all across Canada. By 1997, PhoneBusters evolved from an investigative unit into a fraud complaint intake and intelligence centre that provides crime prevention and criminal investigative support. The complaint database maintained by the CAFC became an important tool for law enforcement. In 2001, the RCMP joined PhoneBusters as a contributing partner and it became the PhoneBusters National Call Center and is jointly managed and operated by the Ontario Provincial Police (OPP), Industry Canada's Competition Bureau and the RCMP Federal Coordination Centre. The CAFC is located in North Bay, Ontario.

Another way for complainants to currently report fraud and other economic crime is through RECOL, a secure web-based fraud reporting system which accepts almost any type of criminal fraud complaint via the World-Wide Web. The condition is that there needs to be some Canadian content involved, such as a victim/suspect domiciled in Canada or that the occurrence touched Canadian jurisdictional parameters. RECOL operates in a secure environment similar to what exists in Internet banking, i.e., secure socket layering and appropriate firewall devices.

Originally RECOL was designed and built primarily to keep pace with the advancement of technology and to offer victims an easy way to report economic crime across jurisdictions. A person or organization could use RECOL as a single point of contact to lodge a fraud complaint. RECOL is being mapped to a data standard format coordinated through the Public Safety Interoperability Directorate (PSID) under the auspices of Public Safety and Emergency Preparedness Canada (PSEPC). RECOL is a project recognized under the G-8 Law Enforcement Projects Sub-Group (LEPSG) agenda items. However the new CAFC Public Facing Module will now incorporate the most recent Government of Canada Web Standards (accessibility, usability, interoperability) directives. Currently all RECOL complaints are forwarded electronically through a virtual private network (VPN) to the National Crime Database (NCDB). Partners that have access to NCDB will access and retrieve their information from NCDB. Partners that do not have access to NCDB will have a secure mailbox (secure socket layer, SSL) in the RECOL domain to access and retrieve their information. Presently, the RCMP and the OPP are the only law enforcement agencies receiving direct RECOL notifications. It is expected within the next year that the information supplied to NCDB will stop as a new analytical database is being developed within the RCMP Federal Coordination Centre.

The CAFC Public Facing Module is an RCMP initiative and was developed by the Federal Coordination Centre to replace RECOL. To comply with government regulations, filers will now have to go to the Government of Canada GCKey webpage and sign-in with or register for a GCKey user ID and password prior to accessing the CAFC Public Facing Module which will replace the existing RECOL system. The CAFC Public Facing Module will automate complaint information analysis and directly send the information to the CAFC Oracle database. The CAFC Public Facing data includes personal identifiers such as name, date of birth, address, crime type, suspect information, victim information, filer information and narrative. Prior to the filer entering the information, the filer is presented with the fact that consent to the referral of the information to law enforcement is permitted by them submitting the information via the Internet.

New applications

The new CAFC system will include 3 modules for 3 different user bases. One application will be called CAFC Public-Facing Module and used by public only users. The second application will be called CAFC Call-Taker Module and used mostly by the Centre in North Bay (call-takers, SeniorBusters, Criminal Intelligence Analyst Unit) and by CIO support personnel. The third application will be called CAFC Law Enforcement Module and will be used by approved Law Enforcement partners. The CAFC Public-Facing and CAFC Call-Taker Module will write data to a centralized oracle database. The CAFC Law Enforcement Module will be used only to query a portion of the data stored in the centralized oracle database.

The new CAFC system will support the integrated policing philosophy. This initiative would provide complainants with alternate means of reporting fraud intelligence to law enforcement and accredited investigative bodies, while allowing the collection of complaint information into one centralized national law enforcement repository. Should the filer experience problems in logging onto the CAFC Public Facing Module or has difficulty while filing a complaint, bilingual support personnel would be available through the CAFC. Furthermore, it will reduce the number of duplicate records as the new CAFC Public Facing Module and the CAFC Call-Taker Module will both feed daily into a centralized CAFC Oracle database.

The new CAFC system will provide better criminal information and investigative support to law enforcement agencies through the quick and effective exchange of tactical and strategic information on a national and international basis. This will be done in accordance with the legal parameters for information sharing among respective jurisdictions. The efficiency of the CAFC Criminal Intelligence Analytical Unit will be greatly enhanced with a more robust national CAFC Oracle database.

The new CAFC system will standardize, encourage, and centralize fraud complaint reporting, thereby providing a better overall perspective on fraud activity in Canada. The information stored in the CAFC Oracle database would become one of the main sources of data in Canada for fraud statistics and trend analysis.

Personal information will be collected from complaint filers. At the onset, all filers will be informed of the purpose for collecting personal information and, they must accept that their information may be disclosed to relevant law enforcement agencies. This agreement by the filer must be done in order for their complaint to be included in the CAFC Oracle database. Filers will be further advised that if they are the victim of an ongoing fraud that they should immediately contact their police force of jurisdiction. Once a filer has given consent, all complaint data will be automatically channeled through the CAFC Public Facing Module and stored into the CAFC Oracle database. As has been stated, the information may be subsequently disclosed to law enforcement agencies for the purpose for which it was obtained, as per paragraph 8(2)(a) of the Canadian Privacy Act. The RCMP intends to exercise control over personal information disclosure to the law enforcement partners through privacy compliant MOUs. The CAFC Joint Management Team will be the approval authority granting agencies access to the data related to the CAFC`s mandate. Access to non CAFC related data will be granted by the RCMP Federal Coordination Centre located in Ottawa.

The records contained within the CAFC centralized database will be purged after 20 years from the date of creation. Since the primary purpose of the information is to identify trends, recurring Modus operandi, along with providing suspects, victims and witness information to law enforcement, the retention period will enable analysts to prevent future crimes, solve existing cases by sharing the intelligence information with local, national and international police agencies. The retention period for the operational fraud files will remain as is in their respective Occurrence/Records Management Systems (ORMS), as CAFC data resides as a separate data set on its own database.

The information gathered through the CAFC Oracle database would also be used for the purposes of planning, forecasting, training and intelligence evaluation. The RCMP will ensure that aggregate data and non-personal information will be used for such purposes.

In accordance with Departmental Security Branch and the Threat and Risk Assessment completed, the following privacy risks and mitigating strategies have been established.

  • The risk of a technical attack against the application and database will be safeguarded by having the system operate in a highly controlled network environment. An Application scan will be done for the CAFC Public Facing and CAFC Call Taker Modules. The application in the Internet Presence Environment (IPE) will be behind a Web Application Firewall (WAF).
  • The risk of unauthorized or unnecessary access to the applications will be safeguarded by having CAFC devices stored in a physically secure location. Law enforcement partners, CAFC and RCMP users will be granted access by the CAFC Policy administrator who will require non-RCMP users to sign Memorandums of Understanding to ensure privacy legislation is adhered to. All users will be required to have a Government of Canada GCKey or an Entrust Token to gain access to the database.
  • The risk of the database being compromised will be safeguarded by having the system run on the RCMP ROSS system which will be located in a secure Ottawa location.
  • The risk of security incidents will be safeguarded by monitoring, ISP intrusion detection, WAF and Secure Tokens.

In conclusion, the privacy issues and/or risks identified in this PIA can be resolved through the development, documentation and implementation of the resolutions outlined. The appropriate procedures and processes will ensure compliance with the Access to Information Act and the Privacy Act.

Date modified: