Canada Gazette, Part I, Volume 153, Number 29: Regulations Amending the Secure Air Travel Regulations and the Designated Provisions Regulations
July 20, 2019
Secure Air Travel Act
Department of Public Safety and Emergency Preparedness
Department of Transport
REGULATORY IMPACT ANALYSIS STATEMENT
(This statement is not part of the Regulations.)
- Issues: The Passenger Protect Program (PPP) would be enhanced to allow the Government of Canada to conduct passenger screening against a list of individuals for whom there are reasonable grounds to suspect that the individual will engage or attempt to engage in an act that would threaten transportation security or travel by air for the purpose of committing certain terrorism offences. As of November 2018, 114 commercial air carriers conducting domestic and international flights conduct this passenger screening. Screening practices are not standardized and there is no mechanism to provide a redress option for travellers whose names have been falsely matched with that of a listed individual.
- Description: Amendments to the Secure Air Travel Regulations (the “Regulations” or “SATR”) are needed following recent amendments to the Secure Air Travel Act (SATA) to enable the Government of Canada to collect reliable information on all travellers on board or expected to be on board commercial passenger flights to, from and within Canada, by specifying which information may be collected, the conveyances (i.e. aircraft) for which information is required, and the circumstances, time and manner in which the information must be provided to the Government.
- Rationale: The proposed Regulations would enhance national security and public safety by allowing for government centralized screening. Among the benefits is the determination, earlier in the travel continuum, of whether a passenger is in fact on the SATA List. This means that fewer travellers will be delayed by having to present themselves at an air carrier service counter to obtain a boarding pass, and screening against the SATA List will be conducted in a more consistent fashion.
The present value of the costs associated with the proposed Regulations is estimated at $166.7 million, or $23.7 million in annualized value over the first 10 years of implementation. The benefits include improved security and well-being for air travellers and Canadians as well as time savings for air carriers and air travellers. The one-for-one rule applies as there are incremental administrative burden costs for business. The small business lens applies; however, the impacts are expected to be minimal.
The current PPP relies on air carriers to screen passenger information against the Secure Air Travel Act (SATA) List, screening which is not consistently and adequately performed by all air carriers bound by SATA. Furthermore, the current PPP does not provide a redress option for travellers whose names have been falsely matched with that of an individual on the SATA List. These program gaps have created the risks and vulnerabilities that follow.
I. Air carrier screening against the SATA List
Air carriers have individual processes in place to screen passenger information against the SATA List; these processes vary from carrier to carrier. Inconsistent and in some cases inadequate passenger screening against the SATA List can result in listed individuals not being properly identified (therefore not being subject to operational directives issued by the Minister of Public Safety and Emergency Preparedness), as well as false-positive matches that result in certain travellers experiencing travel difficulties and delays. There is also the possibility that air carriers may be using an outdated version of the SATA List when performing SATA screening. It is the carrier’s responsibility to ensure that they use only the most up-to-date List when screening their passengers; however, there have been instances where this has not occurred. This could allow listed persons to fly undetected. Finally, while air carriers are required to inform Transport Canada (TC) when a potential match to the SATA List is identified, there is no mechanism for determining whether air carriers are encountering listed persons and allowing them to fly without informing the Government.
The SATA List, which includes the names, aliases, date of birth (DOB) and gender of listed persons, is shared by TC with foreign and domestic air carriers for the purpose of screening passenger data. The Government has safeguards in place — including oversight by the Office of the Privacy Commissioner — to protect the personal information of Canadians gathered and shared under the PPP. Despite prohibition under the Regulations against sharing the List, once it is received by air carriers, there is a risk that it could be shared more widely within their organizations and potentially beyond. TC cannot conduct continuous oversight over how air carriers manage this information beyond the ability to conduct periodic inspections.
III. Procedural fairness — No recourse options for false-positive matches
A consequence of establishing a list of individuals that may pose an imminent threat to transportation security and/or travel by air for the purpose of committing certain terrorism offences (e.g. participating in the activities of a terrorist group whether in Canada or overseas) footnote 1 is that other individuals may share similar if not the same name as those individuals on the SATA List. At the time of screening travellers, air carriers will compare their list of travellers with the SATA List they will have downloaded from the TC secure website.
Air carriers are required to compare the name of the passengers against the names of listed individuals. Therefore, a “match” can happen either because the traveller is indeed the person who is on the SATA List (a true match), or because of similarities between the name of the traveller and the name of a listed person (false-positive match). Without additional data elements to distinguish between the traveller and the listed person, it is not possible for air carriers at this point to differentiate between two people sharing the same name or potentially listed individuals who should not be travelling and who are on a passenger manifest.
These false-positive matches negatively impact travellers by forcing them to perform their check-in at the service counter with an air carrier agent, as the possibility of check-in online or at the self-service kiosk is prohibited by the Regulations for passengers who have been identified as a potential match. By going to the service counter, these passengers will be further verified by providing additional personal information such as their DOB and showing a valid identification document to confirm their identity and that they are not the person who is on the SATA List.
This situation can cause travellers to feel stigmatized (e.g. the No Fly List Kids footnote 2).Currently, the verification against the SATA List is done only with the name of the passenger and without a DOB. As a result, children cannot be screened out and have to be presented to the service counter prior to check-in for further verification. A recourse mechanism to alleviate travelling irritants by air for legitimate travellers is needed.
To respond to these issues, legislative amendments were made to SATA through Bill C-59, An Act Respecting National Security Matters, which received royal assent on June 21, 2019. These amendments establish the legal basis for government-controlled centralized screening and the creation of a redress system. The amendments to the Secure Air Travel Regulations (the Regulations) ensure that all obligations currently imposed on air carriers to screen their passengers against the SATA List are removed and replaced with requirements to share certain passenger information with the Government for centralized screening.
Canada uses a variety of controls to screen and assess the risk of travellers flying to, from, or within Canada. These controls have evolved over time in relation to changes in threats to public safety and security, and the best practices of international partners. The PPP is an example of one such control.
The current PPP was initially introduced by the Government of Canada in June 2007 under the Aeronautics Act, with a mandate to protect national security and identify and prevent individuals who may pose an immediate threat to aviation security from boarding a flight. Since 2011, the PPP is administered by Public Safety Canada (PS) and TC, in cooperation with several federal departments and agencies.
The PPP allows the Minister of Public Safety and Emergency Preparedness to list an individual if there are reasonable grounds to suspect that the individual will engage or attempt to engage in an act that would threaten transportation security, or travel by air for the purpose of committing certain terrorism offences. When a potential match occurs, TC works with air carriers to help determine whether it is a true or false-positive match.
In 2015, SATA was enacted and provided a number of legislative changes to the PPP, including
- expanding the program mandate to address travel by air for terrorism purposes and providing the Minister with the authority to list an individual that the Minister suspects will travel by air for the purpose of committing certain terrorism offences (e.g. to join a terrorist group);
- broadening available operational response measures proportionate to risk when a listed person attempts travel (e.g. directing air carriers to deny boarding to a passenger or request additional screening before the person can enter airport secure zones);
- establishing a basis for administrative recourse — passengers who are denied transportation following a direction made by the Minister may request to have their name removed from the SATA List; and
- establishing the legal authority to share information with foreign governments.
In the fall of 2016, the Government undertook extensive consultations with the general public through the National Security Consultations, which covered a number of issues, including countering radicalization to violence, oversight and accountability, threat reduction and the Anti-terrorism Act, 2015 (former Bill C-51), which received royal assent on June 18, 2015. These consultations generated over 90 000 responses from Canadians, stakeholders and subject matter experts. The consultations revealed that while Canadians supported the idea of a SATA List, there was a strong consensus that measures were needed to reduce the number of false-positive matches and improve the administrative recourse process for listed persons. The input received during the consultation period guided the development of Bill C-59, which constitutes a comprehensive review of Canada’s national security framework and proposed a number of measures that would strengthen Canada’s ability to address new threats and safeguard rights and freedoms. It also shaped the development of the redress mechanism for false-positive matches to the SATA List.
Budget 2018 committed $81.4 million over five years, starting in 2018–19, and $14.0 million per year ongoing, for enhancements to the PPP. These investments will be used to develop a rigorous centralized screening model (IT system to be developed) and establish a redress mechanism for legitimate air travellers who are affected by the program.
Centralized screening will build upon the current system at the Canada Border Services Agency (CBSA): the Advanced Passenger Information/Passenger Name Record (API/ PNR), the Interactive Advance Passenger Information (IAPI) and the Air Exit component of the Entry/Exit (E/E). The IAPI requires that air carriers provide data elements early in the travel continuum (i.e. prior to the international flight departing for Canada). The IAPI ensures that a systematic mechanism is used to identify travellers who are inadmissible to Canada; and to ensure that travellers who lack the prescribed documentation for entry into Canada, such as an electronic Travel Authorization (eTA) or visa, receive a no-board message. Under the Entry/Exit initiative, the CBSA can collect basic biographic information on all Canadians who enter or leave the country. This information will be used to establish complete travel history information, comprising entry and exit records, for all travellers. For both programs, information is collected through electronic passenger manifests received directly from air carriers.
Current PPP model
The Minister is responsible for the PPP, but may be assisted in its administration and enforcement by the Minister of Transport. The Minister is responsible for establishing the SATA List as well as designating appropriate response measures, such as the operational directives the Minister may direct air carriers to comply with in respect of an individual who is on the SATA List when this listed person attempts to travel (e.g. denial of transportation or additional screening). In addition, the Minister provides administrative recourse to those who have been denied transportation.
The Minister of Transport, or the Minister’s delegates, is responsible for the distribution of the SATA List to air carriers, the oversight of verification of passenger identity by air carriers at time of check-in, the enforcement of obligations under the Regulations, the resolution of possible matches of passengers against the SATA List and the communication of operational directives to air carriers.
II. Role of commercial air carriers
Today, air carriers are obligated by SATA to ensure that their passengers are subject to screening before boarding if the following conditions apply (as per the Regulations): the air carrier is operating passenger-carrying flights; the passengers are screened by the Canadian Air Transport Security Authority in Canada, or in another country, by the person or entity responsible for the screening of persons and goods in that country; the air carriers must be flying to or from an Air Terminal Building (ATB); the air carrier must have a Canadian aviation document issued authorizing the transport of 20 or more passengers; and the aircraft they are operating has a maximum certified take-off weight (MCTOW) of 19 000 lbs.
As of November 20, 2018, 114 air carriers are required to screen the names of their passengers against the SATA List before issuing a boarding pass. There are 70 that are Canadian-based commercial passenger air carriers that have an Air Operator Certificate (AOC) issued by TC and operate international and/or domestic flights. The remaining 44 air carriers are foreign-based commercial passenger air carriers that have a Foreign Air Operator Certificate (FAOC) issued by TC and operate international flights to and from Canada.
As per the prescribed requirements in the Regulations, should there be a potential match between a passenger and an individual on the SATA List, air carriers must prevent the passenger from being able to use self-check-in for their flight so that they may meet the passenger and obtain additional personal information, such as their DOB, and conduct further verification against the SATA List. Should this confirm the potential match, air carriers must notify TC and wait for confirmation on whether the potential match is in fact a true match or a false-positive. In the case of a true match, they have to wait for an operational direction, which will be communicated by TC. TC regularly posts an updated SATA List on an internal, secure website for download by the air carriers that are subject to SATA.
In addition, at the time of boarding, as per the process outlined in the Regulations, air carriers must compare the full name of the passenger from the boarding pass with that on the identification documents provided by the passenger at that time. Should there be a major discrepancy between the information on the boarding pass and on the identification documents presented, air carriers must verify the data (e.g. DOB and gender) against the SATA List and, should a potential match be found, they must communicate with TC to determine whether the potential match is a true or false-positive one and follow the direction communicated by TC. The Regulations also currently mandate how air carriers must manage storage of, and access to, the SATA List.
III. SATA screening
When a potential SATA match is identified by the commercial air carriers, the ability for the passenger to use self-check-in (either through the Internet, a mobile application or the self-service kiosk) is disabled in order to force the passenger to present themselves at the air carrier services counter. At the counter, an air carrier agent will ask for additional personal information, such as the DOB of the passenger and their gender, and will verify if the passenger’s information is still the same as the one associated with the potential SATA match.
Should the air carrier agent be unable to resolve the match themselves, they must communicate with TC. At this point, TC officials are responsible for determining whether the passenger potential match is a false-positive or a true match. In the event of a false-positive match, TC will communicate to the air carrier that the passenger is permitted to board the flight. If TC determines that the passenger is a true match, that Department will contact the Minister’s delegate at PS who may issue an operational direction, which could include either a “denial of transportation” or the requirement for “additional screening.” TC is responsible for communicating the direction to the air carrier. In the event of a denial of boarding, air carriers must provide the individual with written notification advising them that they have been the subject of a direction issued by the Minister and provide information on the administrative recourse process and contact information, should they wish to apply to the Minister to have their name removed from the SATA List.
IV. Recourse mechanism for SATA-listed persons
Under the Regulations, a listed person who has been denied transportation as a result of a direction made by the Minister and has received a written notification for such a decision may apply to the Minister to have their name removed from the SATA List. Under SATA, upon receipt of an application, the Minister must determine whether there are still reasonable grounds to suspect that the individual will engage or attempt to engage in an act that would threaten aviation security or travel by air for the purpose of committing an act of terrorism. The Minister must also give notice to the person, without delay, of any decision made in respect of the application.
Following a negative decision (i.e. the individual remains listed), the individual can appeal the decision to the Federal Court. When an appeal is made, the Federal Court must determine whether the decision to maintain the individual’s name on the SATA List was reasonable. The Federal Court may order that the appellant’s name be removed from the List.
V. False-positive matches
Individuals who are false-positive matches may experience travel difficulties or delays as a result of sharing the same or a similar name to a SATA-listed person. In 2016, PS created the Passenger Protect Inquiries Office (PPIO) to assist travellers who have experienced travel difficulties or delays related to aviation security lists in an attempt to address their complaints and questions. The PPIO provides information on available redress mechanisms [e.g. information on how to apply for the U.S. redress mechanism (DHS TRIP)]; reminds travellers that they should use their full name, as provided on their passport or other government-issued identification that is provided to air carriers at time of booking; and advises travellers to contact the airline’s customer service representative if they have experienced issues with a specific air carrier in the past to explain their situation and to see what steps could be taken prior to arriving at the airport to alleviate delays (i.e. that travellers can proactively seek out to help resolve or reduce their issue). However, experience to date has shown that these approaches have not always satisfactorily resolved the issues faced by some falsely matched individuals who continue to be “flagged” as a potential match when they travel.
The proposed amendments are required to operationalize the 2019 legislative amendments made to SATA.
New model: enhanced Passenger Protect Program
SATA, as amended by Bill C-59, transfers the responsibility for screening passengers against the SATA List from air carriers to the Government of Canada, namely, the Minister of Public Safety and Emergency Preparedness, with assistance from TC and the CBSA. For the Minister to fulfill this responsibility, SATA requires air carriers to provide the Minister (in practice the CBSA, the centralized receiver of all electronic passenger manifests) with prescribed data (name, DOB, gender and, if provided, unique identifier) on each person who is on board or expected to be on board an aircraft for any flight captured under the Regulations, if that information is in the air carrier’s control, within a prescribed time and manner.
A redress system is being established to reduce the number of false-positive matches with the SATA List. Travellers who think they may have experienced difficulty travelling as a result of having a similar name to an individual on the List would be able to apply for a unique identifier, known as a redress number. This unique identifier, collected by air carriers at the time of reservation and/or at check-in, if provided, would help to distinguish them from listed individuals, should their name, DOB and/or gender be similar or the same as that of a listed person.
As is currently the case, the Minister will continue to list (and delist) individuals on the SATA List, establish appropriate response measures (issue operational directives to deny boarding or conduct additional screening), as well as provide administrative recourse to those who have been denied transportation.
The CBSA would leverage its existing programs (e.g. API/ PNR, IAPI and Entry/Exit) that already require air carriers to provide similar passenger and flight data, to support the Government’s centralized screening against the SATA List. Air carriers that currently participate in existing programs would be able to use existing transmission methods in order to send this data to the CBSA. The Agency will receive all passenger data and flight data for each flight operated by one of the air carriers bound by SATA and determine, through centralized screening, if there are potential matches against the List. Should there be a potential match, an electronic message to the air carriers will be provided by the CBSA to ensure that air carriers prevent the ability of the passengers who could be a potential match to a listed person to use self-check-in for their flight. At the same time, the Agency will notify the newly established Passenger Protect Program Operations Centre (PPPOC) of the potential match.
The Minister of Transport will remain the main point of contact for air carriers. Through the PPPOC, TC officials will continue to communicate operational directives made by the Minister of Public Safety and Emergency Preparedness. In addition, as is currently the case, TC will be in charge of determining whether the potential matches found by the CBSA system are indeed true matches or false-positive ones and will continue to liaise with the Minister’s delegate who may issue the operational directives.
To support the enhanced model, the following amendments would be made to the Regulations:
New provisions would be added to the Regulations to require commercial air carriers that operate international inbound/outbound and domestic flights to submit information on each passenger and flight at the following intervals:
- prior to check-in (72 hours prior to the scheduled departure time or, for reservations that are made after that time, the time at which the reservation is made);
- at check-in;
- as soon as feasible after the air carrier makes or becomes aware of any change to the information that occurs after it has already been provided to the Minister; and
- at flight close-out (no later than 30 minutes after flight departure for passengers who are on board the aircraft).
The amendments will also require that air carriers receive and acknowledge the receipt of government messages/directions and provide cancelled passenger reservation and/or flight cancellation messages no later than 30 minutes after air carriers become aware of the cancellation.
Prescribed information: passenger and flight data elements required
For international travel, air carriers are already required to provide the CBSA with the name, DOB and gender of travellers flying into, or leaving, Canada for the CBSA Air programs. In order to reduce the number of false-positive matches and lower the risks to national security, the proposed amendments would expand the scope of this data collection by also requiring air carriers operating domestic flights within Canada to collect the following passenger information at the time of booking their reservation:
- (a) DOB; and
- (b) gender. footnote 3
Air carriers will then be obliged to retain this collected information as long as necessary (e.g. 72 hours to departure, or in the event of an interruption of the electronic communications system, until the interruption is over and air carriers have sent the information) to comply with the requirements to provide information at certain prescribed times.
In addition, specific to the PPP, air carriers operating either or both international and domestic flights will have to transmit the unique identifier (redress number) to the Government, if provided by the traveller.
For international travel, air carriers must provide, at the time of check-in, information about the type of travel documents used to board a flight as well as the nationality/citizenship of the traveller, as per the CBSA Air programs. The same prescribed passenger information will be required from air carriers operating domestic flights within Canada, but only if the traveller provides a passport or a Canadian or American permanent card as an identification document, for the purpose of screening/comparing the passenger’s information with that of listed persons. At this point of the process, other accepted documents for travel and/or identification verification at the boarding gate would not be useful to assist with determining whether the potential match is a true or false positive, as there are challenges in verifying the authenticity of documents other than passports or Canadian or American permanent resident cards.
To avoid disruptions for travellers who may be a false match, air carriers may request from passengers, at the time of the flight reservation, information such as the type of travel document, the document number, the country of issuance and the expiration date, as well as their nationality/citizenship. This information would not be considered mandatory, but if within the air carriers’ control, it must be transmitted to the CBSA prior to check-in or within 72 hours.
By having these data elements, the Government would be able to better distinguish between persons who are on the SATA List and travellers with similar names through the centralized screening process.
To facilitate the exchange of information between the Government and air carriers, flight and passenger information will have to be provided to the CBSA at the same time (this is already the case for international flights).
Under the proposed amendments, air carriers will be required to provide the following prescribed information for domestic and international flights, if in the air carriers’ control:
- their passengers’ unique identifier — redress number;
- their passengers’ citizenship or nationality;
- the number and expiry date of their passengers’ passport and the name of the country or entity that issued it, or the number and expiry date of their Canadian or United States permanent resident card;
- their unique identifier — as provided by the air carrier;
- their reservation record locator number;
- their unique passenger reference, which is assigned to them by the air carrier;
- the flight code that identifies the air carrier and the flight number of the aircraft transporting the person;
- the date, time of departure and place of departure of the aircraft transporting the person; and
- the scheduled date, time of arrival and place of arrival of the aircraft transporting the person.
The proposed amendments would add new provisions requiring air carriers to transmit the prescribed information by using an electronic communication system that must be compatible with the Minister’s electronic communications system. There are a number of electronic transmission methods available to air carriers, for example the Message Queue (MQ)/Direct Connection (a border declaration connection that provides clients with a direct connection to the CBSA), the CBSA Interactive API Gateway (IAG) website, or secure email. These methods of transmission are currently used to support the IAPI and the Entry/Exit initiative. In addition, air carriers may choose to transmit to the Government through third-party service providers (i.e. operators of an aviation reservation system).
Process to follow for centralized screening
The proposed amendments also introduce new provisions that set requirements for centralized screening. Once air carriers have provided the full name, DOB, gender and prescribed personal and flight data, they receive an electronic message (a code) from the CBSA letting them know that they can either allow this passenger to get a boarding pass or that for passengers whose personal data is similar to that of a listed person, additional verifications must be performed. During this period of time, air carriers must prevent this passenger from using self-check-in for their flight and the passenger must go to the air carrier service counter to get their boarding pass.
At the service counter, the air carrier agent must request an identification document and compare the information from this document with the reservation on record, as well as compare the passenger’s face with the photograph on the identification document, if any is provided. If there are discrepancies, the newest information is provided again to the CBSA, which may result in “clearing” this passenger and allowing the air carrier to provide them with a boarding pass or, on the contrary, confirm that they are indeed a listed person and should not be allowed to obtain a boarding pass until the Minister determines whether to issue an operational direction, such as deny transportation to the traveller.
Process to follow when there is no information received from the Minister
In rare circumstances, the response provided by the Minister may not be received by an air carrier after the passenger and flight data is sent over for all passengers expected to be on board an aircraft. In such cases, the air carriers would prevent the passengers from getting their boarding pass via self check-in for their flight and require that they present themselves at the service counter to obtain their boarding pass.
Clarification of identity document requirements when travelling domestically and internationally
The proposed amendments would clarify existing identity document requirements for domestic and international flights as well as the identity verification processes when passengers are boarding a plane.
- For domestic flights, passengers are currently permitted to provide, at boarding, one piece of valid photo identification issued by a government authority, which includes the passenger’s name, DOB and gender, or a restricted area identity card (issued under the Canadian Aviation Security Regulations, 2012). This provision is amended to (i) specify that the government authority for the identification document used for the purpose of domestic travel must be from within Canada; and (ii) specifically exclude fishing, hunting and boating licenses issued by a government authority as possible valid identification (ID) for the purposes of boarding a flight; and
- For international flights, the Regulations currently allow air carriers to accept, at boarding, one piece of valid photo identification issued by a government authority, which includes the passenger’s name, DOB and gender, or a restricted area identification card (issued under the Canadian Aviation Security Regulations, 2012). The proposed amendments would allow the following forms of identification to be accepted:
- a NEXUS card, a United States permanent resident card, or a United States enhanced driver’s license;
- a passport issued by the country of which the foreign national is a citizen or a national; or
- any documents mentioned under subsection 50(1) [Documents — permanent residents] or 52(1) [Documents — temporary residents] of the Immigration and Refugee Protection Regulations (e.g. a laissez-passer that was issued by the United Nations).
The proposed amendments also remove the obligation for the air carriers to refuse boarding a passenger if the person does not appear to be the age indicated by the DOB and/or the gender indicated on the identification document presented at the boarding gate.
In addition to these new provisions, if a passenger appears to be 18 years of age or older, air carriers will still be required to compare the identification document with the name on the boarding pass as well as with the passenger’s face and to communicate with TC if there is a discrepancy.
Procedures in case of an interruption of the electronic communications system
The proposed amendments introduce new provisions outlining the procedures that the CBSA and air carriers must follow in the event of a planned (e.g. for system updates and/or maintenance) or unplanned failure of their respective electronic communications systems. For planned or unplanned outages, air carriers and the Minister are required to notify each other at the earliest possible opportunity.
If the outage happens at the time of check-in, air carriers are required to refer back to the last electronic messages received from the CBSA. If the last message received is anything other than “clear” (i.e. there are no matches with the SATA List), or if the passenger data has changed since it was provided to the CBSA, or if there has been no previous messages, air carriers would be required to contact TC for resolution through the PPPOC.
Once the problem is resolved, air carriers would be required to send updated passenger manifests to the CBSA as soon as is practicable, in addition to the close-out message if the flight has already departed.
Removing current requirements for air carriers with respect to the SATA List
A number of existing regulatory requirements will be repealed, once centralized screening is implemented, because air carriers will no longer be screening passengers against the SATA List, including
- those that govern how commercial air carriers screen against the most up-to-date SATA List prior to providing a boarding pass to a passenger;
- requirements for comparing passenger names with the SATA List at the boarding gate if there are inconsistencies between the names on the boarding pass and the ones on their identification document; and
- the obligations to store, safeguard and destroy outdated copies of the List.
Obligations with respect to removal and destruction of information
Within two years following the coming into force of centralized screening, air carriers are required to permanently remove all versions of the List and any information respecting listed persons as well as permanently destroy any document or record in their control containing information respecting a listed person.
New definitions and application section
In order to facilitate the reading of the Regulations, definitions pertaining to “domestic flight,” “international flight” and “unique identifier” are added.
SATA (section 10) provides that certain persons (e.g. the Minister of Transport, the Minister of Citizenship and Immigration, a member of the Royal Canadian Mounted Police) or entities may assist the Minister of Public Safety and Emergency Preparedness in the administration and enforcement of the Act, including by collecting information from, and disclosing information to, the Minister and with each other. This provision of SATA allows any other person or entity to be prescribed in the SATR for this same purpose. The proposed amendments would prescribe the Minister of Foreign Affairs.
Amendments to the Designated Provisions Regulations
The Designated Provisions Regulations (DPR) made under the Aeronautics Act footnote 4 designate various provisions of the Secure Air Travel Regulations for enforcement purposes. If a provision designated by the DPR is violated, TC may issue an administrative monetary penalty (AMP) to the individual or corporation that was found to be in non-compliance. In order to provide TC with the ability to enforce the new SATR provisions related to the collection of passenger and flight data, at specific times and through a mandated method, amendments to Schedule 2 to the DPR are needed as well as the creation of an additional Schedule (Schedule 5) to enable TC to issue AMPs for a lack of compliance with prescribed SATR provisions in the Secure Air Travel Act.
Standing Joint Committee for the Scrutiny of Regulations
In May 2018, the Standing Joint Committee for the Scrutiny of Regulations provided recommendations on section 7 of the current version of the SATR, which prescribes when an air carrier is prohibited from transporting a passenger; there are four prohibitions. To address the recommendations, a minor technical amendment would be made (i.e. substituting an “and” for an “or”) and two of the prohibitions would be repealed (i.e. paragraph 7(1)(b) the passenger does not appear to be the age indicated by the date of birth on the identification presented; and paragraph 7(1)(c) the passenger does not appear to be of the gender indicated on the identification presented). When boarding passengers, air carriers would still be required to prevent passengers from travelling if they present a piece of photo identification and they do not resemble the photograph, and if the passenger presents more than one form of identification and there is a significant discrepancy between the two forms of identification.
Targeted consultations with specific stakeholders have been undertaken since March 2018 to help develop the proposed changes. The proposed amendments will primarily affect industry stakeholders (i.e. commercial air carriers and service providers). PS officials hosted a number of teleconferences with major Canadian air carriers as well as with smaller carriers, carriers that operate regionally and travel service providers. Overall, the feedback was positive. Industry stakeholders indicated support for the proposed changes, particularly regarding the transfer of the screening responsibility from air carriers to the Government. For a number of years, air carriers have stated that they do not want to be accountable for screening passengers under a Canadian national security program. However, the airline industry did express concern with the reliability of the CBSA information management and information technology (IM/IT) systems in general, given past experience with the launch of the IAPI and the electronic Travel Authorization (eTA). Industry has stated that it expects the electronic communications system for the SATA List to be vulnerable to the same failures.
Although previous program migration and integration may have caused delays or system miscommunications, the operationalization of centralized screening by federal partners ensure adequate functionality for industry stakeholders at all times. TC and CBSA IT representatives are working together assiduously to produce a system with minimal vulnerabilities and advanced technological control. The CBSA has improved its system since going live with the IAPI in order to reduce the number of unplanned outages and the CBSA will bring enhancements to the existing system aiming to reduce the length and regularity of unplanned outages. In addition, TC, PS and the CBSA have committed to maintaining strong communication with industry partners through the various phases of implementation and testing in order to guarantee program accuracy. Working and engaging with industry partners will be a key aspect of ensuring a final electronic communication system that is fully reliable and non-vulnerable to failures related to the SATA List.
PS, TC and CBSA officials met with advocacy groups and non-governmental organizations, such as the No Fly List Kids and the Canadian Bar Association, in Toronto in August 2018. Stakeholders sought clarity on how the redress system would work, how long it would take for it to be implemented, how different it is from what is currently in place, as well as on how it would prevent children from being identified as potential matches.
Government officials responded to these inquiries and the feedback received during this session further supported the development of the design and implementation of the enhanced PPP model. Concerns were raised over the implementation plan, namely that it would occur in phases (i.e. not right away) and that, in the interim, certain groups would still be subject to travel difficulties until the unique identifier and centralized screening are operational. A phased implementation plan is the recommended approach because of the scope of changes that have to occur to support a successful transition to the centralized screening process.
The redress application portal will be launched prior to air carrier onboarding footnote 5 to allow individuals to apply for unique identifiers ahead of the implementation of centralized screening. This will allow individuals who are false-positive matches to start realizing the benefits of the redress program as soon as air carriers begin onboarding to centralized screening.
Until the redress database and the centralized screening system are implemented and air carrier onboarding is complete, falsely matched individuals who have been issued a unique identifier, but are flying with air carriers that have not yet onboarded, may still experience inconveniences while travelling by air. To mitigate this risk, high-volume air carriers will be onboarded as early as possible following a pilot project with small and medium carriers to decrease the likelihood of individuals who provide active unique identifiers continuing to experience travel delays. In addition, in the interim, until all air carriers have onboarded to centralized screening, passengers will also have the option of presenting a unique identifier at airport check-in to facilitate the issuance of boarding passes.
In September 2018, a notice to stakeholders footnote 6 outlining the proposed regulatory amendments was sent to 164 stakeholders — 112 air carriers and 52 representatives of civil society groups, including the five National Indigenous Leadership Groups footnote 7 in Canada. The consultation period ended in November 2018.
From this consultation, PS received 30 comments from 23 stakeholders (11 air carriers and 12 individuals from the civil society groups). There were questions on the process for the enhanced PPP (e.g. how is it aligned with the U.S. Secure Flight Program, and when would testing begin). Positive comments were received about the effort made to reduce the number of false positives and overall appreciation for the enhanced PPP. Concerns were expressed over the Government’s ability to provide government-controlled screening and on whether the measures would actually reduce physical security risks. Two communications were received in which individuals disclosed their personal stories about experiencing delays at the airport.
PS also presented an update on the enhanced PPP at a meeting of the Cross-Cultural Roundtable on Security (CCRS) footnote 8 held in October 2018. Questions were asked about privacy safeguards (e.g. the retention and destruction of information), and comments were made on the need to be transparent to the extent possible (through better engagement and communication) and the process for enhanced PPP.
Building on these consultations, the Government is committed, throughout the planning and design phase as well as throughout the implementation phase, to continued communication with stakeholders with a view to ensuring that enhancements to the PPP are implemented in consideration of impacts on stakeholders.
Modern treaty obligations and Indigenous engagement and consultations
The proposed amendments affect all individuals who travel by air, including Indigenous peoples. Five national Indigenous organizations were engaged on the proposed amendments, including identification document requirements for international and domestic air travel; no comments were received. No adverse impacts on Indigenous rights and title have been identified in relation to these amendments.
During the regulatory development process undertaken for the proposed amendments, the following options were considered.
Maintaining the regulatory instrument
Maintaining the status quo was determined to not be a viable option, given that the new provisions under SATA permit the collection of personal information and establish the methods by which it can be transmitted and that prescribed times cannot be operationalized in the absence of supporting regulations. This is also the case for the clarification of identification documents for domestic and international flights, as well as for procedures in cases of outages.
Voluntary compliance regime
A decision to forgo the proposed Regulations in favour of an alternate reporting regime, such as allowing information to be provided to the Government from air carriers on a voluntary basis, would result in incomplete information, as it can be reasonably expected that only some carriers would be in a position to comply. Without full participation from all air carriers, the Government would remain in a position of operating a program with inherent information gaps, which would result in high national security risks.
Benefits and costs
A cost-benefit analysis (CBA) was conducted to assess the incremental impacts of the proposed amendments on air carriers, the federal government, and Canadians. Costs to air carriers and the federal government are monetized. The benefits to air carriers, the federal government, and Canadians are assessed qualitatively mainly as the monetization of the main impacts was not possible to do due to a lack of sufficient available data and to the sensitivity of the information that would be required to produce a quantitative analysis.
The present value of the costs associated with the proposed Regulations has been estimated at $166.7 million or $23.7 million in annualized value over the first 10 years of implementation. It is estimated that $107.9 million in present value or $15.4 million in annualized value would be incurred by the Government of Canada to establish, build and support the IT systems required to screen the passenger and flight data transmitted by air carriers against the SATA List. Costs to commercial air carriers are estimated at $58.8 million in present value or $8.4 million in annualized value for passenger and flight data transmission to the Government, for training, and for administrative tasks.
The proposed amendments are expected to result in improved air transportation security by reducing the risk with respect to individuals who may pose a threat to aviation security on board airplanes. In turn, Canadian national security in general would also be enhanced. Some air travellers would see their overall air travel experience improved as they may feel less stigmatized as a result from there being fewer false-positive matches, thereby resulting in improved well-being.
The proposed Regulations are expected to result in time savings for air carriers and passengers during the check-in process, which may address perceived stigmatization associated with delays for travellers commuting by air.
A full CBA report is available upon request by contacting the PS official whose contact information is provided at the end of the Regulatory Impact Analysis Statement.
The scope of the CBA has been limited to commercial air carriers operating inbound and outbound international flights and domestic-only flights that are currently certified to operate in Canada and who have offices located in Canada. This corresponds to a total of 70 air carriers, of which 14 are Canadian-based commercial air carriers operating domestic flights only, 13 are Canadian-based commercial air carriers operating international and domestic flights, and 43 are foreign-based commercial passenger air carriers that have subsidiary offices in Canada, an FAOC issued by TC, and which operate international flights only.
For the purpose of this analysis, it is assumed that air carriers would start implementing the program at different dates based on their capacity to implement the regulatory requirements and associated program activities. Therefore, the implementation schedule assumed for the purpose of this analysis was divided into three phases:
- Phase 1: the 12 largest air carriers under the scope of this analysis would begin implementation in 2021 (calendar year). These air carriers already possess significant capacity and account for the majority of flights and market share, and they are expected to accrue significant time savings;
- Phase 2: the majority of the remaining airlines, consisting of 40 airlines operating mostly internationally, would begin implementation in late 2021 to align with the timing of other planned regulatory activities such as the implementation of the Entry/Exit initiative (Air component); and
- Phase 3: the 18 other airlines, most of which are operating at the domestic level only for the purpose of the PPP, would begin implementation in 2022.
The costs, whether one-time vs. ongoing, to air carriers have been modelled for these five compliance activities:
- 1. IT system testing and onboarding (one-time)
- 2. Training for airline staff (one-time)
- 3. Implementation of IT transmission method (one-time)
- 4. Transmission of data to the CBSA (ongoing)
- 5. Administrative activity (one-time)
The occurrence of costs by activity and phase is illustrated in Table 1 below. For discounting purposes, it is assumed that costs carried in fiscal year (FY) 2019–2020 are carried in 2019, costs carried in FY 2020–2021 are carried in 2020, and so on. Costs carried in FY 2028–2029 are assumed to be carried in 2028.
|Phase||IT System Testing and Onboarding and Training for Airline Staff||Implementation of IT Transmission Method||Transmission of Data to the CBSA||Administrative Costs|
(12 air carriers)
|2020||N/A||2021–2028||2020 and 2023|
(40 air carriers)
|2021||N/A||2022–2028||2021 and 2023|
(18 air carriers)
|2022||2022||2023–2028||2022 and 2023|
All costs are presented in 2018 constant dollars. Costs valued in other years are adjusted using the Consumer Price Index (CPI) published by Statistics Canada. The discount rate is 7% per year, and present values and annualized values of costs are calculated over a 10-year period from year 2019 to year 2028 and will be discounted to the base year of 2019.
1. Costs to air carriers
1.1 Transmission method costs
Costs associated with IT system testing and onboarding, implementation of the IT transmission method and the transmission of data to the CBSA have been developed for the three options of transmission methods that carriers can choose from to comply with the proposed amendments. The assumptions regarding the wages, the number of hours required to conduct system testing, and the number of stakeholders impacted vary depending on the method chosen by air carriers. Table 2 summarizes the key assumptions adopted for the costs of the three transmission methods.
|Compliance Activity||Assumption||Third-party Service Provider||IAG Portal||MQ Direct Connection|
|IT system testing and onboarding, and method building||Number of impacted stakeholders||51||10||9|
|Hours needed to create one field||0.5||0.5||0.5|
|Hours needed for system testing||375
(150 international +
(150 international +
|150 to 300|
|Transmission method to build||N/A||N/A||$25,000–30,000|
|Transmission of data to the CBSA||Number of flights in 2018 table b2 note *||942 789||151 034||N/A|
|Number of seats in 2018||50 561 532||N/A||N/A|
Partial API: $0.0616/flight
Full API: $0.0731/seat
Close-out message: $0.010/flight
Ad hoc message table b2 note ** : $0.010/seat
|Hours needed to process manifest||N/A||0.5 for first manifest 0.833 for additional manifests||N/A|
Table b2 notes
1.2 Training costs
The costs associated with training air carrier staff are estimated according to business size for the 69 large air carriers and the remaining small air carriers. The costs account for the time spent by trainees to receive the required training as well as the time spent by trainers to provide the training. The costs associated with the development of training material are included in the compliance promotion costs for Public Safety Canada. Assumptions for training costs are summarized in Table 3.
|Business Size||Number of Employees Impacted per Business||Number of Hours in Training per Employee||Hourly Wage of Employee|
|Large: 69 air carriers||
20 administrative staff
1 h/administrative staff
3 h/executive staff
$31.49/h for administrative staff
$65.25/h for management
$27.51/h for trainers
|Small: 1 air carrier||
10 administrative staff
1.3 Administrative costs
All 70 air carriers would carry administrative costs for destroying the SATA List in a secure manner. The costs associated with this activity have been estimated based on the assumption that it would take about three minutes for the destruction of records at an hourly rate of $45.38 (internal) or $54.46 (external).
Table 4 below presents the estimated costs for air carriers by compliance activity over the 2019-2028 period.
|IT systems testing||$694K|
|IT transmission method||$165K|
|Transmission of data to the CBSA||$3.8M||$3.9M||$13.1M||$13.1M||$13.2M||$13.2M||$13.2M||$13.3M|
|Administrative activity (reporting)||$26||$88||$217|
Note: Figures may not add up to totals due to rounding.
2. Costs to Government
All government costs are based on the resources that are expected to be required by the Government to support the implementation of the enhanced PPP.
Canada Border Services Agency
Shared Services Canada
Public Safety Canada
1. Improved security for air travellers and Canadians
The proposed amendments, which serve to support the enhanced PPP model, would strengthen national security and public safety as it is expected that there would be a reduction in the risk that certain individuals who may represent an imminent threat to public security board planes and commit terrorism offences. Currently, the inconsistent, and in some cases inadequate, passenger screening against the SATA List performed by air carriers can result in listed individuals not being properly identified and, consequently, not being subject to operational directives issued by the Minister of Public Safety and Emergency Preparedness.
2. Improved travel experience for air travellers
With a fuller screening done as early on as possible prior to the scheduled time of departure, it is expected that travellers could experience more efficient travel, thereby potentially improving their travel experience. In addition, it is expected that there would be fewer potential matches/false-positive matches between passengers and listed individuals that would prevent passengers from performing their own check-in. This could contribute to mitigating feelings of stigmatization that some travellers have experienced in the past because they have a similar or the same name as individuals on the SATA List.
3. Time savings for air carriers and air travellers
Time savings are to be expected to be achieved for air carriers and travellers, as the determination of whether a passenger is a SATA-listed person would be made earlier in the travel continuum with fewer impacts on the check-in process of boarding a flight. This would reduce the number of travellers that would be delayed by having to present themselves at an air carrier service counter to obtain a boarding pass. Air carrier agents at the counter would focus their attention on passengers who require assistance instead of having to screen against the SATA List and further verify the identity of passengers. With fewer travellers having to present themselves at the service counter to obtain their boarding pass following additional identification verification by the agent at the counter and a call at TC, air carrier agents could devote the time that they would have spent doing those activities to other activities instead.
Table 6 presents the incremental impacts of the proposed amendments.
|2019–2022 (Implementation Year)||2023–2029
|Annualized Average per Stakeholder|
|Air carriers||IT system testing/onboarding||$0.65||$0||$0.7||$0.1||$0.0001|
|Transmission method to build||$0.2||$0||$0.2||$0.02||$0.0003|
|Transmission of data to the CBSA||$6.5||$51.3||$57.8||$8.2||$0.1|
|Administrative activity (reporting)||$0.0003||$0||$0.0003||$0.0001||$0.000001|
|Government of Canada||
Canada Border Services Agency
Shared Services Canada
Public Safety Canada
|Note: Figures may not add up to totals due to rounding.|
Air travellers and Canadians
Small business lens
The small business lens applies as the proposed amendments impact one small business. Of the 70 commercial air carriers identified within the scope of this regulatory proposal, one meets the definition of small business as outlined in the Treasury Board Secretariat’s Policy on Limiting Regulatory Burden on Business, namely, any business, whether incorporated or not, with fewer than 100 employees or between $30,000 and $5 million in annual gross revenues.
The average total costs (present value) for this small air carrier are estimated at $8,553.11 (or $1,217.77 annually). Both direct compliance and administrative costs associated with the proposed amendments have been calculated for the small business lens. The compliance activities included in the calculations are the upfront costs relating to IT testing and onboarding; training; transmission method to build; and ongoing costs of transmitting the passenger and flight data so that the air carrier has the capability to meet its information obligations.
|Small Business Lens Summary
Quantified Costs (in 2018 Canadian Constant Dollars)
|Number of small businesses impacted||1|
|Number of years||2019 to 2028|
|Base year for costing||2019|
|Compliance costs||Annualized Value||Present Value|
|Overall costs for the implementation of centralized screening and ongoing||$1,217.77||$8,553.11|
|Administrative costs||Annualized Value||Present Value|
|Overall administrative costs for signing and sending the confirmation that the lists have been destroyed||$0.00||$2.00|
It should be noted that there was no flexible option considered for this regulatory proposal, following a direct communication with the small business. Given that the company is already providing passenger and flight data to the CBSA for their Air programs and that the company is only operating international flights, most of the upfront costs are either not applicable or not cost-prohibitive, as the PPP would allow current transmission methods used for the CBSA Air programs to be used for its purpose. As for the ongoing costs, only the pre-check-in/72 hours transmission requirement is added to the already required transmissions for CBSA Air programs, which is again not considered to be cost prohibitive. Finally, air carriers will have a two-year period to complete the transition, which should provide sufficient time and flexibility to this small business to manage the implementation of centralized screening.
The one-for-one rule applies since there is an incremental increase in the administrative burden on business, and the proposal is considered an “IN” under the rule. Under the proposed amendments, air carriers would be required to sign, file, and send a template letter to CBSA confirming that all SATA lists have been destroyed or deleted. This activity is required to demonstrate compliance. The total annualized administrative cost associated with this activity is estimated to be $11 (in 2012 dollars) or an annualized average cost of $0 per business. The costs are estimated using the hourly wage of an external IT consultant for air carriers using the services of third-party service providers while, for the air carriers transmitting data through MQ/Direct Connection or IAG Portal, the hourly wage of internal IT consultant has been used. It is estimated that it would take three minutes to perform these tasks. It is assumed that this activity would be conducted in 2023 once all carriers are expected to have onboarded to centralized screening.
There is no administrative burden associated with the proposed consequential amendment to the Designated Provisions Regulations for businesses.
Regulatory cooperation and alignment
There are no international standards or guidelines concerning how countries should screen no-fly lists to protect national security. However, Canada’s switch from decentralized screening by air carriers to centralized government-controlled screening aligns with the current “No Fly” list screening practices of other countries such as the United Kingdom, the United States (U.S.), and Australia. The proposed amendments have been developed to mirror regulatory requirements under the U.S. Secure Flight Program as per the Secure Flight regulations as much as possiblefootnote 9 to reduce the regulatory burden associated with the proposed amendments on international air carriers. International air carriers will therefore be in a position to leverage their existing functionality and technology to further reduce the potential impacts and financial costs. This is particularly true for the process associated with the electronic messages (codes) coming back from the Government that communicate to the air carriers whether the passenger can obtain a boarding pass or not and thus reducing the costs for training. In addition, air carriers are already used to providing certain passenger and flight data for the purpose of the Secure Flight Program, the same passenger and flight data that are required for the PPP.
Secure Flight is an air passenger pre-screening program, implemented in 2009, that affects flights within, into, out of, and over the United States. It matches passenger information against watch lists maintained by the U.S. federal government, prevents individuals on the No Fly List from boarding an aircraft, and subjects individuals on the Selectee List to enhanced screening to determine if they are permitted to board an aircraft.
The proposed amendments are similar to U.S. requirements in that they require air carriers to transmit electronically passenger data to a government-managed centralized system prior to the check-in of the passengers and every time there are new passenger reservations and/or changes to the already provided passengers’ information. An electronic response from the Government is then provided to the air carriers informing them of whether the person can obtain a boarding pass or not.
For the redress system, Canada’s approach also aligns closely with the approach taken by the United States, where unique identifiers are issued to individuals with false-positive matches, as well as to any traveller who has experienced issues during their travel screening at transportation hubs (airports and train stations) or crossing U.S. borders. Similar to the U.S. system, the PPP will issue unique identifiers to all applicants.
Gender-based analysis plus
The proposed amendments will support the establishment of a centralized screening and redress system to address the issue of false-positive matches. These amendments were developed, in part, to mitigate and address potential differential or adverse impacts on a number of socio-economic groups. Gender-based analysis plus (GBA+) impacts have been identified with the transfer of the screening process from the air carriers to the Government as well as with the establishment of a redress program.
Age: [Children] Under the current PPP, parents whose children’s names are the same as or similar to someone on the SATA List are not able to check in their children for flights online or at a self-service kiosk and, at times, have been required to provide additional identification or have been subject to additional questioning to confirm that their child is not a SATA-listed individual. Although it is reasonable to assume that an adult with the same or similar name as a listed individual could be a potential match, it is unreasonable to assume that a young child with the same or similar name as a listed individual could be a potential match. The current program has thus resulted in a negative impact on some children and their parents.
Without having access to data on DOB for domestic flight reservations, and with the current processes in place where only the name of the passenger is screened against the SATA List prior to check-in, it is not possible for air carriers to determine in advance of the passenger arriving in person at the air carrier counter if that passenger is an adult or a child. The proposed amendments would require air carriers to collect DOB, as well as other passenger data, for domestic and international flights in an effort to limit the chances of false-positive matches for children, as well as for adults. It is however possible that older children with the same or similar name as a listed individual could also have the same or similar DOB as a listed individual, in which case false-positive matches for certain older children could still occur given that there is some discretion exercised by air carrier agents when verifying the identity of passengers who appear to be 18 years of age or older, as provided in the proposed Regulations. This could negatively impact certain older children, particularly if combined with other factors such as names of SATA listed individuals that are common to particular races or ethnicities.
As mitigation, the redress system will allow parents who obtained a unique identifier for their child to provide it at the time of booking. This would help to avoid confusion regarding the identity of their children and that of individuals with the same or similar names and DOBs on the SATA List and would therefore facilitate travel.
[Seniors] Some seniors may encounter difficulties with submitting an online request for a unique identifier, as a basic degree of technical knowledge and connectivity will be required. As a mitigation measure, individuals will also have the option to submit the application via mail, at their own cost.
- Race/ethnicity: Identification of a traveller against the SATA List will be done through a centralized government IM/IT system, limiting any potential unconscious bias associated with human screening and inconsistent screening methods among different air carriers. The centralized government IM/IT system will involve the screening of names through a name-matching algorithm, which may still result in a disproportionate number of false-positive matches that may disproportionately impact members of certain racial/ethnic groups who in turn disproportionately experience more delays at airports when compared to other travellers. As mitigation, the use of a unique identifier will help to decrease false-positive matches associated with screening names through a name-matching algorithm.
- Gender: Although gender identification will be required to support the centralized system, air carriers will no longer be required to ensure that the gender of the passenger matches what is stated on their identification document presented at the boarding gate. At the time of the booking, members of the LGBTQ2 community will be able to select a gender-neutral option (non-binary).
- Remote communities and low-income individuals: Individuals with low income or members of remote communities, such as northern communities, may have difficulties accessing the Internet to acquire information on the redress system or to submit an online application. As a mitigation measure, individuals will also have the option to submit the application via mail, at their own cost.
In northern Indigenous communities, it may be more difficult to obtain a government-issued photo ID due to the prohibitive costs associated with obtaining the photo and/or from having to travel to a less remote location to obtain such a photo. To mitigate this circumstance, the Regulations will continue to permit individuals travelling domestically to provide two valid pieces of identification issued by a government authority, with at least one that indicates the passenger’s full name, DOB and gender. Guidance will be provided to air carriers to assist in determining pieces of identification issued by a government authority that are acceptable.
Under SATA, as amended by Bill C-59, PS, the CBSA and TC must destroy the personal data collected under the proposed amendments after seven days. PS officials have completed a privacy impact assessment (PIA) for the implementation of the enhanced PPP model. Following full implementation of this initiative, the PIA will be available upon request.
Implementation, compliance and enforcement, and service standards
There are two coming-into-force provisions in the proposed amendments:
- The provisions pertaining to the type of identification documents that can be presented at boarding gates for domestic or international flights, including the process air carriers must follow for the verification of identity at the boarding gate, will come into force upon registration.
- The remaining provisions come into force on the day on which subsection 173(1) of the National Security Act, 2017, chapter 13 of the Statutes of Canada (2019) comes into force. The coming-into-force date of these legislative provisions will be set by order in council in the future. Currently, the anticipated targeted time frame for this is late 2020. This includes all the provisions pertaining to the authority for implementation of centralized screening (i.e. the prescribed information, time and manner; the process to follow for centralized screening; the procedures for failure of the electronic communications system; and the repealing of current requirements for air carriers with respect to the SATA List).
Implementation phases associated with the coming into force of the centralized screening provisions
The first phase of implementation will begin following the rollout of the PPP component on the CBSA IT platform and upgrading of the necessary systems. It is anticipated that the current version would be completed in 2020 (this is the target timeline). The implementation phase will start with the operational testing for each air carrier of the capabilities to interact with the CBSA. Once testing is complete, air carriers will obtain their certification from the CBSA.
Examples of conditions to be met to be considered “certified” are
- (i) Establishment of data transmission connections between the air carrier and the CBSA;
- (ii) Test ability for the air carrier to send passenger and flight data (prior to check-in [72 hours before the scheduled flight departure”], at check-in and for all updates of data elements if they change until flight departure) to the CBSA;
- (iii) Test ability for the air carrier to receive and process the PPP inhibit/cleared results within interactive board/no-board messages (results from the CBSA conducting the screening against the operational SATA and Redress Lists);
- (iv) Test ability for the air carrier to receive and process the updated PPP inhibit/cleared result within an unsolicited board/no-board message (updated direction from the TC PPPOC), and the ability for the air carrier to respond to the CBSA with an acknowledgement that it received the message that all passengers are cleared or that a match was found (resulting in operational directions to deny transportation or conduct additional screening); and
- (v) Test ability for the air carrier to submit the four flight update notifications message (close-out, cancellation reservation, reduction in party, and cancelled flight).
During the operational testing period, air carriers will continue to match passenger data against the SATA List under current procedures and will remain responsible for identifying possible matches as a result of their own SATA List matching determination.
The implementation of the PPP component on the CBSA IT platform and on that of air carriers is separated into three phases:footnote 10
- Phase 1 (2021) — Top 12 carriers with highest passenger volume;
- Phase 2 (end of 2021) — 84footnote 11 carriers that are already transmitting flight data to the CBSA for their air programs; and
- Phase 3 (2022) — 18 carriers that have not transmitted flight data to the CBSA (need to develop connectivity and systems).
It should be noted that by 2023, it is anticipated that all air carriers will have to permanently remove all versions of the SATA List as well as any information respecting listed persons from any system and any electronic communications system they use to comply with the Regulations, and must permanently destroy any document or record containing information respecting listed persons that is in their control.
Compliance and enforcement
TC is responsible for monitoring air carrier compliance with SATA and the Regulations. TC will continue to include planned inspection activities in its national inspection program using a risk-based approach, in addition to ensuring continuous air carrier compliance from the PPPOC. On-site planned inspections that are conducted by TC inspectors will include inspection activities related to airline procedures, training provided to the employees of the carriers, and on regulatory elements that affect the airport activities (e.g. verification of identification documents at boarding gates). The PPPOC will be responsible for ensuring air carriers’ compliance with the obligations to provide the prescribed information at the prescribed times.
PPPOC will also ensure air carriers’ compliance during planned or unplanned outage situations. It may also assign tasks or follow-ups to be carried out by TC inspectors in the various Canadian airports and internationally when a more detailed investigation will be necessary (e.g. non-compliance with a direction issued by the Minister of Public Security).
There are varying levels of enforcement action that could be taken, depending on the severity and frequency of non-compliance. For example, a TC inspector may issue a written warning or an administrative monetary penalty to promote compliance.
In addition, if the Minister of Transport is of the opinion that an air carrier has failed to comply with any provision of SATA, the Regulations, or a directive issued under SATA, the Minister can make orders respecting
- the movement of aircraft or persons at aerodromes or other aviation facilities; and
- the diversion of aircraft to alternate landing sites.
Finally, criminal proceedings can also be initiated for contravention of certain provisions of SATA.
Passenger Protect Program Project Executive
340 Laurier Avenue West
PROPOSED REGULATORY TEXT
Notice is given that the Governor in Council, pursuant to section 32 of the Secure Air Travel Actfootnote a and subsections 4.71(1)footnote b and 7.6(1)footnote c of the Aeronautics Actfootnote d, proposes to make the annexed Regulations Amending the Secure Air Travel Regulations and the Designated Provisions Regulations.
Interested persons may make representations concerning the proposed Regulations within 30 days after the date of publication of this notice. All such representations must cite the Canada Gazette, Part I, and the date of publication of this notice, and be addressed to Lesley Soper, Passenger Protect Program Project Executive, Department of Public Safety and Emergency Preparedness, 340 Laurier Avenue W, Ottawa, Ontario K1A 0P8 (email: firstname.lastname@example.org).
Ottawa, July 15, 2019
Assistant Clerk of the Privy Council
Regulations Amending the Secure Air Travel Regulations and the Designated Provisions Regulations
Secure Air Travel Act
Secure Air Travel Regulations
1 (1) Section 1 of the Secure Air Travel Regulationsfootnote 12 is amended by adding the following in alphabetical order:
- domestic flight means a domestic flight referred in section 2. (vol intérieur)
- international flight means an international flight referred to in section 2. (vol international)
(2) Section 1 of the Regulations is amended by adding the following in alphabetical order:
- unique identifier means the unique identifier referred to in section 10.1 of the Act that is issued to a person to assist with the verification of their identity before a flight. (identifiant unique)
2 The Regulations are amended by adding the following after section 1:
Assistance to Minister
1.1 For the purposes of paragraph 10(f) of the Act, the Minister of Foreign Affairs is a prescribed person.
3 (1) The portion of section 2 of the Regulations before paragraph (a) is replaced by the following:
2 Sections 3 to 15 apply in respect of the following passenger-carrying flights — or in respect of air carriers conducting such flights — if the passengers, the property in the possession or control of the passengers and the belongings or baggage that the passengers give to the air carrier for transport are subject to screening that is carried out — in Canada, under the Aeronautics Act or, in another country, by the person or entity responsible for the screening of such persons, property and belongings or baggage — before boarding:
(2) The portion of section 2 of the Regulations before paragraph (a) is replaced by the following:
2 Sections 2.1 to 11 apply in respect of the following passenger-carrying flights — or in respect of air carriers conducting such flights — if the passengers, the property in the possession or control of the passengers and the belongings or baggage that the passengers give to the air carrier for transport are subject to screening that is carried out — in Canada, under the Aeronautics Act or, in another country, by the person or entity responsible for the screening of such persons, property and belongings or baggage — before boarding:
4 The Regulations are amended by adding the following after section 2:
Information Collected by Air Carrier
Collection of information
2.1 (1) An air carrier must, no later than 72 hours before the scheduled time of departure of a domestic or international flight, collect the following information about each person who is expected to be on board an aircraft for a domestic or international flight:
- (a) their surname, first name and any middle names;
- (b) their date of birth;
- (c) their gender; and
- (d) their unique identifier, if they have one and have disclosed it to the air carrier.
Duty to retain information
(2) The air carrier must retain the information as long as is necessary to comply with its obligations under subsection 6(2) of the Act.
Information Provided to Minister
2.2 For the purposes of subsections 6(2) and (4) of the Act, a domestic or international flight is a prescribed flight.
2.3 For the purposes of paragraph 6(2)(d) of the Act, the prescribed information is, in respect of each person referred to in subsection 6(2) of the Act,
- (a) their citizenship or nationality;
- (b) the number and expiry date of their passport and the name of the country or entity that issued it or the number and expiry date of their permanent resident card issued by Canada or the United States;
- (c) their unique identifier, if they have one;
- (d) their reservation record locator number;
- (e) the unique passenger reference that is assigned to them by the air carrier;
- (f) the flight code that identifies the air carrier and the flight number;
- (g) in respect of a person who is expected to be on board the aircraft, the scheduled date, time and place of departure of the aircraft;
- (h) in respect of a person who is on board the aircraft, the date, time and place of departure of the aircraft; and
- (i) the scheduled date, time and place of arrival of the aircraft.
Prescribed times — person expected on board
2.4 (1) For the purposes of subsection 6(2) of the Act, the times at which the information — other than information referred to in paragraph 2.3(h) of these Regulations — must be provided in respect of each person who is expected to be on board the aircraft are
- (a) 72 hours before the flight’s scheduled time of departure or, for reservations that are made after that time, the time at which the reservation is made;
- (b) the time at which the person checks-in for the flight; and
- (c) in respect of any change to the information that occurs after it has already been provided to the Minister, as soon as feasible after the air carrier makes or becomes aware of the change.
Prescribed time — person on board
(2) For the purposes of subsection 6(2) of the Act, the time within which information referred to in paragraphs 2.3(d) to (f), (h) and (i) of these Regulations must be provided in respect of each person who is on board the aircraft is no later than 30 minutes after the time of departure of the aircraft.
(3) An air carrier must, no later than 30 minutes after the cancellation of a flight reservation of a person about whom information has been provided to the Minister under subsection 6(2) of the Act, inform the Minister of the cancellation.
(4) An air carrier must, no later than 30 minutes after the cancellation of a flight for which information has been provided to the Minister under subsection 6(2) of the Act, inform the Minister of the cancellation.
Prescribed manner — electronic communications
2.5 (1) For the purposes of subsection 6(2) of the Act, the information must be provided to the Minister by means of an electronic communications system that is compatible with the Minister’s electronic communications system and that is able to
- (a) receive and acknowledge receipt of information disclosed by the Minister or the Minister of Transport; and
- (b) receive directions made by the Minister under section 9 of the Act.
Manner of informing — cancellations
(2) An air carrier that is required to inform the Minister of a cancellation under subsection 2.4(3) or (4) must do so by means of the system referred to in subsection (1) that it uses to provide information to the Minister.
2.6 (1) This section applies if, before a person has obtained a boarding pass for a domestic or international flight, the Minister informs the air carrier that information referred to in paragraphs 6(2)(a) to (c) of the Act and paragraphs 2.3(a) to (c) of these Regulations that the air carrier has provided under subsection 6(2) of the Act about the person is the same as the information of a listed person.
Self-service machine or Internet
(2) The air carrier must ensure that the person cannot obtain a boarding pass for the flight in question at a self-service machine or from the Internet.
Verification of identity
(3) If the person presents themselves at the air carrier’s check-in desk to obtain a boarding pass for the flight in question, the air carrier, before providing information about the person to the Minister in accordance with paragraph 2.4(1)(b), must verify the person’s identity using a piece of identification that is acceptable under subsection 3(1) or section 4, as the case may be, and must compare
- (a) the information on the identification with the information in the person’s reservation record; and
- (b) if the person presents a piece of photo identification, the person’s entire face with the face displayed in the photograph.
(4) If the comparison reveals a discrepancy between the information on the person’s identification and the information in their reservation record, the air carrier must not issue a boarding pass to the person pending a response from the Minister to the information that has been provided in accordance with paragraph 2.4(1)(b) or (c), as the case may be.
Duty to refuse boarding pass
(5) The air carrier must not, in either of the following circumstances, issue a boarding pass to the person unless the air carrier has contacted the Minister of Transport by telephone and been informed that a direction will not be made under subsection 9(1) of the Act — other than under paragraph 9(1)(b) — in respect of the person:
- (a) the comparison performed under paragraph (3)(a) does not reveal a discrepancy between the information on the person’s identification and the information in the reservation record;
- (b) the comparison performed under paragraph (3)(a) reveals a discrepancy between the information on the person’s identification and the information in the reservation record and the Minister, in response to the information provided by the air carrier in that regard, informs the air carrier that information referred to in paragraphs 6(2)(a) to (c) of the Act and paragraphs 2.3(a) to (c) of these Regulations is still the same as that of a listed person.
Contact information — paragraph 9(1)(a) of Act
2.7 If a direction is made by the Minister under paragraph 9(1)(a) of the Act in respect of a listed person, the Minister of Transport must provide the air carrier with contact information for the administrative recourse office of the Department of Public Safety and Emergency Preparedness and the air carrier must provide the information to the person.
No information from Minister
No information from Minister
2.8 (1) This section applies if, at the start of the period during which persons can check-in for a domestic or international flight, the air carrier has not received information from the Minister in relation to a person who is expected to be on board the aircraft.
Self-service machine or Internet
(2) The air carrier must ensure that the person cannot obtain a boarding pass for the flight in question at a self-service machine or from the Internet.
Duty to contact
(3) If the person presents themselves at the air carrier’s check-in desk, the air carrier must not issue a boarding pass to the person unless the air carrier has contacted the Minister of Transport by telephone and been informed that a direction will not be made under subsection 9(1) of the Act — other than under paragraph 9(1)(b) — in respect of the person.
5 Sections 3 and 4 of the Regulations are replaced by the following:
Boarding gate — domestic flight
3 (1) Subject to subsection (2), an air carrier must, at the boarding gate for a domestic flight, verify the identity of each passenger who appears to be 18 years of age or older using
- (a) one piece of valid photo identification issued by a government authority in Canada that shows the passenger’s surname, first name, any middle names, date of birth and gender, except any document, however described and regardless of format, issued by a government authority for the purposes of fishing, hunting or boating;
- (b) one of the following pieces of photo identification issued by a government authority that shows the passenger’s surname, first name, any middle names, date of birth and gender and that is valid:
- (i) a passport issued by the country of which the passenger is a citizen or a national,
- (ii) a NEXUS card,
- (iii) a permanent resident card issued by the United States,
- (iv) an enhanced driver’s license issued in the United States,
- (v) any document referred to in subsection 50(1) or 52(1) of the Immigration and Refugee Protection Regulations;
- (c) two pieces of valid identification that are issued by a government authority in Canada — at least one of which shows the passenger’s surname, first name, any middle names, date of birth and gender — except any document, however described and regardless of format, issued by a government authority for the purposes of fishing, hunting or boating; or
- (d) a valid restricted area identity card, as defined in section 3 of the Canadian Aviation Security Regulations, 2012.
Alternative identification — loss or theft
(2) In the event that a passenger’s identity cannot be verified in accordance with subsection (1) because of the loss or theft of one or more pieces of their identification, the air carrier may verify their identity using alternative forms of valid identification such as their employee identity card, public transit pass or baptismal certificate if the passenger presents the identification in conjunction with documentation that is issued by a government authority or a police service that attests to the loss or theft.
Boarding gate — international flight
4 An air carrier must, at the boarding gate for an international flight, verify the identity of each passenger who appears to be 18 years of age or older using
- (a) one of the following pieces of photo identification issued by a government authority that shows the passenger’s surname, first name, any middle names, date of birth and gender and that is valid:
- (i) a passport issued by the country of which the passenger is a citizen or a national,
- (ii) a NEXUS card,
- (iii) any document referred to in subsection 50(1) or 52(1) of the Immigration and Refugee Protection Regulations; or
- (b) a valid restricted area identity card, as defined in section 3 of the Canadian Aviation Security Regulations, 2012.
Verification of identity
4.1 (1) The air carrier must carry out each verification referred to in section 3 or 4 by
- (a) comparing the surname, first name and any middle names on the passenger’s boarding pass with their identification; and
- (b) if the passenger presents a piece of photo identification, comparing the passenger’s entire face with the face displayed in the photograph.
(2) If there is a significant discrepancy between the surname, first name or any middle names on the identification presented by the passenger and the surname, first name or any middle names on their boarding pass, the air carrier must
- (a) compare the names on the identification with the names of listed persons; and
- (b) if the names on the identification are similar to those of a listed person, immediately inform the Minister of Transport.
6 Subsection 4.1(2) of the Regulations is replaced by the following:
(2) If there is a significant discrepancy between the surname, first name or any middle names on the identification presented by the passenger and the surname, first name or any middle names on their boarding pass, the air carrier must immediately inform the Minister using the electronic communication system referred to in subsection 2.5(1) that it uses to provide information to the Minister.
7 Section 5 of the Regulations is repealed.
8 Section 6 of the Regulations is repealed.
9 (1) Paragraph 7(1)(a) of the English version of the Regulations is replaced by the following:
- (a) the passenger presents a piece of photo identification and does not resemble the photograph; or
(2) Paragraphs 7(1)(b) and (c) of the Regulations are repealed.
(3) Paragraph 7(1)(d) of the Regulations is replaced by the following:
- (d) the passenger presents more than one form of identification and there is a significant discrepancy between those forms of identification.
10 Section 8 of the Regulations is repealed.
11 (1) Paragraph 9(a) of the Regulations is replaced by the following:
- (a) about whom the Minister of Transport has been informed under paragraph 4.1(2)(b), unless that Minister has informed the air carrier that a direction will not be made in respect of that person under subsection 9(1) of the Act;
(2) Paragraph 9(a) of the Regulations is replaced by the following:
- (a) about whom the Minister has been informed under subsection 4.1(2), unless the Minister of Transport has informed the air carrier that a direction will not be made in respect of that person under subsection 9(1) of the Act;
12 Section 10 of the Regulations is replaced by the following:
Interruption of the Electronic Communications System
Duty to inform
10 An air carrier and the Minister must inform each other of any interruption of their respective electronic communications systems referred to in subsection 2.5(1)
- (a) in the case of a planned system interruption, as soon as feasible in advance of the scheduled date of the interruption and in writing; and
- (b) in the case of an unplanned system interruption, immediately after they become aware of the interruption.
Electronic system interruption — check-in
10.1 In the event of an interruption of an air carrier’s or the Minister’s electronic communications system, the air carrier must, at the time of check-in for a flight, refer to the most recent information received from the Minister in relation to any person who is expected to be on board the aircraft before issuing a boarding pass to that person.
Resolution of interruption
10.2 (1) For the purposes of subsection 6(2) of the Act, if, because of an interruption in an electronic communications system, the information that is required to be provided in respect of a person who is expected to be on board the aircraft cannot be provided in accordance with subsection 2.5(1) of these Regulations at one or both of the times prescribed in paragraphs 2.4(1)(b) and (c) of these Regulations, the prescribed time is as soon as feasible after the resolution of the interruption.
(2) For the purposes of subsection 6(2) of the Act, if, because of an interruption in an electronic communications system, the information that is required to be provided in respect of a person who is on board the aircraft cannot be provided in accordance with subsection 2.5(1) of these Regulations within the time prescribed in subsection 2.4(2) of these Regulations, the prescribed time is as soon as feasible after the resolution of the interruption.
13 Sections 11 and 12 of the Regulations are replaced by the following:
Responsibility of air carrier
11 An air carrier must ensure that any system it uses to comply with paragraph 4.1(2)(a) or section 5 uses only the most up-to-date information provided to the air carrier by the Minister of Transport respecting listed persons.
Removal of information
12 If the Minister of Transport informs an air carrier that a person is no longer a listed person, the air carrier must immediately remove all information respecting that person from any system it uses to comply with paragraph 4.1(2)(a) or section 5.
14 Sections 11 to 16 of the Regulations are replaced by the following:
Information — removal and destruction
11 Within two years after the day fixed under subsection 173(1) of the National Security Act, 2017, every air carrier must
- (a) permanently remove all versions of the list and any information respecting listed persons from
- (i) any system it used to comply with these Regulations as they read immediately before the day on which this section comes into force, and
- (ii) any electronic communications system it uses to comply with these Regulations; and
- (b) permanently destroy any document or record in its control containing information respecting a listed person.
Secure Air Travel Regulations
15 The Secure Air Travel Regulations footnote 13 are amended by adding the following after section 10.1:
Duty to provide information
10.11 In the circumstances referred to in section 10.1, the air carrier must, at the time of check-in of each person who is expected to be on board the aircraft, immediately provide to the Minister of Transport, in respect of the person, the information referred to in paragraphs 6(2)(a) to (c) of the Act — and the information referred to in paragraphs 2.3(a) to (g) and (i) of these Regulations that is in the air carrier’s control — if
- (a) no information has been received from the Minister of Public Safety and Emergency Preparedness in respect of the person;
- (b) the information received from the Minister of Public Safety and Emergency Preparedness fails to indicate that the information referred to in paragraphs 6(2)(a) to (c) of the Act and paragraphs 2.3(a) to (c) of these Regulations that has been provided in respect of the person is not the same as that of a person whose name is on the list established under subsection 8(1) of the Act; or
- (c) any of the information about the person that is required under subsection 6(2) of the Act has changed since it was provided to the Minister of Public Safety and Emergency Preparedness.
Designated Provisions Regulations
16 Items 2, 8, 9, 11, 12, 14 and 15 of Schedule 2 to the Designated Provisions Regulationsfootnote 14 are repealed.
17 Schedule 2 to the Regulations is amended by adding the following after item 1:
Maximum amount payable
Maximum amount payable
18 Schedule 2 to the Regulations is replaced by the Schedule 2 set out in the schedule to these Regulations.
19 The Regulations are amended by adding, after Schedule 4, the Schedule 5 set out in the schedule to these Regulations.
Coming into Force
20 (1) Subject to subsection (2), these Regulations come into force on the day on which they are registered.
S.C. 2019, c. 13
(2) Subsections 1(2) and 3(2), sections 4, 6 and 7, subsection 11(2) and sections 12, 14, 15, 18 and 19 come into force on the day fixed under subsection 173(1) of the National Security Act, 2017 but if these Regulations are registered on or after that day,
- (a) subsection 1(2) and sections 4, 7, 12, 15 and 19 come into force on the day on which these Regulations are registered; and
- (b) subsection 3(2), section 6, subsection 11(2) and sections 14 and 18 come into force on the day after the day on which these Regulations are registered.
(Sections 18 and 19)
Maximum Amount Payable
Maximum Amount Payable
Designated Provisions of the Secure Air Travel Act
Maximum Amount Payable
Maximum Amount Payable