Privacy breaches exposed private information about 92,422 farmers and Agriculture Canada clients during the past five years, according to information presented to Parliament last week.
It made the agriculture department the third worst offender on privacy issues in the federal government during the past decade.
By far, the overwhelming problem was in 2008-09 when 92,000 privacy breaches happened.
That year, a computer stolen from the Canadian Canola Growers Association, which administered the advanced payments program, contained the names and information of 32,000 farmers who applied.
Later the same year, two Agriculture Canada servers were hacked and details about another 60,000 producers using federal programs were stolen.
Read Also
Canola support gets mixed response
A series of canola industry support measures announced by the federal government are being met with mixed reviews.
The department said May 6 that the information included producer personal information, including names, addresses, telephone numbers, birth dates and personal identification numbers used for accessing the advance payment program, production insurance and AgriStability.
The department said that affected producers were informed, the federal privacy commissioner alerted and computer systems changed.
“System and user passwords were changed,” said an Agriculture Canada email. “All servers were manually reviewed and no evidence of this attack on other servers was found.”
In the House of Commons, New Democrat MPs last week demanded an accounting from agriculture minister Gerry Ritz about how the privacy breaches happened and what he has done to safeguard producer information.
“This loss of Canadians’ personal information happened on his watch,” said NDP deputy agriculture critic Ruth Ellen Brosseau. “I want to know what his plan is.”
Ritz started to rise to answer but was replaced by Treasury Board president Tony Clement, who is designated to answer questions on the hundreds of thousands of privacy beaches that have been reported.
“Our government takes the protection of Canadians’ privacy very seriously, particularly when it comes to the proper handling of confidential personal information,” Clement said.
“I am going to meet with the privacy commissioner in the near future. Perhaps we can also take other measures in the future.”
NDP agriculture critic Malcolm Allen noted that Ritz was not re-sponding.
“What is he going to do to fix this serious problem within his department?” said Allen.
“When is he going to stand and give Canadians and farmers who had their information breached some straight answers?”
In an interview from Regina May 3, Ritz said Agriculture Canada has changed the rules to make personal information more secure, although theft of a computer from the canola growers association is not something the department can control.
“At the end of the day, as a government we put a lot of different features in place to make sure that we do treat the privacy of Canadians paramount, that we do keep track of their systems and what they’ve put into the government, recognizing that there will always be problems,” he said.
“We’ve learned a lot. We’re always looking and operating on the assumption we can do more.”
Ritz said the vast majority of privacy breaches were from the stolen computer, but information tabled in Parliament showed that was just one-third of the privacy breach incidents.
Ritz said all farmers affected had been notified.
James Valcke from the NDP research bureau, which analyzed the numbers, said that despite the measures the government takes to put better systems in place, “tens of thousands of people, most of them farmers, had their personal information accessed because of dealings with the agriculture department, and that is a serious issue.”
