While the COVID-19 pandemic continues, there is light at the end of the tunnel and Canadians are turning their minds to activities they have missed for over a year - among them, cross-border travel. While getting back on a plane could feel different in a post-pandemic world, a recent Alberta Court of Appeal decision highlights how Canadians' right to privacy at the border may also change - and for the better - over the coming months.
Following the Supreme Court of Canada's 1988 decision in R v. Simmons ("Simmons"), Canadian Border Service Officers ("BSOs") have held broad powers to search and seize the personal belongings of any person entering Canada (and without a warrant).
These powers have since translated into the ability to conduct warrantless searches of the contents of personal electronic devices, including cell phones, laptops, and tablets. According to Canadian Border Services Agency ("CBSA") rules, travelers crossing into Canada must provide their device passwords for BSOs upon request in order to facilitate such searches.
Notwithstanding the significant privacy implications for travelers, lawyers in particular should be aware of the scope of the CBSA's searching authority, which could impact their duty of confidentiality and solicitor-client privilege. For example, in a report on privacy at airports and borders. the Canadian Bar Association equated crossing the border with an electronic device to raising the possibility that "every piece of mail a traveler has ever sent or received" could be accessible by BSOs.
A recent decision of the Alberta Court of Appeal ("ABCA"), however, has taken a 21st century look at the CBSA's powers regarding its warrantless searches of electronic devices. Following the Supreme Court of Canada's refusal to grant leave to appeal, the ABCA decision in R v Canfield ("Canfield") has put Parliament on notice that legislative reform is needed to provide clarity - and renewed protection - from such intrusive investigative powers.
R v Canfield recognizes a new digital reality
Canfield involved two men who were caught separately re-entering Canada with child pornography on their devices. After landing at the Edmonton International Airport, the men were flagged by the CBSA during routine questioning. BSOs subsequently searched their personal electronic devices, including Mr. Canfield's cellphone, and Mr. Townsend's cell phone and computer. After the officers discovered child pornography on each of their respective devices, the men were arrested and charged.
The Trial Judge relied on Simmons in finding that the warrantless and unlimited search of electronic devices and documents was lawful at the Canadian border. Interestingly, when Simmons was decided, less than twenty-two percent of Canadian households reported owning a personal cellphone. Since then, the number of Canadians who own a smartphone has risen to nearly 89%, and the amount of information that is stored on these devices has grown exponentially. This was a main point for the ABCA in deciding that they could revisit the CBSA's powers to search.
Electronic "goods" - searches not limited by law
In Canfield, the ABCA focused on whether the lack of legislative limits on all searches of "goods" under section 99(1)(a) of the Customs Act (the "Act") violated the right against unlawful search found in section 8 of the Canadian Charter of Rights and Freedoms. In so doing, the court considered whether the law itself, not the application of the law by BSOs, was unconstitutional.
"Goods" are defined in the Act as "conveyances, animals and any document in any form" and in the border context have been found to include documents in electronic form (e.g., those stored on personal electronic devices). By that logic, the ABCA confirmed that personal electronic devices are "goods" under the Act and are therefore searchable at the border. The court also recognized that, subject to internal CBSA guidelines which are not legally binding, there was no limit to searches conducted on personal devices.
Reasonable expectation of privacy at the border
Canadian courts have accepted that the degree of personal privacy that can reasonably be expected at the border is lower than normal. This was the main finding in Simmons. However, the Supreme Court of Canada has also found that Canadians have a reasonable expectation of privacy in the contents of their personal electronic devices within the domestic context, which is akin to a person's "biographical core of information". Specifically, a person's "biographical core of information" is protected from unreasonable search and seizure under section 8 of the Charter of Rights and Freedoms. In 2010, the Supreme Court of Canada held in R v. Morelli that it was "difficult to imagine a more intrusive invasion of privacy than the search of one's home and personal computer". Similarly, the ABCA held that:
75 - ...while the search of a computer or cell phone is not akin to the seizure of bodily samples or a strip search, it may nevertheless be a significant intrusion on personal privacy. To be reasonable, such a search must have a threshold requirement. As was noted in Simmons at para 28, "the greater the intrusion, the greater must be the justification and the greater the degree of constitutional protection". ... in our view the threshold for the search of electronic devices may be something less than the reasonable grounds to suspect required for a strip search under the Customs Act. ... Recognizing that complex issues must be weighed in altering the law in this area, we decline to set a threshold requirement for the search of electronic devices at this time. Whether the appropriate threshold is reasonable suspicion, or something less than that having regard to the unique nature of the border, will have to be decided by Parliament and fleshed out in other cases. ... to the extent that s 99(1)(a) permits the unlimited search of personal electronic devices without any threshold requirement at all, it violates the protection against unreasonable search in s 8 of the Charter.
Looking ahead: after Canfield
The ABCA issued a suspended finding of invalidity for section 99(1)(a) of the Act, which allows Parliament up to one year to make changes and impose some form of limitation on searches of electronic devices at the border. During this time, the provision in question will still be active, which means that Canadians could find themselves subject to a routine (but effectively limitless) device search. In March 2021, the Supreme Court of Canada denied leave to appeal the ABCA's decision, which means that, at least for now, some questions regarding privacy at the border remain unanswered. Central among those questions is whether electronic data should be considered a distinct good separate from the device itself under s. 2 of the Act.
It remains to be seen what kind of threshold test will be written into section 99(1)(a) of the Act. Given the growth in privacy rights awareness - and the Canadian government pursuing changes to federal data protection legislation with the rollout of the Digital Charter Implementation Act in November 2020, it is reasonable to assume that Parliament will be forced to acknowledge the CBSA's broad authority is in conflict with Canadians' Charter protections. Nevertheless, lawyers in particular should still give special consideration to the information they bring with them across the Canadian border until the Customs Act is amended. One CBSA webpage claims that content marked as solicitor-client privilege should not be searched. However, when a Toronto business lawyer returning to Canada in May 2019 refused to give his password after informing a border services officer that the devices contained confidential client information, he was told his devices would be seized and sent to a lab to have the passwords cracked.
Best practices for lawyers traveling with an electronic device
- Lawyers should consider traveling with a "clean" device, either by backing up a work device externally and wiping it prior to travel, or by obtaining a new device that has never held confidential information in advance of the trip.
- Privileged information should always be clearly labeled.
- Lawyers traveling with electronic devices should immediately identify their profession if pulled aside for secondary screening.
- Electronic devices should be placed on airplane mode and turned off well in advance of entering a security checkpoint in order to prevent them from receiving new data.
- Clients should be made aware in retainer documents of the risks that may arise as a result of cross-border travel.
- Bringing physical copies of travel documents, including itineraries and receipts for items purchased abroad, may limit the need for CBSA to look at electronic devices.
- Firms should strengthen their confidentiality policies to include protocols for traveling abroad with confidential client and firm information.
This article was written with contributions from Cox & Palmer's Erin Mitchell, Articled Clerk.
The Cybersecurity and Data Privacy Group at Cox & Palmer is happy to assist organizations prepare for and respond to future changes to privacy rights at the border.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.