>>>>>>>SEPTEMBER 2020 AOR<<<<<<< Join here

[legalfalcon]

@legalfalcon

My AOR is Sep 12 2020, my medical passed on Oct 27 2020 and BIL on same day that I gave in Riyadh VAC on Nov 30 2020 along with my wife. Nothing has moved on my application since then and I see the same message that "20% of applications are.......etc etc";

I am an outland PNP applicant and planning to order GCMS notes through 3rd party providers but have some apprehension on data privacy and retention. How reliable and dependent are the 3rd party notes providers and how to judge their credibility as the notes are coming from IRCC but passing their channel to the end applicant. Kindly advise in your expert opinion on how a GCMS applicant is sure of the quality and authenticity of the received notes. Will the 3rd party provider keep copy or can access the details of the notes, which are on file received from IRCC. The information is sensitive and leaks can put the applicant in an unnecessarily uncomfortable spot.

Appreciate your time and clarification!!!

You have to understand the mechanism under which the data privacy works and how it is enforced rather than just being bombarded with big words and fear mongering.

Any private Business in Canada that collects any personal information as a part of the business has to be in compliance with the Federal Personal Information Protection and Electronic Documents Act (PIPEDA). Apart from this, if a business is being carried on in Alberta, British Columbia and Quebec, these Provinces have their own Privacy Legislation which the business has to comply with along with he federal PIPEDA.

Any business in Canada has to be registered under either the the Canada Business Corporations Act, or if it is a sole proprietorship / partnership or a Provincial registered business, then they have to be registered under the respective Provincial business act.

Only if an entity is in Canada, can you enforce the Privacy Legislations on them, and they themselves have an obligation of self reporting and audits. In a fancy way its looks cool by saying that even when an entity is not in Canada the PIPEDA applies, the question is how do you enforce it. If a law cannot be enforced, it is to even worth it.

Next you need to understand what is protected. Although the PIPEDA lists all this in details, in a nutshell this is what is covered:

What is personal information?
Under PIPEDA, personal information includes any factual or subjective information, recorded or not, about an identifiable individual. This includes information in any form, such as:

• age, name, ID numbers, income, ethnic origin, or blood type;
• opinions, evaluations, comments, social status, or disciplinary actions; and
• employee files, credit records, loan records, medical records, existence of a dispute between a consumer and a merchant, intentions (for example, to acquire goods or services, or change jobs).

What is not covered by PIPEDA?
There are some instances where PIPEDA does not apply. Some examples include:

• Personal information handled by federal government organizations listed under the Privacy Act
• Provincial or territorial governments and their agents
• Business contact information such as an employee’s name, title, business address, telephone number or email addresses that is collected, used or disclosed solely for the purpose of communicating with that person in relation to their employment or profession
• An individual's collection, use or disclosure of personal information strictly for personal purposes (e.g. personal greeting card list)
• An organization's collection, use or disclosure of personal information solely for journalistic, artistic or literary purposes

Unless they are engaging in commercial activities that are not central to their mandate and involve personal information, PIPEDA does not generally apply to:

• not-for-profit and charity groups; or
• political parties and associations.

Municipalities, universities, schools, and hospitals are generally covered by provincial laws. PIPEDA may apply in certain situations.

Your responsibilities under PIPEDA
Businesses must follow the 10 fair information principles to protect personal information, which are set out in Schedule 1 of PIPEDA.

By following these principles, you will contribute to building trust in your business and in the digital economy.

The principles are:

1. Accountability
2. Identifying Purposes
3. Consent
4. Limiting Collection
5. Limiting Use, Disclosure, and Retention
6. Accuracy
7. Safeguards
8. Openness
9. Individual Access
10. Challenging Compliance

https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protection-and-electronic-documents-act-pipeda/pipeda_brief/

No law will provide a list of technology that should be implemented. It is incumbent on the organisation to make their own judgment on how best to comply with the laws and regulations, and in cases of breaches, report them to the Privacy Commissioner.

What you can do is as follows:

1. Look at the basics, is the website operating and registered in Canada. Usehttps://www.whois.com to find if the website is registered in Canada and operating form Canada.

2. Ask the website provider about their incorporation details and business registration, which are public information and can be found at:
https://www.ic.gc.ca/app/scr/cc/CorporationsCanada/fdrlCrpSrch.html

IF the company is registered provincially, it you can find it on the Province's registration page. There are open source.

If the company is not registered provincially or federally, which could be due to the fact that it is a sole proprietor ship or partnership, then they have to register the business name. Eg. for Ontario it is under the Business Names Act and not doing so is an offence for which a fine can be imposed.

3. Look at the website and se their compliance with PIPEDA and their status in Canada.

4. When in doubt ask the questions and verify the information.


Finally, even government websites are hacked. Recently Canada Revenue Agency had to temporarily suspend 800,000 accounts due to fears of hacking, and this is not the first time. https://www.ctvnews.ca/politics/cra-cyberattacks-impacted-four-times-as-many-accounts-as-previously-believed-1.5109368

Be vigilant, read the law and ask questions.

 

[upon]

Hi. Not at all, the processing of the GCMS / CBSA / CSIS notes and the corresponding time extension if one is taken is not reflective of how the visa application is being processed.

Below are all false statements made here on the forum and elsewhere, pay no heed to these and more

For CBSA, if your security screening is in progress, or has been initiated, unless the GCMS notes can be captured and do not delay the working of the agency, they will seek an extension, and as as soon as it your notes can be released they will, but surely before the extension time frame expires.

Requesting your GCMS Notes may be beneficial and could help move your file forward. This is the case as an immigration officer has to review your file before releasing your GCMS Notes. Thus, the IRCC officer may use this opportunity to update documents received from other agencies.

But notes released not by IRCC officer. So the officer not gonna open your file to review it etc before sending the notes because the different department handling it and not the officer who working on your file.
Please clarify.

 

[herrderringe]

Hi @legalfalcon

How about passport expiry ??

My daughter's passport is expiring on Oct, 12 - 2021. My AOR is Sept 18, 2020

When case analyst processed my Eligibility on Feb 15, passport had > 6 month validity and he gave "Recommend pass".

Come April 12, validity is going to be < 6 month. In this case, when the visa officer processes my file for final review, is he going to send it back for new passport copy ??. Does this > 6 month validity required up until COPR is issued ?? Please advise

 

[legalfalcon]

Hi @legalfalcon

How about passport expiry ??

My daughter's passport is expiring on Oct, 12 - 2021. My AOR is Sept 18, 2020

When case analyst processed my Eligibility on Feb 15, passport had > 6 month validity and he gave "Recommend pass".

Come April 12, validity is going to be < 6 month. In this case, when the visa officer processes my file for final review, is he going to send it back for new passport copy ??. Does this > 6 month validity required up until COPR is issued ?? Please advise

If the passport of any of the family members has less than 6 months validity, IRCC can ask you to renew it is and submit before a decision on the file can be made.

If you are inland, and all your dependents are in Canada, then even if the validity is less than 6 months, the COPR can be issued. However, it is at the discretion of the Officer

As a rule of thumb, if your passport is expiring, then it is better to renew them and send the renewed documents via webform so that they are updated.

 

[sibhi8]

Hi thank you for your response, but is it normal not to receive RPRF request past the 6 months timeline?

Hi. Not to scare you but it isn't common to go past 6 months without getting RPRF request under ideal times. Usually RPRF request is sent when the Case Processing Agent completes or starts to check all the eligibility related documents. I deliberately chose not to pay RPRF upfront because I wanted to have an idea of where my application is when I receive the request from IRCC. And when I checked my GCMS notes, my RPRF request was sent on the day when the Case Processing Agent had made their recommendation.
So if you haven't received the RPRF it simply means that they haven't started to assess your eligibility yet. This could be due to the fact that they haven't been touching the applications at all. So when they resume processing of applications other than CEC, I'm pretty sure you would receive the RPRF request.

 

[legalfalcon]

But notes released not by IRCC officer. So the officer not gonna open your file to review it etc before sending the notes because the different department handling it and not the officer who working on your file.
Please clarify.

The officer does not deal with the release fo the information, however, the law is clear in this. Extensions are sought based on section 9 of the Access to Information act, which states:

• 9

  (1) The head of a government institution may extend the time limit set out in section 7 or subsection 8(1) in respect of a request under this Part for a reasonable period of time, having regard to the circumstances, if
  

  • (a) the request is for a large number of records or necessitates a search through a large number of records and meeting the original time limit would unreasonably interfere with the operations of the government institution,
  • (b) consultations are necessary to comply with the request that cannot reasonably be completed within the original time limit, or
  • (c) notice of the request is given pursuant to subsection 27(1)

  [*]by giving notice of the extension and, in the circumstances set out in paragraph (a) or (b), the length of the extension, to the person who made the request within thirty days after the request is received, which notice shall contain a statement that the person has a right to make a complaint to the Information Commissioner about the extension.

CSIS will clearly state this in their response and exempt from disclosure any information when the security screening is in progress, and later, once the security screening is complete, send a release.

People will keep claiming absurd things based on assumptions and what they think, but the law is clear. So when in doubt read the law.

A response from CSIS looks like this:



Upon a subsequent request, if the security screening is completed, CSIS will release the information. But until the security screening is in progress, CSIS will not release the information.

 

[herrderringe]

If the passport of any of the family members has less than 6 months validity, IRCC can ask you to renew it is and submit before a decision on the file can be made.

If you are inland, and all your dependents are in Canada, then even if the validity is less than 6 months, the COPR can be issued. However, it is at the discretion of the Officer

As a rule of thumb, if your passport is expiring, then it is better to renew them and send the renewed documents via webform so that they are updated.

Thanks @legalfalcon
I have been trying to get this passport renewed since Dec 2020, but not getting appointments. I just have to wait and see as the case progress.

 

[caipsnotes]

But notes released not by IRCC officer. So the officer not gonna open your file to review it etc before sending the notes because the different department handling it and not the officer who working on your file.
Please clarify.

GCMS / CBSA / CSIS notes are released by an ATIP Officer who works in the respective agency. Each of these govt agencies has an ATIP dept that releases notes. E.g. An ATIP officer at IRCC is not the same as an IRCC officer who works on the actual visa application.

Unlike IRCC ATIP one can call and speak with someone at CBSA ATIP about your request for the notes. They can tell you the facts about why a time extension was taken and dispel any misinformation being purported by some/one of this forum and there is a lot.

 

[legalfalcon]

Thanks @legalfalcon
I have been trying to get this passport renewed since Dec 2020, but not getting appointments. I just have to wait and see as the case progress.

Due to COVID there are delays. If you do get a request from IRCC to submit a renewed passport, you can seek an extensions.

If you can submit it before, you that would be ideal.

All the best!

 

[Gnana12345]

Thanks @legalfalcon
I have been trying to get this passport renewed since Dec 2020, but not getting appointments. I just have to wait and see as the case progress.

I am in the same situation as yours. My kids US passport is expiring in Sep'21 and am in wait list for renewal appointment.
AOR: Sep 4, 2020.

 

[Abrar110]

You have to understand the mechanism under which the data privacy works and how it is enforced rather than just being bombarded with big words and fear mongering.

Any private Business in Canada that collects any personal information as a part of the business has to be in compliance with the Federal Personal Information Protection and Electronic Documents Act (PIPEDA). Apart from this, if a business is being carried on in Alberta, British Columbia and Quebec, these Provinces have their own Privacy Legislation which the business has to comply with along with he federal PIPEDA.

Any business in Canada has to be registered under either the the Canada Business Corporations Act, or if it is a sole proprietorship / partnership or a Provincial registered business, then they have to be registered under the respective Provincial business act.

Only if an entity is in Canada, can you enforce the Privacy Legislations on them, and they themselves have an obligation of self reporting and audits. In a fancy way its looks cool by saying that even when an entity is not in Canada the PIPEDA applies, the question is how do you enforce it. If a law cannot be enforced, it is to even worth it.

Next you need to understand what is protected. Although the PIPEDA lists all this in details, in a nutshell this is what is covered:

What is personal information?
Under PIPEDA, personal information includes any factual or subjective information, recorded or not, about an identifiable individual. This includes information in any form, such as:

• age, name, ID numbers, income, ethnic origin, or blood type;
• opinions, evaluations, comments, social status, or disciplinary actions; and
• employee files, credit records, loan records, medical records, existence of a dispute between a consumer and a merchant, intentions (for example, to acquire goods or services, or change jobs).

What is not covered by PIPEDA?
There are some instances where PIPEDA does not apply. Some examples include:

• Personal information handled by federal government organizations listed under the Privacy Act
• Provincial or territorial governments and their agents
• Business contact information such as an employee’s name, title, business address, telephone number or email addresses that is collected, used or disclosed solely for the purpose of communicating with that person in relation to their employment or profession
• An individual's collection, use or disclosure of personal information strictly for personal purposes (e.g. personal greeting card list)
• An organization's collection, use or disclosure of personal information solely for journalistic, artistic or literary purposes

Unless they are engaging in commercial activities that are not central to their mandate and involve personal information, PIPEDA does not generally apply to:

• not-for-profit and charity groups; or
• political parties and associations.

Municipalities, universities, schools, and hospitals are generally covered by provincial laws. PIPEDA may apply in certain situations.

Your responsibilities under PIPEDA
Businesses must follow the 10 fair information principles to protect personal information, which are set out in Schedule 1 of PIPEDA.

By following these principles, you will contribute to building trust in your business and in the digital economy.

The principles are:

1. Accountability
2. Identifying Purposes
3. Consent
4. Limiting Collection
5. Limiting Use, Disclosure, and Retention
6. Accuracy
7. Safeguards
8. Openness
9. Individual Access
10. Challenging Compliance

https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protection-and-electronic-documents-act-pipeda/pipeda_brief/

No law will provide a list of technology that should be implemented. It is incumbent on the organisation to make their own judgment on how best to comply with the laws and regulations, and in cases of breaches, report them to the Privacy Commissioner.

What you can do is as follows:

1. Look at the basics, is the website operating and registered in Canada. Usehttps://www.whois.com to find if the website is registered in Canada and operating form Canada.

2. Ask the website provider about their incorporation details and business registration, which are public information and can be found at:
https://www.ic.gc.ca/app/scr/cc/CorporationsCanada/fdrlCrpSrch.html

IF the company is registered provincially, it you can find it on the Province's registration page. There are open source.

If the company is not registered provincially or federally, which could be due to the fact that it is a sole proprietor ship or partnership, then they have to register the business name. Eg. for Ontario it is under the Business Names Act and not doing so is an offence for which a fine can be imposed.

3. Look at the website and se their compliance with PIPEDA and their status in Canada.

4. When in doubt ask the questions and verify the information.


Finally, even government websites are hacked. Recently Canada Revenue Agency had to temporarily suspend 800,000 accounts due to fears of hacking, and this is not the first time. https://www.ctvnews.ca/politics/cra-cyberattacks-impacted-four-times-as-many-accounts-as-previously-believed-1.5109368

Be vigilant, read the law and ask questions.

Thank you Chief for your insightful response. Just wondering how can be a valid concern raised be fear-mongering or big words bombardment? The whole point of the debate is why an outlander to get GCMS notes directly from IRCC has to get it through a 3rd party where there is a risk information leak and breach.

It may be a source of income for some businesses to get GCMS notes on behalf of an applicant and as any reasonable and cognizant applicant, I have had reservations that are well cleared by @caipsnotes ....

What you provided here is indeed useful but no website that procures GCMS notes has given such assurance.

Again my thanks for your feedback.

 

[legalfalcon]

Thank you Chief for your insightful response. Just wondering how can be a valid concern raised be fear-mongering or big words bombardment? The whole point of the debate is why an outlander to get GCMS notes directly from IRCC has to get it through a 3rd party where there is a risk information leak and breach.

It may be a source of income for some businesses to get GCMS notes on behalf of an applicant and as any reasonable and cognizant applicant, I have had reservations that are well cleared by

What you provided here is indeed useful but no website that procures GCMS notes has given such assurance.

Again my thanks for your feedback.

The answer is simple, you have to know what is applicable on whom and what even constitutes personal information.

The Access to Information Act and the Privacy Act give the right to access to information only to specific categories, which is as follows:

Access to Information act
Right to access to records

• 4(1) Subject to this Part, but notwithstanding any other Act of Parliament, every person who is
  • (a) a Canadian citizen, or
  • (b) a permanent resident within the meaning of subsection 2(1) of the Immigration and Refugee Protection Act,
• has a right to and shall, on request, be given access to any record under the control of a government institution.
• Marginal note:Extension of right by order
  (2) The Governor in Council may, by order, extend the right to be given access to records under subsection (1) to include persons not referred to in that subsection and may set such conditions as the Governor in Council deems appropriate.

PRIVACY ACT:
Right of access

• 12 (1) Subject to this Act, every individual who is a Canadian citizen or a permanent resident within the meaning of subsection 2(1) of the Immigration and Refugee Protection Acthas a right to and shall, on request, be given access to
  • (a) any personal information about the individual contained in a personal information bank; and
  • (b) any other personal information about the individual under the control of a government institution with respect to which the individual is able to provide sufficiently specific information on the location of the information as to render it reasonably retrievable by the government institution.
• Marginal note:Other rights relating to personal information
  (2) Every individual who is given access under paragraph (1)(a) to personal information that has been used, is being used or is available for use for an administrative purpose is entitled to
  • (a) request correction of the personal information where the individual believes there is an error or omission therein;
  • (b) require that a notation be attached to the information reflecting any correction requested but not made; and
  • (c) require that any person or body to whom that information has been disclosed for use for an administrative purpose within two years prior to the time a correction is requested or a notation is required under this subsection in respect of that information
    • (i) be notified of the correction or notation, and
    • (ii) where the disclosure is to a government institution, the institution make the correction or notation on any copy of the information under its control.
• Marginal note:Extension of right of access by order
  (3) The Governor in Council may, by order, extend the right to be given access to personal information under subsection (1) to include individuals not referred to in that subsection and may set such conditions as the Governor in Council deems appropriate.

When you give consent to a third website to obtain your information, you in essence are giving them the permission to obtain your information. There multiple laws, but not all laws are applicable on private business.

Government has an entirely different framework and obligations to protect personal information, where as the private businesses are government under a different frame work. This is because you can chose the private business you want to do business with, but you are compelled to give your personal information to the government.

No business is under obligation to provide a copy of their Master Business licenses, unless you ask. If you ask, they will provide.

However, as a complaint entity, all such business should have a Privacy policy clearly described in the terms and conditions, see https://bit.ly/3rfkgOS

and https://bit.ly/3cg5dQN

This is what will govern your contract with the private player and if a dispute arises then you have a right of action. There are also self auditing requirements and reporting obligations under the law.

Privacy laws are as complex as any other branch of law, so it is impossible to fathom all of them in a post.

But to protect your self, you can go though the following:

https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protection-and-electronic-documents-act-pipeda/
https://www.antifraudcentre-centreantifraude.ca/index-eng.htm
https://www.antifraudcentre-centreantifraude.ca/report-signalez-eng.htm

And before entering into business with any private player, you have a right to ask for additional information, which you should.

Finally, it is your application, your information and your choice.

 

[drtaruntejarao]

Hi Everyone, I just got my Pr approved. Status says approved with copr and document number with expiry date. But I cudnt open any document. Can someone help me understand further process? With this COVID situation I guess I cant go to cross border.
Inland cec applicant, aor 27-sept-2020. Approved date 19-March-2021.
Really appreciate any information. Please and thank you !
Regards,
Tarun

 

[canpr2020]

Hi Everyone, I just got my Pr approved. Status says approved with copr and document number with expiry date. But I cudnt open any document. Can someone help me understand further process? With this COVID situation I guess I can go to cross border.
inland cec applicant, aor 27-sept-2020. Approved date 19-March-2021.
Really appreciate any information. Please and thank you !
Regards,
Tarun

congratulations... wht's your VO ? and, did you apply with inland dependents ?

 

[GhanCIC]

Hi Everyone, I just got my Pr approved. Status says approved with copr and document number with expiry date. But I cudnt open any document. Can someone help me understand further process? With this COVID situation I guess I can go to cross border.
inland cec applicant, aor 27-sept-2020. Approved date 19-March-2021.
Really appreciate any information. Please and thank you !
Regards,
Tarun

Just wait for an email from IRCC, This is the process for CEC inland nowadays - https://www.canada.ca/en/immigration-refugees-citizenship/services/immigrate-canada/pr-confirmation-portal.html