Thank you very much for the detailed insightful response, it makes great reading with full understanding. Data privacy and protection should be paramount to all applications just as the same way they want to get their PPR/COPR.
I've seen posts, threads in forums and platforms where some naive applicant has inadvertently leaked all his information by virtue of innocence or anxiety to get updates; imagining my data with my family details out in public gives me horrors. I really also want to use this message as an eye-opener and challenge the way applicants put the benefit first of ordering GCMS notes over their own data. Applicants especially outlanders like myself should deliberate and critically judge on the grounds for GCMS (even though I applied from GCMS notes a day back but have not sent the consent form, I don't mind losing the money but am seriously concerned about the way my information is handled and processed).
When Canada has stringent laws enforced in place for data privacy and protection (ATIP) then why does the applicant (outlander) cannot apply for the notes himself? Why is there a necessity for the involvement of a third party? GCMS notes contain very sensitive information on the applicant, his/her dependents, and this is shared upfront to a 3rd party, ( of course with the applicant's consent) but what is the guarantee or assurance on the data integrity and quality, how can the applicant be sure of the notes received are genuine........very tricky.
I actually, just before your reply was received have ordered GCMS notes from
https://www.thegcmsonline.com/ and paid $ 10 for the basic GCMS. This instead of going through 3rd party and signing/scanning a consent form with my 18+ dependent applicant; I could have processed it myself with a sense of relief and satisfaction that my communication is direct with the IRCC rather than a medium in between. Is there any way I can at least bring it to the notice of IRCC this hokey pokey way? Maybe it may not immediately put this on their priority or attention but at least we have someone raising a voice.
As you have given when IRCC responds to a notes request, it sends an email without any encryption or secure way, thus making it vulnerable to manipulation or alteration by a malicious or greedy 3rd party GCMS notes provider. I mean there is no transparency on how dependable the notes are until your application itself is cleared officially in the MYCIC account. Really puts me at a loss of understanding on why an outlander has to experience so many risks for his application progress and update.
My call to all aspirants and PPR hopefuls, please consider the safety of your information over your application. Having said that, I will welcome inputs from fellow outlanders on their experiences on NOTES ordered via 3rd party and their feelings on DPP.
Again
@caipsnotes thanks so much for taking time and patience in responding to my post in details. Will keep on following this convo...................