Federal agencies mishandled sensitive documents more than 5,000 times last year
38 agencies reported an average of 20 incidents per working day
As a senior RCMP intelligence official faces charges of disclosing secret information, new figures reveal thousands of incidents last year in which federal agencies, including the national police force, mishandled sensitive documents.
Answers tabled in Parliament in response to a query from Ontario Conservative MP Jamie Schmale show 38 agencies reported a total of more than 5,000 incidents between Jan. 1 and Dec. 10 in which classified or otherwise protected documents were stored in a manner that did not meet security requirements.
That averages out to about 20 such incidents across the government each working day.
The number is likely higher given that one large department, Global Affairs Canada, did not provide figures for the year but reported thousands of such incidents in a 2016 survey.
No bureaucrats lost security clearance
The agencies say no one lost their security clearance as a result of the 2019 lapses, which Schmale finds concerning.
"As we all know, it only takes one incident for the wrong information to get into the wrong hands," he said in an interview. "These procedures are in place for a reason. It's disappointing that there are so many violations per day."
Schmale would like to know more about the infractions.
It only takes one incident for the wrong information to get into the wrong hands.- Ontario Conservative MP Jamie Schmale
"How serious were the violations? Is it computers left open? Is it documents left on a desk? Is it briefcases left wide open?" he asked.
"I think there needs to be an evaluation done as to what is causing this to happen so frequently. And once you get an idea of that, then you can take steps to fix it."
The government says it is committed to the highest standards of document security. Violations are identified through routine security sweeps — a measure designed to continually improve practices.
Cameron Jay Ortis, the director general of the RCMP's National Intelligence Co-ordination Centre, was arrested in September for allegedly revealing secrets and planning to give additional classified information to an unspecified foreign entity. His criminal case is before an Ontario court.
Over 200 cases at intelligence, security agencies
In response to Schmale's query, the RCMP reported three cases of improper document handling last year.
The cyberspies at the Communications Security Establishment noted 197 incidents, while the Canadian Security Intelligence Service reported 52.
Both spy services stressed that the documents in question were in secure areas with restricted access.
"Additionally, the Communications Security Establishment applies rigorous security measures to ensure the protection of classified information, including random security checks on all security personnel entering and exiting the building," the CSE said in its explanation.
At the Treasury Board of Canada Secretariat, security personnel collected the mishandled material in each of the 543 cases identified last year. "Documents were returned to the employees only after they were briefed on the importance of proper safeguarding practices."
Employment and Social Development Canada, which handles a large volume of personal data, reported 811 cases of mishandled information from Jan. 1 through Sept. 30. It said this represents a 48 per cent reduction in monthly averages since the last report.
Notices are left at workstations where unsecured classified or protected information is found during sweeps, the department said.
Follow-up inspections are done for serious infractions, such as those involving a large number of protected documents.
"Meetings with employees, management and security officials are held for repeat offenders to establish plans to improve security habits," ESDC added.
Immigration, Refugees and Citizenship Canada said immediate action was taken to address the 26 incidents there, with all staff receiving mandatory security briefings. "Steps have also been taken to ensure they are provided with the necessary training on how to appropriately store and handle sensitive information."