In addition to the objectives indicated in section 3.1 of the Policy on Privacy Protection, the objective of this directive are as follows:
The expected results of this directive are as follows:
Heads of government institutions or their delegates are responsible for:
Executives and senior officials who manage programs or activities involving the creation, collection or handling of personal information are responsible for:
Providing notification to individuals when collecting the SIN for both administrative and non-administrative purposes, so that they understand:
The requirement to notify does not apply where the notification might defeat the purpose or prejudice the use for which the information is collected, for example, in the case of an investigation. See Appendix A: List of Authorized Purposes for SIN Collection or Use for more information on lawful investigations.
Ensuring that any new collection or new consistent use of the SIN:
Establishing legal authority for a new collection and a new consistent use of the SIN by either:
Referring expressly to the SIN in new or amended statutes or regulations:
Government institutions follow the federal legislative process in order to have the SIN referred to explicitly in a new or existing statute or regulation. This process does not require policy approval by Treasury Board; or
Establishing implicit legal authority:
Government institutions are to have legal authority for the program or activity for which personal information is being collected. Under the Privacy Act, personal information including the SIN can be collected only if it relates directly to such a program or activity. Government institutions are to also have a demonstrable need to collect or use the SIN under that program or activity.
In the case of a new consistent use, the new use must have a reasonable and direct connection to the original purpose(s) for which the information was obtained or compiled.
Seeking policy approval from Treasury Board Ministers prior to implementing a new collection or a new consistent use of the SIN based on implicit legal authority. Details on the process for obtaining policy approval for a new collection or a new consistent use of the SIN are outlined in Appendix B: Obtaining Policy Approval.
Note: the SIN may still be used or disclosed in a manner consistent with subsection 8(2) and paragraphs 8(2)(b) to 8(2)(m) of the Privacy Act. There is no need to seek special policy approval for such uses and disclosures. The original collection must nevertheless have been in compliance with this directive.
Identifying the SIN use in Personal Information Bank (PIB) descriptions by citing:
TBS is responsible for the following:
Legislation
Related policy instruments
Related guidance instruments
Current as of November 8, 2023
The SIN can only be collected or used for administrative or non-administrative purposes expressly authorized under specific Acts and Regulations, or under programs or activities authorized by Parliament and as approved by Treasury Board. The Acts and Regulations that explicitly refer to the SIN, and the specific programs and activities that are authorized are listed below.
This appendix is current to the date of publication and is subject to change based on the evolution of program and activities. While it does not confer authority, it does provide an accurate representation of current Acts and Regulations that have express references to the SIN and programs and activities that are authorized to collect and use the SIN. Refer to www.open.canada.ca/en for a repository of all activities and programs authorized to use the SIN with registered Personal Information Banks, including those authorized by the following Acts and Regulations in the list below.
Members of the public as well as current and former federal employees may have their SIN collected and used in support of common internal services provided by government institutions, as follows:
The following is a list of uses of the SIN that are appropriate given the historical and legislative context. The SIN is not systematically, but rather, is incidentally collected as part of the requirements of administering these programs or activities.
Library and Archives Canada and the Department of National Defence are authorized to use the SIN for retrieval of historical files in instances when the SIN is the only identifier available for former government employees and former military personnel. This is because the SIN was the identifier used before the conversion to an employee identifying number or military service number was made. Also, Canada Mortgage and Housing Corporation is authorized to use the SIN for file retrieval and enquiries associated with the Rural and Native and Housing program, which was terminated in 1993. The Canadian Government Annuities Program is authorized to use the SIN in the administration of their program. Other government institutions may have similar requirements; however, the use of the SIN would be limited to historical file retrieval only.
Entities are to limit their collection of the SIN to specific circumstances when the SIN is relevant and directly related to investigative activities or when it is collected or provided as part of the evidence gathering process. This may also include the activities of government institutions involved in investigations and intelligence gathering with respect to suspected money laundering and terrorist financing.
The Canada Deposit Insurance Corporation (CDIC) may collect and use the SIN:
Finance Canada is authorized to share the SIN with the Canada Revenue Agency as per the Income Tax Act and the Excise Tax Act.
The Public Service Commission is authorized to collect the SIN from Public Services and Procurement Canada for the purpose of creating a client service number.
Statistics Canada, Library and Archives Canada and the Auditor General of Canada are authorized to use the SIN for non-administrative purposes in a manner consistent with the administration of the Statistics Act, the Library and Archives of Canada Act and the Auditor General Act, respectively.
Government institutions seeking to determine whether policy approval for a new collection or new consistent use of the SIN is appropriate have to assess the following:
An institution that wishes to pursue policy approval through Treasury Board, after considering the necessity of using the SIN and the reasons for not obtaining new express legal authority, must take into account:
Note: It is imperative that institutions establish legal authority for the collection, which will form the basis for denying access to a right, benefit or service if an individual does not provide the SIN. It is to be noted that requesting consent from the individual as a way of obtaining the SIN does not replace the requirement to demonstrate legal authority as outlined in this directive.
Before seeking approval from Treasury Board Ministers, the following process is required:
Obtain approval from Treasury Board Ministers: