Several Significant ArriveCAN Governance Issues

Bianca Wylie
8 min readJul 7, 2022


More Reasons the ArriveCAN App Must Be Voluntary

Please start by reading (or read after this post) the first two posts in this series about ArriveCAN — post one is here, post two is here. They lay out the big foundational problems with this app — namely, democratic process and equity issues. Today we delve into some of the more narrow governance ones, or related governance details related to democratic process and mandatory use.

Before I get into some of the governance issues related to this app, I can’t stress one point enough, especially on the heels of today’s government statement (h/t @fanCRTCprofiling) that the app is reducing border entry processes by 40 seconds: the state and the public service has a much broader remit than efficiency.

We have a responsibility to reject the mythology that this kind of tech, these apps, are the only way to build public services of the future. Even if they do save time for some, or are preferred by others.

A Select List of Governance Issues With ArriveCAN

  1. Public Health and Safety Theatre? Why an App?

The government of Canada, and the provinces/territories, have inadequate PCR testing capacity, no contact tracing, and have lost the plot on data. We never provided the kind of wrap-around supports or services for quarantine, if needed. But we’ve got a $25,000,000 CAD app to collect vaccination information and address information, with which we do what, exactly?

The confusion being created with this app is that the app is doing something for our public health response. At least it’s confusing me. It is primarily confirming a) that people travel have been vaccinated (don’t need an app for this) and b) collecting a whack of sensitive information to do so (again, the data can be collected and held without a mobile phone app).

What is *this app* actually doing? This is a different question than what the data being collected is doing. The sole purpose appears to be efficiency, which is not the same as a public health rationale. We’ll come back to this further along re: oversight. The rhetoric of public health and safety and the use of a mandatory app don’t square.

This point is surprisingly straightforward but we’re multiple years into the repeated communications that the app does something for safety.

2. Mandatory = Lack of Consent

Consent and trust: The use of apps must be voluntary. This will be indispensable to building public trust. Trust will also require that governments demonstrate a high level of transparency and accountability.”

That is from the 2020 Joint Statement by Federal, Provincial and Territorial Privacy Commissioners: “Supporting public health, building public trust: Privacy principles for contact tracing and similar apps”

I don’t know why the Privacy Commissioner didn’t go in on the government for making this app mandatory in his letter to the shadow ministers about both COVID Alert and ArriveCAN. more on that letter in a minute - it’s a good read. You could say that this app isn’t a “similar app” to contact tracing apps, but I also think that’s what the government is saying it’s for. I think the commissioners’ general guidance holds here.

3. ArriveCAN Has Not Been Audited by the Privacy Commissioner

In that letter to shadow ministers in August 2020, the federal privacy commissioner held forth on both COVID Alert and ArriveCAN. He’s basically telling members of the government that current laws aren’t fit for digital purpose. He’s said this for a while. In the midst of this stated context about our legal situation and its lack of protections for the public, our government’s decision was to design and launch a mandatory app.

This government talks as though digital rights issues matter, talks about ethical leadership in software, has an updated bill for data coming out in the fall, but its actions tell a much more honest story about its lack of concern on the matter.

This six and a half minute CBC interview about ArriveCAN with David Fraser, a Canadian privacy lawyer, includes his call for an audit of the app by the Privacy Commissioner. This suggestion is in there along with lots of other good points about the app, data management, the history of the Canada Border Services Agency and tech, data retention, oversight, and more. It’s well worth a listen and agreed on his suggestion about the audit.

For those interested in data governance and privacy, the section of the letter to the shadow ministers that relates to the Quarantine Act is worth a read, here is an excerpt:

“In your letter, you ask whether my Office has concerns with a provision in the ArriveCAN privacy notice outlining potential disclosures of personal information. The section of the notice that your letter highlights is part of a longer paragraph that, when read in full, clarifies that the information collected will be used and/or disclosed for the purposes of public health follow-up and monitoring and verifying compliance with the Quarantine Act and the emergency orders made under it. It is our understanding that disclosures to provincial and territorial public health units and law enforcement agencies in Canada are a necessary component of the quarantine process under the Quarantine Act for the two purposes outlined. Based on this understanding, we do not have concerns with this particular provision that outlines information-sharing activities for which PHAC has the legal authority and an identified need to disclose.

The notice then further states that, “In limited and specific circumstances, personal information may be used and disclosed without consent in accordance with subsection 8(2) of the Privacy Act.” This provision leaves room for the government to use and disclose personal information collected in direct response to the COVID-19 pandemic for other, unrelated purposes, as is indeed permitted under subsection 8(2) of the Privacy Act. Whether or not my Office would have concerns with such uses would depend on the specifics of the proposed activity.”

4. The Code is Closed

As David mentions in the interview as well, the code for ArriveCAN is closed. It’s definitely got some proprietary elements. For those concerned about how the app behaves, and given the app is mandatory, there is way too much going on here that no one can see. There can be no security reviews by researchers and others. As far as I understand it, this is a case where people are being asked to upload passport and other information to a mobile app, often from outside the country.

As Dan Mazur suggested:

“ArriveCAN should also be #FLOSS as well as voluntary. Currently its a proprietary app with a non-free JavaScript web version. If you want us to run government software on our own devices, we must be able to study what it does and deactivate any ‘features’ we don’t like.”

6. No Public Governance or Oversight

Beyond the code being closed, there is no public oversight or accountability built into this project. The governance is closed. The public oversight is non-existent. The business owner of the app is the Canada Border Services Agency, but we’ve also got, from an accountability perspective, the problematic mixing of two ministries, as the Public Health Agency of Canada has been involved for a long time.

Look around for reporting on this app that helps us the public understand what is going on with it. I have not found much yet. It is stunning how long into the idea of open government we are, yet in this incredibly rare case of the use of mandatory technology, there has been no effort to be transparent and accountable in terms of this app.

It is entirely reasonable to shut this app down from a public health perspective because you can collect the data they want to collect without an app. But the clear direction the government is going now is an expansive adventure into border modernization. I’ve already argued why they don’t have license to do this in the first post.

As was reported last week, the app now includes custom declaration features. This is a separate undertaking from public health information collection, and as I learned online, we *already have/had a voluntary app for that. This provides us with a good example of how easily the government can create an update to the tech to shift its purpose.

It is significant that the Minister of Public Safety won’t commit to saying the app is staying around, while the development of the app is telling a different story. If politicians can’t be direct about what has already happened and their intent with this technology, how much faith is there to be had in what is not public about the app?

What are the governance and oversight mechanisms in place to manage what those feature additional look like in the future? Without having an oversight and governance regime for that kind of ongoing feature expansion, it is absolutely wild to think this app could be made mandatory.

We seem to be generally bad at understanding that tech is never done. It’s always evolving and shifting. We can’t sign off on this under the header of “pandemic response” and then have it shift into other vague border modernization rationales.

7. Cost is $25,000,000 CAD + how much more for how long?

it won’t end. maintenance.

Alternatives to The App

A reader of an earlier post asked me what the solution should be. I suggested we add a few questions to the existing kiosks that we have at airports. I would also imagine a written form working. Questions from border agents. I have had people tell me this suggestion to manage the data collection process at the kiosks would take longer. That may be true and it’s still fine by me.

We all have different takes on this, as we should. I believe we can have drastically different worlds in terms of how our governments and services and technologies work. I believe in investing in people and creating spaces that are welcoming and safe.

At this moment in time, a mandatory app does not help protect and grow space to invest in different ways to manage our shared resources. All the mitigating and privacy preserving and security investments in the world to make this tech better won’t convince me or move me from my belief that I don’t want it and want to spend money and effort differently.

In Closing — There Is More

This is not the end. This post does not get into some of the potential harms that David touches on in his interview. This post does not get into the usability issues I’ve heard others raise. It’s more important to keep this rolling than to try to do it all at once or very well. I’m always looking for more information about the app, its history, its future, etc. so if you have any please pass it along. Thanks to everyone that has been so helpful online in sharing resources and suggesting links.

Final note: even if the airports were running “better than ever” because of this app, it doesn’t make it either a) right or b) necessary. This idea that everything about success of the app is being measured in terms of deployment success or compliance speaks volumes about problematic management incentives to launch tech in government. This kind of tech poisons the well and reduces trust for more creative, expansive, collective types of thought around public tech. It also jacks up the idea of efficiency over everything, which is not what public service should, or has to, look like.

CanBorder: eDeclaration (Beta) mobile app (