Dean Beeby reports:
Detailed tax information about the private lives of hundreds of Canadians — many of them rich and famous — was sent to CBC News by Canada’s tax agency in an apparent major privacy breach.
The highly confidential details, including home addresses of taxpayers and the value of tax credits they were granted, are contained in a copy of a Canada Revenue Agency spreadsheet covering the years 2008 to 2013.
The 18 pages include information on donations made by such Canadian luminaries as author Margaret Atwood, former prime minister Jean Chrétien, grocery magnate Frank Sobey, cartoonist Lynn Johnston, pollster Allan Gregg, financier Stephen Bronfman, former CBC executive Richard Stursberg, Olympics chief Richard Pound and many others.
Read more on CBC News, who, curiously, do not seem to explain how the breach occurred. Was the spreadsheet sent to them in response to a public records request of some kind? If so, what had CBC News requested? Were the data sent via email attachment or CD or ….?
“Was the spreadsheet sent to them in response to a public records request of some kind?”
It’s not really stated, but there’s a new press release:
http://www.marketwired.com/press-release/statement-from-canada-revenue-agency-accidental-disclosure-taxpayer-information-media-1971812.htm
The Canada Revenue Agency (CRA) confirms it accidentally disclosed confidential taxpayer information to a reporter.
The CRA acknowledges that the release of personal information constitutes a serious breach of privacy. The document was accidentally released to the CBC through human error.
When the CRA became aware of the breach, CRA officials immediately contacted the CBC to inform them of the error and retrieve the documents. Retrieval efforts continue.
The CBC did not respond to the CRA’s request to retrieve the information. Regrettably, the CBC chose to publicly disclose the names.
Appears it was more than one document. That’s all I can pick up from the release.
Thanks. You’d think by now CRA would be able to give a clearer statement about the breach. After all, it’s not like this is its first one… or second… or…