Canada Revenue Agency |  “Risks” linked to the use of mobile phones by employees

Canada Revenue Agency | “Risks” linked to the use of mobile phones by employees

Could Canada Revenue Agency (CRA) employees who use cell phones to respond to requests for information from the public “pose risks” to the citizen? The federal agency warns that yes. If the situation is not alarming, it still requires certain changes in habits, according to an expert.

Henri Ouellette-Vezina

Henri Ouellette-Vezina
Press

At the end of the line, when contacting CRA customer service, an automated voice now warns Canadians of certain risks they need to be aware of. “Some of our officers use cell phones to answer inquiries, which could present risks. By staying on the line, you agree to continue the call,” says the automated voice at the end of the line before putting the user in touch with a representative, he could see. Press.

It is then explained that the user can “also choose to explore other means” of contacting the Tax Agency, such as the online My Account service.

“Due to the limitations of current cell phone technology, security is never guaranteed. Appeler l’Agence au moyen d’telephone cellular n’est pas moins securitaire que d’appeler n’importe qui d’autre avec la mé technologie », précise à ce subject la porte-parole de l’ARC, Hannah Wardell, by mail.

Since last August, the Treasury Board ruled in a government document that “the obligation to use encryption to protect sensitive information […] does not apply in the case of transmissions beyond the Government of Canada by voice and audio,” said Ms.I Wardel.

This is because “the Government of Canada has no control over external communications networks and personal devices used by the public.” Therefore, the policy on the use of mobile phones to communicate with the public has been “modified to reflect this new directive”, the spokesperson continues, noting that the automated message is only intended to allow everyone “to make an informed decision before continue”. with the resource.

A “real” danger, but marked

At UQAM, the coordinator of the Socio-Digital Media Research Laboratory, Jonathan Bonneau, reminds us that the danger, when a federal official uses a cell phone, is “real”, but that it can very well be supervised to do is “minimal”. “.

The final danger is that we install scanners, like those used in police cars, under a car to pick up conversations on the sidewalk or in driveways.

Jonathan Bonneau, Coordinator of the Social Network Research Laboratory

“That said, it is a technology that is not as advanced and democratized as what we see for car theft, for example. On the other hand, of course, you never know how you can progress. Therefore, it is necessary to advocate for the control of the tools used” by officials, adds Mr. Bonneau.

According to him, the greatest risk of using a cell phone by a CRA representative is “IP address hacking.” “Compared to satellite, where you really have to point at someone, you can just put up a net and see what happens over the address. It is therefore a bit of random hacking, which can possibly provide a lot of data, ”says the specialist.

Ultimately, the warning issued by the Revenue Agency probably calls for “acquiring new prevention habits”, concludes Jonathan Bonneau. “When they ask for your social security number, for example, they are asking if the person you are talking to has a landline or is at least protected in some way. And if not, you can ask to speak to someone else,” he observes. However, this step is not necessary for basic information such as your first or last name.

In recent years, the federal agency has been the victim of cyberattacks, as have several other departments, government entities, and large organizations. As recently as last December, the federal agency had also stated that it had suspended its online services after learning of a security threat. In Quebec, the Mon dossier space was then temporarily inaccessible.


#Canada #Revenue #Agency #Risks #linked #mobile #phones #employees

Leave a Comment

Your email address will not be published.