Canada Pension Plan and Employment Insurance Appeals to the Minister and Appeals to the Courts

Assessment, Benefit and Service Branch
Program Management Directorate

On this page

• Overview & Privacy Impact Assessment Initiation (PIA)
• Summary of the project, initiative or change
• Risk identification and categorization

Overview & Privacy Impact Assessment (PIA) Initiation 

Government institution

Canada Revenue Agency

Government official responsible for the PIA

Tammy Branch
Assistant Commissioner
Appeals Branch

Head of the government institution or Delegate for section 10 of the Privacy Act

Anne Marie Laurin
Director General
Access to Information and Privacy Directorate
Public Affairs Branch

Name of program or activity of the government institution

Objections and Appeals

The Objections and Appeals programs help taxpayers resolve their formal disputes with the CRA. They conduct impartial reviews of assessments, determinations or decisions related to the Income Tax Act (ITA), the Excise Tax Act (ETA), the Canada Pension Plan (CPP), and the Employment Insurance Act (EIA). These programs also work with the Department of Justice on appeals before the courts.

Additionally, the Objections and Appeals programs provide information and support to taxpayers so they understand their rights and when they should formally dispute a CRA decision.

Standard or institution specific class of record:

Canada Pension Plan/Employment Insurance (CPP/EI) Appeals to the Minister and Appeals to the Courts
CRA APP 565

Standard or institution specific personal information bank:

Appeals Regarding the Canada Pension Plan and the Employment Insurance Act
CRA PPU 130
TBS Registration Number 002770

Legal authority for program or activity

The CRA has the legal authority to handle appeals related to the Canada Pension Plan (CPP) and Employment Insurance (EI) to the Minister and the Courts Program.

What can be appealed

Rulings on questions listed in section 26.1 of the CPP can be appealed, as described under section 27. Appeals are also permitted regarding assessments under section 22 of the CPP, as described in Section 27.1.

Rulings on questions listed in subsection 90(1) of the Employment Insurance Act can be appealed, as described under section 91. Appeals are also permitted regarding assessments under section 85 of the Employment Insurance Act, as described under Section 92.

Who can file an appeal

Both payers and workers can appeal a CPP or EI ruling within 90 days of being informed about it. A payer can also file a payroll deductions assessment appeal within the same 90-day period. Employment and Social Development Canada (ESDC) can appeal a CPP or EI ruling at any time.

When to file an appeal

ESDC can appeal a ruling at any time. However, payers and/or workers involved in the appeal must file the appeal within 90 days. The Canada Employment Insurance Commission (CEIC) can appeal on behalf of ESDC. Under the CPP and the Employment Insurance Act, the Minister of ESDC can also appeal.

A payer and/or worker must file an appeal within 90 days of receiving a decision, as stated under section 27 of the CPP and section 91 of the Employment Insurance Act.

If a payer receives an assessment, they must appeal it within 90 days of being informed about it, as stated under section 27.1 of the CPP and section 92 of the Employment Insurance Act.

Minister's authority to decide a question

The Minister is allowed to make a decision on their own, as stated under section 27.3 of the CPP and section 94 of the Employment Insurance Act.

The Minister is also allowed to make an assessment after the date mentioned in subsection 26.1(2) of the CPP or subsection 90(2) of the Employment Insurance Act.

The Minister's authority isn’t limited by sections 26.1 to 27.2 of the CPP, or sections 90 to 93 of the Employment Insurance Act.

The CRA collects personal information from taxpayers under the authority of subsection 27.2(1) of the CPP and section 93 of the Employment Insurance Act. This information is used to determine taxpayer benefits under the CPP and Employment Insurance Act for each case.

Summary of the project, initiative or change

Overview of the Program or Activity

As stated in the CPP and Employment Insurance Act, ESDC is responsible for:

• Determining if someone is eligible for CPP or Employment Insurance benefits
• Processing claims for these benefits
• Setting the annual Employment Insurance premium rate
• Monitoring the social and economic impact of CPP and Employment Insurance legislation
• Updating regulations related to the CPP and Employment Insurance Act.

The CPP/EI Appeals to the Minister and Appeals to the Courts Program reviews decisions made by the CRA about pension eligibility and insurability. Their responsibilities include:

• Evaluating, managing and reporting risks related to appeals
• Helping the Department of Justice (DoJ) prepare for appeals filed to:
  • The Tax Court of Canada
  • The Federal Court of Canada
  • The Federal Court of Appeal
  • The Supreme Court of Canada
• Assessing and reporting on the impact of complex court cases on CPP and Employment Insurance Act administrative policies and procedures
• Developing and maintaining manuals and training material for CPP/EI litigation

A payer and/or worker can file an appeal to the CRA Minister of National Revenue if they disagree with:

• a decision letter from the CPP/EI Rulings Division
• a notice of assessment for payroll CPP/EI source deductions

A payer and/or worker can file an appeal to the Tax Court of Canada if they disagree with:

• a decision letter from the CPP/EI Appeals Division

Any affected party (worker, payer, or ESDC) can file an appeal. Only payers can appeal decisions about payroll assessments.

All parties involved in the appeal will get a fair review of the decisions made about their eligibility and assessments resulting from a CPP/EI Ruling or a payroll deductions assessment.

By law, all parties involved must be notified about the appeal so they can participate.

The program makes final decisions under the authority of the Minister of National Revenue, and these can only be challenged in the Tax Court or Federal Court of Canada.

Scope of the Privacy Impact Assessment

The privacy impact assessment evaluates privacy risks related to personal information when an employer, individual, or ESDC appeals a CPP or EI decision to the Minister of National Revenue. It also covers cases where an employer, individual, or ESDC disagrees with a decision and wants to challenge it in the Tax Court or Federal Court of Canada.

Activities excluded from this assessment:

• CPP/EI rulings that determine employment status (employee vs. self-employed) and related earnings
• Audits of employers' records for proper CPP/EI contribution deductions
• Assessing individual eligibility for CPP/EI benefits or processing claims

ESDC is responsible for:

• Determining if someone is eligible for CPP or EI benefits
• Processing claims for these benefits
• Setting the annual EI premium rate
• Monitoring the social and economic impact of CPP and EI legislation
• Updating regulations related to the CPP and Employment Insurance Act

Risk identification and categorization

A) Type of program or activity

Compliance / Regulatory investigations and enforcement

Level of risk to privacy: 3

Details:

The CRA will use taxpayers’ personal information to identify them, their employment income, and to check compliance, such as detecting fraud related to appeals.

The CRA will also use personal information to:

• View taxpayers’ information (for example, addresses, and authorized representative)
• Review payroll account transactions
• Read correspondence and reports (for example, rulings report, trust exam report, and employer compliance activity)

B) Type of personal information involved and context

Social insurance number, medical, financial or other sensitive personal information and/or the context surrounding the personal information is sensitive. Personal information of minors or incompetent individuals or involving a representative acting on behalf of the individual. 

Level of risk to privacy: 3

Details:

The personal information collected during the review of an appeals file includes:

• Social insurance number
• Business number
• Name
• Contact information
• Financial information

C) Program or activity partners and private sector involvement

With other federal institutions

Level of risk to privacy: 2

Details:

The CPP/EI Appeals to the Minister and Appeals to the Courts Program shares information with other CRA programs. When there is an appeal, they will share the results with the program involved in the original dispute.

Additionally, the program shares decisions from the Minister and tax court rulings with ESDC for benefit pending, benefit non-pending, and integrity services rulings, as well as Enforcement Investigations files.

The CRA is solely responsible for matters related to someone’s pension eligibility and insurability. The CRA will notify ESDC when an appeal is filed and when it’s resolved to keep them updated on whether the employment and/or services qualify for employment insurance benefits.

D) Duration of the program or activity

Long-term program 

Level of risk to privacy: 3

Details:

This is an ongoing program with no defined end date.

E) Program population

The program affects certain individuals for external administrative purposes.

Level of risk to privacy: 3

Details:

The program impacts certain individuals for administrative reasons, as the decisions from the CPP/EI Appeals to the Minister and Appeal to the Courts affect taxpayers, whether they are individuals or businesses. Only those taxpayers who formally dispute CRA assessments or decisions under the CPP and Employment Insurance Act are affected.

F) Technology & privacy

1. Does the new or modified program or activity involve the implementation of a new electronic system, software or application program including collaborative software (or groupware) that is implemented to support the program or activity in terms of the creation, collection or handling of personal information?

Risk to privacy: No

2. Does the new or modified program or activity require any modifications to IT legacy systems and/or services?

Risk to privacy: No

3. Does the new or modified program or activity involve the implementation of one or more of the following technologies?

Enhanced identification methods - this includes biometric technology (i.e. facial recognition, gait analysis, iris scan, fingerprint analysis, voice print, radio frequency identification (RFID), etc.) as well as easy pass technology, new identification cards including magnetic stripe cards, "smart cards" (i.e. identification cards that are embedded with either an antenna or a contact pad that is connected to a microprocessor and a memory chip or only a memory chip with non-programmable logic).

Risk to privacy: No

Use of Surveillance - this includes surveillance technologies such as audio/video recording devices, thermal imaging, recognition devices, RFID, surreptitious surveillance/interception, computer aided monitoring including audit trails, satellite surveillance etc.

Risk to privacy: No

Use of automated personal information analysis, personal information matching and knowledge discovery techniques - for the purposes of the Directive on PIA, government institutions are to identify those activities that involve the use of automated technology to analyze, create, compare, identify or extract personal information elements. Such activities would include personal information matching, record linkage, personal information mining, personal information comparison, knowledge discovery, information filtering or analysis. Such activities involve some form of artificial intelligence and/or machine learning to uncover knowledge (intelligence), trends/patterns or to predict behavior.

Risk to privacy: No

G) Personal information transmission

The personal information is sent using wireless technologies. 

Level of risk to privacy: 4

Details:

A payer, worker, or their authorized representative can submit information either electronically or on paper.

When a request for a ruling is filed electronically, the personal information is sent using wireless or wired technology.

For paper requests, a third-party service provider scans and digitizes the documents, and uploads them to a document management system. Paper requests are then processed like electronic requests.

CRA employees use laptop computers with access controls. To access the Agency’s network remotely, they must use full disk encryption and secure remote access. The Information Technology Branch has created a secure telecommuting platform for users to access the network safely.

H) Potential risk that in the event of a privacy breach, there will be an impact on the individual or employee

Details:

If personal information is exposed, it could potentially lead to financial problems and embarrassment for the person involved. They might fall victim to identity theft, with their information used without their knowledge or permission. This situation can result in financial loss, stress, or harm to their reputation, and even legal costs.