Annual Report to Parliament 2013-2014
Part II: Report on the Privacy Act
Requests Under the Privacy Act
I. Statistical Report
The annual statistical report for fiscal year 2013-2014 is included at the end of this chapter.
II. Interpretation of the Statistical Report
Overview of Requests Pursuant to the Privacy Act
|Fiscal Year||# of Requests Received||# of Requests Completed||# of Pages Processed||# of Pages Released|
Requests Received Pursuant to the Privacy Act
177 requests were received during the period under review. In addition, 23 requests were carried forward from previous years, for a total of 200 requests.
Request Completed Pursuant to the Privacy Act
181 requests were completed during the period under review. 19 requests were carried forward to be completed in fiscal year 2014-2015.
Of 181 requests, 160 (88%) were completed within the allowable time limits.
There was an increase in the number of requests completed and pages reviewed from those of the previous year. Responding to formal privacy requests involved the review of 46,471 pages, of which 20,207 pages were partially or entirely disclosed.
Disposition of Completed Requests
Of the 181 requests completed in fiscal year 2013-2014:
- No relevant records existed under the control of the Department of Justice in 105 cases; and
- 15 requests were abandoned by the applicant. In the majority of cases, the applicant did not pursue the requests, either by withdrawing them or by not providing the clarification that was requested by the ATIP Office.
The remaining 61 requests were released in the following manner:
- 18 were fully disclosed (30%);
- 42 were partially disclosed (69%); and
- 1 was exempted in its entirety (1%).
Completion Time and Extensions
Out of the 181 requests completed in 2013-2014, 155 (85%) were processed within 30 days or less.
The ATIP Office routinely monitors the processing time for privacy requests. This routine monitoring is done through various statistical reports (weekly, monthly, quarterly and yearly) and meetings with ATIP staff to ensure that requests are being processed in a most timely manner. All ATIP staff, portfolio contacts and senior management are made aware of the performance metrics.
In some instances the Department found it necessary to seek extensions to the prescribed time limits due to the need to consult with other government institutions (7 times) and interference with operations (3 times).
The Department invoked exemptions under the PA for 43 requests. Section 26 was invoked the most (41 times), which exempts personal information relating to an individual other than the requesters’ information, followed by section 27 (30 times) which exempts information relating to solicitor-client privilege.
The Department did not invoke any exclusion.
Method of Access
The Department offers the requesters the possibility of receiving the release package on CD-ROM at no charge, an option which tends to be more widely accepted.
A total of 12 requesters chose to receive information on CD-ROM, thus reducing the ATIP Office’s paper footprint.
III. Consultations by other Federal Institutions or Departments
Overview of Consultations Requests Received from Other Government Institutions
|Fiscal Year||# of Requests Received||# of Pages Received||# of Requests Completed||# of Pages Reviewed|
During the period under review, the Department received 123 requests from other government institutions and organizations requesting our recommendations regarding records originating, pertaining to or of interest to the Department of Justice. In addition, 13 consultations were outstanding from previous years and carried over, for a total of 136. In total, the Department was asked to review 5,034 pages of information for these consultations.
Of the 136 consultations active throughout the reporting period, 126 were completed during the 2013-2014 fiscal year and the remaining amount, 10, were carried forward to be completed in fiscal year 2014-2015.
IV. Other Types of Requests
The ATIP Office also acted as a resource on several occasions for departmental officials, as well as those from other government institutions, offering advice and guidance on the provisions of the legislation as well as related policies. It was consulted on the disclosure and collection of information on a wide range of issues.
V. Complaints, Investigations and Federal Court Cases
18 complaints were filed with the Office of the Privacy Commissioner (OPC) during the reporting period. The reasons for the complaints were as follows:
- 3 related to time limits;
- 6 concerned the exemption or exclusion of information; and
- 9 concerned the handling of the request.
Complaint findings are defined as follows:
- Well founded: The OPC found evidence of the complainant’s rights being denied under the PA.
- Not well founded: The investigation uncovered no evidence leading the OPC to conclude that the Government institution violated the complainant’s rights under the PA.
- Well-founded/resolved: When the allegations are substantiated by the investigation and the Government institution has agreed to take corrective measures to rectify the problem.
- Settled during course of investigation: This is not a formal finding, but an acceptable means to dispose of a complaint when the investigation has been completed, and the complainant is satisfied with the efforts of the OPC and does not wish to pursue the issue any further.
- Discontinued: The complaint was withdrawn or abandoned by the complainant before allegations were fully investigated.
Fourteen (14) investigations were completed during the reporting period, some of which had been carried forward from previous years. Out of the fourteen, 5 were not well founded and 9 were well founded. No key issues were raised as a result of these complaints.
At the end of the fiscal year, 21 complaints were still under investigation by the OPC.
Review by the Federal Court of Canada
Three (3) new applications were filed before the Federal Court, one pursuant to section 41 of the PA and two pursuant to section 42 of the PA.
VI. Request for Correction of Personal Information
Paragraph 12(2)(a) of the PA provides that every individual given access to personal information about himself or herself that has been used, is being used, or is available for use for an administrative purpose is entitled to request correction of such information where the individual believes there is an error or omission therein.
The Department of Justice has not received any request for correction of personal information during the reporting period.
VII. Use and Disclosure
It is the Department of Justice’s policy that personal information be used solely for the purpose for which it is collected or for a consistent use as described in the Info Source publication.
VIII. Disclosure under Paragraph 8(2)
Sub-paragraph 8(2)(m) permits the disclosure of personal information in situations where the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure or when the disclosure would clearly benefit the individual to whom the information relates. The Privacy Commissioner must be informed of disclosures to be made under these provisions.
The Department did not disclose personal information pursuant to paragraph 8(2)(m) during the reporting period.
IX. Exempt Banks
The Department of Justice has no exempt banks under the PA.
X. Audits Conducted by the Privacy Commissioner
Pursuant to subsection 37(1) of the PA, the Privacy Commissioner may carry out investigations in respect of personal information under the control of government institutions to ensure compliance with paragraphs 4 to 8.
No formal investigations by the Commissioner were completed during the reporting period.
XI. Privacy Breaches
The Department of Justice informed the Privacy Commissioner of four missing boxes of documents containing taxpayer information. Extensive measures were undertaken to locate the missing boxes and steps were also taken to avoid future incidents of this nature. The Department of Justice and the Canada Revenue Agency worked together to notify the affected individuals. To date, we have no information that any of the personal information has been disclosed.
XII. Privacy Impact Assessments (PIA)
PIA are a means to ensure that privacy principles are taken into account during the design, implementation, and evolution of programs and services that involve personal information. Programs and services with potential privacy risks are required to undergo a PIA.
No PIAs were completed during this reporting period.
- Date modified: