ARCHIVE - Privacy Act Annual Report 2008-2009
Information identified as archived is provided for reference, research or record-keeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.
Table of contents
- Chapter I - Report on the Privacy Act
- Chapter II - Privacy Act Statistical Report
- Overall Workload Trends
- Requests Received Under the Privacy Act
- Performance in Meeting Statutory Response Deadlines
- Disposition of Requests for 2008-2009
- Consultations from Other Institutions
- Appeals to the Court
- Privacy Impact Assessments Completed During the Year
- Data Matching and Data Sharing Activities Reported for the Period
- Disclosures Pursuant to Paragraphs 8(2)(e), (f), (g) and (m) of the Privacy Act
- Annex A: Delegation Orders - Privacy Act
- Annex B: Statistical Report - Privacy Act
- Supplemental Reporting Requirements for 2008-2009
Chapter I - Report on the Privacy Act
About Public Safety Canada
Public Safety Canada (PS) was created in 2003 to provide leadership and coordination across all federal departments and agencies responsible for the safety of Canadians. The Department delivers a range of programs related to national emergency preparedness, critical infrastructure protection and community safety. Working towards a safe and resilient Canada, the Department provides leadership, coordinates and supports the efforts of federal organizations responsible for the national security and safety of Canadians. The Department also works with other levels of government, first responders, community groups, the private sector and other countries to achieve its objectives.
To keep Canadians safe from a range of threats, the Department provides strategic policy advice and support to the Minister of Public Safety on issues related to public safety, including: national security; emergency management; policing and law enforcement; interoperability and information-sharing; border management; corrections and conditional release; Aboriginal policing; and, crime prevention. Providing strategic public safety leadership, the Department works within a portfolio consisting of five agencies and three review bodies. These entities, including the Department, are united under the Public Safety Portfolio and report to the same minister, resulting in enhanced integration among federal organizations dealing with public safety issues. The Department supports the Minister in all aspects of his mandate and plays a national public safety leadership role while respecting the separate accountability of each Portfolio agency.
Also situated within the Department is the Office of the Inspector General of the Canadian Security Intelligence Service (CSIS), which carries out independent reviews of CSIS' compliance with the law, Ministerial direction and operational policy.
About the Public Safety Portfolio
The Public Safety Portfolio is responsible for public safety within the Government of Canada and consists of five agencies: the Canada Border Services Agency, the Canadian Security Intelligence Service, the Correctional Service of Canada, the National Parole Board, and the Royal Canadian Mounted Police (RCMP). It also includes three review bodies: the RCMP External Review Committee, the Commission for Public Complaints Against the RCMP, and the Office of the Correctional Investigator.
Each portfolio agency, review body, as well as IGCSIS, submit separate annual reports to Parliament on the administration of the Access to Information Act and the Privacy Act.
About the Privacy Act
The Privacy Act protects the privacy of all Canadian citizens and permanent residents of Canada regarding personal information held by a government institution against unauthorized use and disclosure. The Privacy Act also gives Canadians, including those in Canada who are not permanent residents or citizens, the right to access personal information held by the government.
Section 72 of the Privacy Act requires that the head of every government institution submit an annual report to Parliament on the administration of the Act during the financial year. This report describes how Public Safety Canada administered the Privacy Act throughout fiscal year 2008-2009.
The Access to Information and Privacy (ATIP) Unit
The Access to Information and Privacy (ATIP) Unit is part of Public Safety Canada's Executive Services Division within the Department's Strategic Policy Branch. It is comprised of one Manager, two senior advisors, four analysts and one administrative officer. The ATIP Manager served as the Department's ATIP Coordinator throughout the reporting year.
The ATIP Unit is responsible for the coordination and implementation of policies, guidelines and procedures to ensure departmental compliance with the Access to Information Act and the Privacy Act.
The Unit also currently provides the following services to the Department:
- Processes consultations received from other institutions;
- Provides advice and guidance to employees and senior officials on ATIP related matters;
- Produces the Annual Reports to Parliament;
- Delivers ATIP awareness sessions to departmental employees;
- Coordinates regular updates to Info Source manuals;
- Reviews departmental documents, such as audits and evaluations, prior to proactively disclosing these on the departmental website;
- Develops departmental procedures for processing ATIP requests;
- Maintains the Department's ATIP reading room;
- Participates in forums for the ATIP community, such as the Treasury Board Secretariat ATIP Community meetings and working groups.
Delegation of Authority
The responsibilities associated with the administration of the Privacy Act, such as notifying applicants of extensions and transferring requests to other institutions, are delegated to the departmental ATIP Coordinator through a delegation instrument signed by the Minister of Public Safety. The approval of all exemptions remains with the Deputy Minister, the Associate Deputy Minister and all Assistant Deputy Ministers (ADMs).
A detailed delegation instrument is available at Annex A.
Highlights and Accomplishments for 2008-2009
Public Safety Canada has continued to improve the way in which the Department responds to ATIP requests, by focusing on improving timeliness, efficiency and accuracy. We implemented concrete measures in FY 2007-2008 that allowed us to achieve these goals, and we continued to build on these improvements over the year. Some of the highlights are as follows:
- All available standard classes of records and standard Personal Information Banks (PIBs) were identified in Info Source. The ATIP Unit led a departmental working group with representatives from each branch, as well as experts from the Department's Information Management group to update the Department's institution specific classes of records descriptions and PIBs. The group's work is ongoing, and Public Safety expects that some of the required updates will be reflected in the 2009 Info Source publication.
- The Department's Management Committee was briefed on the status of the Department's information holdings as well as its obligations. The Committee agreed that the Department would continue registering required standard banks, ADMs would review the entries in Info Source to validate their currency, and the Department would respect statutory requirements in relation to any new program activities from this point forward.
- The Department has further engaged ADMs around timeliness of responding to ATIP requests through weekly reporting to senior management and quarterly reporting on meeting retrieval deadlines by Branch.
- The ATIP Unit moved its operations in November 2008 to the Department's headquarters at 269 Laurier Avenue West. The move has benefited the Department's performance on ATIP matters by improving access to Offices of Primary Interests (OPIs) and reducing the overall time needed to route most dockets.
- Despite a significant increase in consultations during this past year, the Department has remained committed to on-time performance in the face of the continued high volume of requests.
The ATIP Unit modified its organizational structure to allow greater flexibility in recruitment and is considering the creation of developmental positions in order to retain experienced employees while allowing for career progression. As with most federal institutions, recruitment and retention of qualified ATIP professionals continues to be a significant challenge. The challenge at Public Safety is further complicated by the requirement that many ATIP staff require security clearances at the very highest level given the nature of the Department's business.
Public Safety continues to examine resources in the ATIP Unit.
Chapter II - Privacy Act Statistical Report
Overall Workload Trends
Annex B provides a summarized statistical report on Privacy Act requests processed by Public Safety Canada between April 1, 2008 and March 31, 2009. The following section provides explanations and interpretations of this statistical information by analyzing the workload trends.
Figure 1 - Overall Workload Trend
Over the past six years, the workload for the ATIP Unit has doubled. FY 2008-2009 saw a slight decrease in total volume from the previous year. Totals include formal Access and Privacy requests, and consultations from other institutions. The figures do not reflect requests processed informally or other services that the ATIP Unit provides to the Department.
Public Safety Canada plays a role in coordinating activities involving federal institutions within the Public Safety portfolio as well as with other organizations at all levels of government on matters relating to the safety of Canadians. Consequently, the Department processes nearly as many consultation requests from other institutions as formal ATIP requests. ATI-related work continues to dominate the ATIP unit's workload.
The following graph provides a categorical breakdown of workload trends over the past six years.
Figure 2 - Workload Trend by Category
Requests Received Under the Privacy Act
Throughout the year, the Department received twelve (12) new requests under the Privacy Act. Five (5) were carried forward from the previous year, resulting in a total of seventeen (17) requests for the 2008-2009 fiscal year. Of these requests, fifteen (15) were completed during the reporting period. Two (2) requests have been carried forward to the following reporting year.
The number of privacy requests has remained fairly constant over the years, and this number is not expected to increase significantly. Public Safety Canada collects little information directly from Canadians and therefore receives very few privacy requests. In comparison, portfolio agencies whose mandates are more operational in nature, such as the Royal Canadian Mounted Police (RCMP) and Correctional Service of Canada (CSC), receive thousands of privacy requests annually.
The following graph illustrates the number of formal Privacy Act requests received by the Department.
Figure 3 - Formal Privacy Requests Received by Public Safety Canada
Section 15 of the Privacy Act allows institutions to extend the legal deadline for processing a request if a search for responsive records cannot be completed within 30 days of receipt of the request or if the institution must consult with other institutions. During the 2008-2009 fiscal year, the Department invoked one (1) extension of 30 days or under due to interference with operations.
Performance in Meeting Statutory Response Deadlines
Of the fifteen (15) completed requests, thirteen (13) were completed within 30 days. Two (2) requests were completed between 31-60 days.
Disposition of Requests for 2008-2009
Most of the privacy requests received in Public Safety Canada's ATIP Unit are intended for one of the institutions within the Public Safety portfolio, such as the RCMP, CSC, CBSA or CSIS. Therefore, the Department is unable to process most of the requests we receive, as the requested information is often not under the institution's control.
The following graph identifies the decisions taken for requests completed during the year.
Figure 4 - Disposition of Requests
Consultations from Other Institutions
The Department's role in coordinating with other federal institutions as well as those within the Public Safety portfolio has resulted in the Department having a greater interest in the records processed by other institutions. A significant amount of the ATIP Unit's workload involves responding to consultations in response to formal requests received by other institutions. These responsibilities are not reflected in the ATIP Unit's current resource levels.
The Department received a total of ten (10) consultations from other institutions processing requests under the Privacy Act in 2008-2009. The graph below summarizes the number of consultations received from other institutions over the past six years.
Figure 5 - Number of Privacy Consultations from Other Institutions
Two (2) complaints were filed with the Privacy Commissioner this year. The investigation of these complaints is ongoing.
Appeals to the Court
No appeals to the Federal Court or the Federal Court of Appeal were submitted for the reporting year.
The Department did not deliver any training to departmental employees with regard to their responsibilities respecting the Privacy Act throughout the reporting year.
Privacy Impact Assessments Completed During the Year
No Privacy Impact Assessments were completed during the reporting period.
Data Matching and Data Sharing Activities Reported for the Period
There were no data matching or data sharing activities to report.
Disclosures Pursuant to Paragraphs 8(2)(e), (f), (g) and (m) of the Privacy Act
Subsection 8(2) of the Privacy Act provides limited and specific circumstances under which institutions may disclose personal information without an individual's consent. Treasury Board Secretariat identified four categories of disclosures made by virtue of specific paragraphs of this subsection that institutions must include in this year's annual report. These categories concern disclosures made for law enforcement purposes, to Members of Parliament and those made in the public interest. During the reporting period, Public Safety Canada did not disclose personal information pursuant to paragraphs 8(2)(e), (f), (g) and (m) of the Privacy Act.
Annex A: Delegation Orders - Privacy Act
Annex B: Statistical Report - Privacy Act
Supplemental Reporting Requirements for 2008-2009
Treasury Board Secretariat is monitoring compliance with the Privacy Impact Assessment (PIA) Policy (which came into effect on May 2, 2002) through a variety of means. Institutions are therefore required to report the following information for this reporting period.
Indicate the number of:
- Preliminary Privacy Impact Assessments initiated: 0
- Preliminary Privacy Impact Assessments completed: 0
- Privacy Impact Assessments initiated: 0
- Privacy Impact Assessments completed: 0
- Privacy Impact Assessments forwarded to the Office of the Privacy Commissioner (OPC): 1
- Date modified: