Annual report on the Privacy Act 2018-2019
Table of contents
- Introduction
- Organizational structure
- Delegation order
- Highlights of the statistical report, 2018-19
- Training and awareness
- Policies, guidelines, procedures and initiatives
- Summary of key issues and actions taken on complaints or audits
- Monitoring compliance
- Material privacy breaches
- Privacy impact assessments
- Public interest disclosures
- Appendix A: Delegation order
- Appendix B: 2018-19 statistical report on the Privacy Act
Introduction
Purpose of the Privacy Act
The Privacy Act came into effect on July 1, 1983. The Act protects the privacy of individuals with respect to their personal information that is held by government institutions, and provides these individuals with a right of access to this information. In addition, the Privacy Act gives individuals rights over the collection, use and disclosure of their personal information.
Section 72 of the Privacy Act requires that the head of every government institution prepare and submit an annual report to Parliament, detailing the administration of the Act within the institution for each fiscal year.
This annual report describes how Fisheries and Oceans Canada (DFO) administered the Privacy Act from April 1, 2018 to March 31, 2019.
Mandate of Fisheries and Oceans Canada
Fisheries and Oceans Canada (DFO) supports strong and sustainable economic growth in our marine and fisheries sectors and contributes to a prosperous economy through global commerce by supporting exports and advancing safe maritime trade. The Department supports the innovation needed for a knowledge-based economy through research in expanding sectors such as aquaculture and biotechnology. The Department contributes to a clean and healthy environment and sustainable aquatic ecosystems for Canadians through habitat protection, oceans management and ecosystems research.
The Canadian Coast Guard (CCG), as a Special Operating Agency within DFO, is responsible for services and programs that contribute to all four of the Department's core responsibilities while also contributing significantly to the safety, security, and accessibility of Canada's waterways. The CCG also supports other government organizations by providing a civilian fleet and a broadly distributed shore-based infrastructure.Organizational structure
Departmental organization
DFO has a presence across Canada with the majority of employees working outside the national headquarters in one of the Department's seven DFO regions or four CCG operational regions. National objectives, policies, procedures, and standards for the Department and the Canadian Coast Guard are established at national headquarters, in Ottawa. Regions are responsible for delivering programs and activities in accordance with national and regional priorities and within national performance parameters.
ATIP Secretariat organization
The Access to Information and Privacy (ATIP) Director reports to the Director General, Executive Secretariat, who in turn reports to the Senior Assistant Deputy Minister, Strategic Policy Sector. The ATIP Director is accountable for the development, coordination and implementation of effective ATIP-related policies, guidelines, systems and procedures. This accountability ensures that the Department’s responsibilities under the Privacy Act are met, and enables appropriate processing and proper disclosure of information.
The Director General, Executive Secretariat serves as the Chief Privacy Officer (CPO) responsible for ensuring that privacy issues are afforded visibility and considered a priority at DFO, as well as for working with senior management on strategic privacy matters. The CPO keeps abreast of legislative and policy changes to the existing federal privacy regime and ensures that the Department’s practices are in line with all legal and policy requirements.
The ATIP Secretariat is divided between the business lines; one processes requests under the Act and the other executes all the other responsibilities related to the administration of the Act at DFO. The business lines are each managed by a Deputy Director.
The Operations Division, the business line responsible for processing requests and providing issues management is supported by:
- an Intake Unit, which oversees all incoming requests and liaises with requesters, programs and regions;
- an Administrative Support Group, which handles scanning, file management and quality control; and
- teams of analysts and consultants responsible for the overall processing of requests.
The Policy and Privacy Division (PPD) generally executes the Department’s other responsibilities related to the administration of the Act. PPD acts as the Department’s centre of expertise for matters concerning personal information and privacy protection. The division provides strategic issues management, develops, implements and maintains the Department’s privacy policy suite, oversees the Department’s 8(2) disclosures, investigates and responds to suspected privacy breach incidents, conducts privacy impact assessments, maintains and updates the Department’s personal information banks, leads the privacy training program, liaises with the ATIP community, and monitors reviews and changes in the Privacy Act and related Regulations and policies. Other important work completed by PPD includes the provisions of advice to employees and executives on complex privacy matters, liaising with the Office of the Privacy Commissioner, and providing disclosure recommendations related to investigations at DFO.
During this reporting period, PPD took over responsibilities that were previously undertaken by the Strategic Projects and Infrastructure Division (SPID); the SPID was merged with PPD at the beginning of this reporting period. The new responsibilities undertaken by PPD through this merger includes tracking Departmental performance, and supporting the Operations Division with staffing processes, hiring of contracted resources, maintaining technology, other special projects and coordinating the privacy awareness training program to ensure the ongoing sound application of the Act.
The ATIP Secretariat works with a network of ATIP Contacts located in each region and sector to act as liaisons for their respective parts of the Department.
In total, throughout the course of this reporting period, the ATIP Secretariat employed approximately eight full-time employees (FTEs) devoted to Privacy Act activities; this includes full-time employees, consultants, agency personnel and casual employees.
Delegation order
Responsibility for the administration of the Privacy Act at DFO is delegated from the minister to the director of the ATIP Secretariat and the deputy directors. A copy of the delegation order is found at Appendix A.
Highlights of the Statistical Report, 2018-19
The Statistical Report on the Privacy Act is prepared by government institutions to assist the Treasury Board of Canada Secretariat (TBS) to analyze trends and exercise oversight.
DFO’s complete 2018-19 Statistical Report on the Privacy Act is found in Appendix B. Previous years’ statistical reports can be obtained from the ATIP Secretariat upon request.
Overview of 2018-19 requests under the Privacy Act
The analysis in this section compares data found in DFO’s 2018-19 Statistical Report on the Privacy Act with data from 2015-16, to produce a four-year trend analysis.
In 2018-19, DFO received 70 requests under the Privacy Act and had three requests outstanding from the previous reporting period. Of these 73 requests, DFO completed 61 and carried forward 12 into the next reporting period. As the following table illustrates, DFO saw a 27% increase in requests under the Privacy Act compared to the previous reporting period.
Compliance for 2018-19 remains positive; 2018-19 figures illustrates that 95% of privacy files were closed on or before their statutory or extended deadline.| Number of requests | 2015-16 | 2016-17 | 2017-18 | 2018-19 |
|---|---|---|---|---|
| Received during reporting period | 56 | 50 | 55 | 70 |
| Outstanding from previous reporting period | 11 | 5 | 5 | 3 |
| Total requests to process during reporting period | 67 | 55 | 60 | 73 |
| Completed during reporting period | 62 | 50 | 57 | 61 |
| Carried over to next reporting period | 5 | 5 | 3 | 12 |
| On-time compliance rate | 74% | 90% | 98% | 95% |
Requests closed during the reporting period
Disposition and completion time
Section 14 of the Act requires institutions to provide a response to the requester within 30 days of receipt of the request, or to notify the requester that an extension is required. Of the 61 requests completed during the reporting period, 50 requests (82%) were completed within 30 days and four requests (less than 7%) were completed after 60 days. Of the four requests completed after 60 days, one was closed on day 61 as day 60 fell on a Sunday.
The 61 requests completed by the Department in 2018-19 were finalized in the following manner:
- all disclosed – for five requests (8%), all relevant information was released in full to the requester;
- disclosed in part – for 33 requests (54%), requesters were granted partial access to information;
- no records exist – for 14 requests (23%), no relevant records existed under the control of the Department; and
- request abandoned – for nine requests (15%), the requester abandoned their request.
No request was processed where all information was excluded or that the Department could neither confirm or deny the existence of the requested information.
Exemptions and exclusions
Exemptions are provisions of the Act that allow or require the heads of federal government institutions to withhold information requested under the legislation. For requests completed during the reporting period, the Department invoked exemptions pursuant to sections/subsections 22(1)(b) and 26 of the Privacy Act. As was the case in 2017-18, section 26 was the most frequently invoked provision. It was cited in 30 requests, and was used to protect personal information about individuals other than the requester. The second most cited exemption, invoked 17 times was subsection 22(1)(b), which was used to protect information which could be injurious to law enforcement and investigations.
| Section of the Privacy Act | Description | Number of requests |
|---|---|---|
| 22(1)(b) | Law enforcement and investigation | 17 |
| 26 | Information about another individual | 30 |
Exclusions are provisions of the Act that remove certain records from the application of the legislation. Records excluded from the requirements of the Privacy Act include publicly available information and confidences of the Queen’s Privy Council (Cabinet Confidences) pursuant to sections 69 and 70, respectively. In 2018-19, exclusion for Cabinet Confidences was cited in one request where paragraph 70(1)(a) was invoked.
Format of information released
When requests are complete, requesters may receive the information in paper or electronic formats, or they may view the records at any DFO office. Access to relevant documents was given, in whole or in part, for 38 requests in 2018-19. In 31 (82%) of these requests, information was released in an electronic format, in six requests information was released in paper format, and in one request information was released in another format.
Complexity
During the reporting period, a total of 22,283 relevant pages were processed compared to 14,555 in the previous fiscal year; this represents a 53% increase in the total number of pages processed. Of the 22,283 pages processed, 9066 pages (41%) were disclosed in whole or in part. And of the requests completed, 30 requests had fewer than 100 pages, eight requests had 101-500 pages, four requests had 501-1,000 pages and five requests had 1,001-5,000 pages.
The Department completed a number of requests that involved other factors that increased the complexity of those requests, including:
- the review of records containing personal information about another individual that is interwoven with the personal information of the requester (26 requests);
- records located in a an office outside of national headquarters and/or audio recording containing personal information (seven requests); and
- the requirement to consult with other institutions or organizations (two requests).
Deemed refusals
Of the 61 requests that were closed during the reporting period, the ATIP Secretariat closed only three requests past the statutory deadline. This represents a 95% rate of compliance which adds to the Department’s continuous rate of high compliance.
Note that the principal reason for the delay in the three requests related to workload.
Extensions
Section 15 of the Act provides for the extension of statutory time limits if processing a request within the original time limit would unreasonably interfere with the operations of the Department, if consultations are necessary, if additional time is necessary for translation purposes, or for converting the personal information into an alternative format.
During the reporting period, 12 extensions were taken; extensions under subparagraph 15(a)(i) were taken 11 times because processing the request within the original time limit would unreasonably interfere with the operations of the Department and one extension was taken under subparagraph 15(a)(ii) for consultations. All extensions taken was for a period of 16 to 30 days beyond the initial 30 days statutory deadline.
Consultations received from other institutions and organizations
When other institutions and organizations retrieve information that concerns or originates from DFO in response to Privacy Act requests, they may consult the DFO ATIP Secretariat for recommendations on disclosure. Other government institutions are defined as federal institutions subject to the Privacy Act. Other organizations include the governments of the provinces, territories and municipalities, and of other countries.
In 2018-19, DFO received two consultation requests consisting of 48 pages from Government of Canada institutions. Both consultation requests were completed within 30 days; in both requests, DFO recommended disclosing the records in full.
No requests from other organizations were received during the reporting period.
Disclosures to Federal Investigative Bodies
Subsection 8(2) of the Privacy Act describes certain instances in which personal information under the control of a federal government institution may be disclosed without the consent of the individual to whom the information relates. Paragraph 8(2)(e) allows institutions to disclose personal information to a federal investigative body specified in Schedule II of the Privacy Regulations on the written request of the body for the purpose of enforcing any law of Canada or any province or carrying out a lawful investigation.
In 2018-19, DFO responded to 10 requests pursuant to paragraph 8(2)(e). In each of the disclosures, only a minimum amount of information necessary was disclosed and a record of the disclosure to the Investigative Body was retained by the Department.
Other requests
The ATIP Secretariat conducts a significant amount of informal privacy-related activities in addition to processing privacy requests, developing policy tools, and developing and conducting training sessions. These activities include:
- working with Departmental programs to mitigate privacy risks;
- managing and investigating potential privacy breaches;
- disclosing information pursuant to subsection 8(2) of the Privacy Act;
- reviewing and preparing advice on administrative investigation reports and harassment investigations;
- responding to requests for guidance from within the Department on privacy impact assessments, privacy notice statements, information sharing agreements and contracts that include the sharing of personal information; and
- releasing information outside of the prescribed formal process under the Act, where appropriate.
The table below illustrates the workload associated with administering the Privacy Act apart from formal privacy requests. In addition to an increase in the total number of other Privacy Act related requests during this reporting period, the number of informal requests on matters such as responding to guidance on privacy impact assessments, privacy notices, information sharing agreements and contracts that include the sharing of personal information, continued to also increase.
Investigations completed for potential privacy breaches reduced from the previous reporting period. The likely cause of the reduction in reported privacy breaches is the positive result of DFO’s proactive training efforts and increased Departmental awareness of its personal information protection responsibilities. The DFO Standard on Privacy Breaches requires all suspected privacy breaches to be reported to ATIP within 24 hours. This message is reinforced in privacy training and awareness sessions.
During this reporting period, the ATIP Secretariat saw an 80% increase in the number of Harassment/Administrative investigation reports reviewed before making a disclosure to the involved parties and a 17% increase in the number of informal privacy requests completed..
| Other Privacy Act related requests | 2015-16 | 2016-17 | 2017-18 | 2018-19 |
|---|---|---|---|---|
| Informal privacy requests completed | 107 | 140 | 145 | 170 |
| Investigations completed for potential privacy breaches | 14 | 27 | 26 | 18 |
| Harassment/ Administrative investigations reviewed | 29 | 44 | 26 | 47 |
| Other | 19 | 5 | 3 | 40 |
| Total | 169 | 216 | 200 | 275 |
Training and awareness
DFO makes significant efforts to promote awareness of federal access to information and privacy legislation and the corresponding responsibilities of DFO employees, providing ongoing individual and group training sessions. Privacy training is mandatory for all DFO executives and individuals acting in an executive position for more than four months. While regions, sectors and divisions are encouraged to request training as the need arises, the ATIP Secretariat also offered semi-annual awareness sessions to all employees of the Department.
The ATIP Secretariat also delivered training and awareness sessions on proactive disclosures to many sectors of the Department and senior management in an effort to ready the Department for Royal Assent of Bill C-58.
During the 2018-19 reporting period, the Department provided ATIP training to 206 participants. While some of the sessions were exclusively on access to information or privacy protection, others included both access to information and privacy elements.
In addition to training offered by DFO, the Department encourages employees to take privacy training offered by the Canada School of Public Service (CSPS). The ATIP Secretariat increased efforts to promote the CSPS training in 2018-19; DFO participants (232 learners) completed CSPS ATIP related training courses during this reporting period. The following table highlights all ATIP related training activities undertaken during the reporting period.
| Type of training | Number of learners |
|---|---|
| DFO training: 12 sessions | 206 |
| CSPS Training – Access to Information and Privacy Fundamentals (I015), Access to Information in the Government of Canada (I701) and Privacy in the Government of Canada (I702) | 476 |
| Total | 682 |
Policies, guidelines, procedures and initiatives
The PPD continues to revise DFO’s ATIP policy suite where appropriate. The suite of policy tools were developed by the ATIP Secretariat to help DFO employees understand their responsibilities with regards to the protection of personal information. Included in the policy suite are the DFO Privacy Policy, Directive on Privacy Practices, the Standard on Privacy Breaches, the Standard on Permissible Disclosures of Personal Information and related tools such as Guidelines for the Informal Release of Information, the Privacy Impact Assessment: Needs Analysis, the Privacy Notice Template and privacy breach reporting forms.
The PPD continued to review forms used by Internal Services within DFO and where necessary, developed privacy notice statements that meet all legislative and policy requirements. The PPD also actively monitors Parliamentary questions in order to support timely and effective responses and to proactively identify potential files requiring ATIP’s review.
During this reporting year, an Information Sharing Agreement template was added to the Department’s suite of risk management tools to govern the routine disclosure of personal information.
Strategic collaboration
The ATIP Secretariat continues to be an active participant in the development and renewal of Departmental policy and guidance documents within DFO. Through ATIP’s participation in these processes, personal information protection principles are embedded in Departmental policy documents to ensure compliance with the Privacy Act.
Summary of key issues and actions taken on complaints or audits
The Department reviews the outcomes of each Privacy Commissioner investigation and audit. Where appropriate, DFO incorporates lessons learned into business processes.
In 2018-19, DFO received one privacy complaint from the OPC; the complaint related to the processing of a formal request under the Privacy Act.
Ten complaints, including complaints carried over from previous reporting periods, were closed and reports of findings were issued by the OPC. Four of the ten complaints were deemed to be well-founded and the remaining six were not well-founded.Monitoring compliance
DFO makes every effort to meet statutory deadlines and actively monitors the time taken to process privacy requests and requests for the correction of personal information. Monitoring begins as soon as a request is received by the ATIP Secretariat, entered into the case management system and assigned to an analyst. All requests, including requests for consultations, and requests for informal advice or review of records, are entered into the case management system for tracking. This electronic tracking of deadlines is essential as analysts work on numerous requests, each with multiple actions coming due, at any given time. Analysts meet with their team leaders on a weekly basis to identify issues with requests that might result in delays. Issues are raised with the ATIP management team, if necessary. The Director and Deputy Directors of the ATIP Secretariat get involved in files where they can use their authority as the Minister’s delegates under the Privacy Act to promote compliance with deadlines and deliverables.
Material privacy breaches
A privacy breach is defined by the Office of the Privacy Commissioner as the loss of, unauthorized access to, or disclosure of, personal information. A material privacy breach is defined by the Treasury Board Secretariat (TBS) as involving sensitive information that could reasonably be expected to cause serious injury or harm to the individual and/or involves a large number of affected individuals.
During the reporting period, a privacy breach reported to the DFO ATIP Secretariat was deemed to be material. In this case, the personal information was sensitive and involved a single individual. The investigation of the incident found that the probability of impact to affected individual was low as they were notified immediately. DFO reported this breach to the OPC and TBS and took measures to mitigate the breach, including privacy training and implementing more privacy-centric practices to prevent a re- occurrence of this nature.Privacy impact assessments
To fulfill its mandate, many of DFO’s activities require the collection, use and disclosure of personal information. In accordance with Treasury Board Secretariat policies and directives, the Department uses Privacy Impact Assessments (PIAs) as a risk management tool to determine whether privacy risks are present in new or substantially modified Departmental programs, initiatives or projects that collect, use and retain personal information.
Two PIAs were completed during the reporting period; one for the Atlantic Fisheries Fund program and the other for the Fisheries and Aquaculture Clean Technology Adoption Program. The full summaries of these PIAs can be found at the following address: Privacy Impact Assessments.Atlantic Fisheries Fund (AFF)
The AFF program is a contribution program jointly funded by the federal and provincial/territorial governments. It is intended to help transform and drive innovation in Canada’s fish and seafood sector to respond to the growing demand for seafood globally. Its aim is to bring high value, high quality, and sustainable fish and seafood to markets at home and around the world.
In addition to being a partnership between the Government of Canada and the provinces and territories, the AFF program works with industry, labour organizations, Indigenous communities, and scientific and academic communities to identify and support potential projects and activities of mutual interest. The AFF program has a regional (Atlantic) and national components.Fisheries and Aquaculture Clean Technology Adoption Program (FACTAP)
The FACTAP will assist Canada’s fisheries and aquaculture industries in improving their environmental performance. To achieve this objective, the program will offer funding to assist the industry-driven adoption of market-ready clean technologies, processes, and/or sustainable practices in the day-to-day operations of aquaculture facilities and wild capture harvesting. This includes changes or modifications (e.g. adaptation) of technologies, processes, and/or sustainable practices in order to render them operational for use in the Canadian context.
Public interest disclosures
Subsection 8(2) of the Privacy Act describes certain instances in which personal information under the control of a federal government institution may be disclosed without the consent of the individual to whom the information relates.
Paragraph 8(2)(m) allows institutions to disclose personal information in circumstances where the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure, or where disclosure would clearly benefit the individual to whom the information relates. In 2018-19, DFO made no disclosures under paragraph 8(2)(m).Appendix A: Delegation order
Description
Copy of the delegation order designating the director and deputy directors of the ATIP Secretariat to exercise the powers, duties and functions of the Minister as the head of Fisheries and Oceans Canada, under the provisions of the Privacy Act and related Regulations.
Appendix B: 2018-19 Statistical Report on the Privacy Act
Statistical Report on the Privacy Act
Name of institution: Fisheries and Oceans Canada
Reporting period: 2018-04-01 to 2019-03-31
| Source | Number of requests |
|---|---|
| Received during reporting period | 70 |
| Outstanding from previous reporting period | 3 |
| Total | 73 |
| Closed during reporting period | 61 |
| Carried over to next reporting period | 12 |
Part 2: Requests closed during the reporting period
| Disposition of requests | Completion time | |||||||
|---|---|---|---|---|---|---|---|---|
| 1 to 15 days | 16 to 30 days | 31 to 60 days | 61 to 120 days | 121 to 180 days | 181 to 365 days | More than 365 days | Total | |
| All disclosed | 1 | 4 | 0 | 0 | 0 | 0 | 0 | 5 |
| Disclosed in part | 2 | 20 | 7 | 1 | 1 | 2 | 0 | 33 |
| All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| No records exist | 9 | 5 | 0 | 0 | 0 | 0 | 0 | 14 |
| Request abandoned | 5 | 4 | 0 | 0 | 0 | 0 | 0 | 9 |
| Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 17 | 33 | 7 | 1 | 1 | 2 | 0 | 61 |
*Note that the request completed between 61-120 days was closed on day 61 as day 60 fell on a Sunday.
| Section | Number of requests | Section | Number of requests | Section | Number of requests |
|---|---|---|---|---|---|
| 18(2) | 0 | 22(1)(a)(i) | 0 | 23(a) | 0 |
| 19(1)(a) | 0 | 22(1)(a)(ii) | 0 | 23(b) | 0 |
| 19(1)(b) | 0 | 22(1)(a)(iii) | 0 | 24(a) | 0 |
| 19(1)(c) | 0 | 22(1)(b) | 17 | 24(b) | 0 |
| 19(1)(d) | 0 | 22(1)(c) | 0 | 25 | 0 |
| 19(1)(e) | 0 | 22(2) | 0 | 26 | 30 |
| 19(1)(f) | 0 | 22.1 | 0 | 27 | 0 |
| 20 | 0 | 22.2 | 0 | 28 | 0 |
| 21 | 0 | 22.3 | 0 |
| Section | Number of requests | Section | Number of requests | Section | Number of requests |
|---|---|---|---|---|---|
| 69(1)(a) | 0 | 70(1) | 0 | 70(1)(d) | 0 |
| 69(1)(b) | 0 | 70(1)(a) | 0 | 70(1)(e) | 0 |
| 69.1 | 0 | 70(1)(b) | 0 | 70(1)(f) | 0 |
| 70(1)(c) | 0 | 70.1 | 0 |
| Disposition | Paper | Electronic | Other formats |
|---|---|---|---|
| All disclosed | 2 | 3 | 0 |
| Disclosed in part | 4 | 28 | 1 |
| Total | 6 | 31 | 1 |
2.5 Complexity
| Disposition of requests | Number of pages processed | Number of pages disclosed | Number of requests |
|---|---|---|---|
| All disclosed | 23 | 23 | 5 |
| Disclosed in part | 22260 | 9043 | 33 |
| All exempted | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 |
| Request abandoned | 0 | 0 | 9 |
| Neither confirmed nor denied | 0 | 0 | 0 |
| Total | 22283 | 9066 | 47 |
| Disposition | Less than 100 pages processed | 101-500 pages processed | 501-1000 pages processed | 1001-5000 pages processed | More than 5000 pages processed | |||||
|---|---|---|---|---|---|---|---|---|---|---|
| Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | |
| All disclosed | 5 | 23 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Disclosed in part | 16 | 409 | 8 | 1213 | 4 | 1514 | 5 | 5907 | 0 | 0 |
| All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Request abandoned | 9 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 30 | 432 | 8 | 1213 | 4 | 1514 | 5 | 5907 | 0 | 0 |
| Disposition | Consultation required | Legal advice sought | Interwoven information | Other | Total |
|---|---|---|---|---|---|
| All disclosed | 0 | 0 | 0 | 3 | 3 |
| Disclosed in part | 2 | 0 | 26 | 4 | 32 |
| All exempted | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 |
| Request abandoned | 0 | 0 | 0 | 0 | 0 |
| Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 |
| Total | 2 | 0 | 26 | 7 | 35 |
2.6 Deemed refusals
| Number of requests closed past the statutory deadline | Principal reason | |||
|---|---|---|---|---|
| Workload | External consultation | Internal consultation | Other | |
| 3 | 3 | 0 | 0 | 0 |
| Number of days past deadline | Number of requests past deadline where no extension was taken | Number of requests past deadline where an extension was taken | Total |
|---|---|---|---|
| 1 to 15 days | 0 | 0 | 0 |
| 16 to 30 days | 0 | 0 | 0 |
| 31 to 60 days | 0 | 0 | 0 |
| 61 to 120 days | 0 | 1 | 1 |
| 121 to 180 days | 0 | 0 | 0 |
| 181 to 365 days | 0 | 2 | 2 |
| More than 365 days | 0 | 0 | 0 |
| Total | 0 | 3 | 3 |
| Translation requests | Accepted | Refused | Total |
|---|---|---|---|
| English to French | 0 | 0 | 0 |
| French to English | 0 | 0 | 0 |
| Total | 0 | 0 | 0 |
Part 3: Disclosures under subsections 8(2) and 8(5)
| Paragraph 8(2)(e) | Paragraph 8(2)(m) | Subsection 8(5) | Total |
|---|---|---|---|
| 10 | 0 | 0 | 10 |
Part 4: Requests for correction of personal information and notations
| Disposition for correction requests received | Number |
|---|---|
| Notations attached | 0 |
| Requests for correction accepted | 0 |
| Total | 0 |
Part 5: Extensions
| Disposition of requests where an extension was taken | 15(a)(i) Interference with operations | 15(a)(ii) Consultation | 15(b) Translation or conversion | |
|---|---|---|---|---|
| Section 70 | Other | |||
| All disclosed | 0 | 0 | 0 | 0 |
| Disclosed in part | 11 | 0 | 1 | 0 |
| All exempted | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 |
| No records exist | 0 | 0 | 0 | 0 |
| Request abandoned | 0 | 0 | 0 | 0 |
| Total | 11 | 0 | 1 | 0 |
| Length of extensions | 15(a)(i) Interference with operations | 15(a)(ii) Consultation | 15(b) Translation purposes | |
|---|---|---|---|---|
| Section 70 | Other | |||
| 1 to 15 days | 0 | 0 | 0 | 0 |
| 16 to 30 days | 11 | 0 | 1 | 0 |
| Total | 11 | 0 | 1 | 0 |
Part 6: Consultations received from other institutions and organizations
| Consultations | Other Government of Canada institutions | Number of pages to review | Other organizations | Number of pages to review |
|---|---|---|---|---|
| Received during the reporting period | 2 | 48 | 0 | 0 |
| Outstanding from the previous reporting period | 0 | 0 | 0 | 0 |
| Total | 2 | 48 | 0 | 0 |
| Closed during the reporting period | 2 | 48 | 0 | 0 |
| Pending at the end of the reporting period | 0 | 0 | 0 | 0 |
| Recommendation | Number of days required to complete consultation requests | |||||||
|---|---|---|---|---|---|---|---|---|
| 1 to 15 days | 16 to 30 days | 31 to 60 days | 61 to 120 days | 121 to 180 days | 181 to 365 days | More than 365 days | Total | |
| All disclosed | 1 | 1 | 0 | 0 | 0 | 0 | 0 | 2 |
| Disclosed in part | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Consult other institution | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Other | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 1 | 1 | 0 | 0 | 0 | 0 | 0 | 2 |
| Recommendation | Number of days required to complete consultation requests | |||||||
|---|---|---|---|---|---|---|---|---|
| 1 to 15 days | 16 to 30 days | 31 to 60 days | 61 to 120 days | 121 to 180 days | 181 to 365 days | More than 365 days | Total | |
| All disclosed | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Disclosed in part | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Consult other institution | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Other | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Part 7: Completion time of consultations on Cabinet confidences
| Number of days | Fewer than 100 pages processed | 101-500 pages processed | 501-1000 pages processed | 1001-5000 pages processed | More than 5000 pages processed | |||||
|---|---|---|---|---|---|---|---|---|---|---|
| Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | |
| 1 to 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 16 to 30 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 31 to 60 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1785 | 0 | 0 |
| 61 to 120 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 121 to 180 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 181 to 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| More than 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1785 | 0 | 0 |
| Number of days | Fewer than 100 pages processed | 101-500 pages processed | 501-1000 | 1001-5000 pages processed | More than 5000 pages processed | |||||
|---|---|---|---|---|---|---|---|---|---|---|
| Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | |
| 1 to 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 16 to 30 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 31 to 60 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 61 to 120 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 121 to 180 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 181 to 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| More than 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Part 8: Complaints and investigations notices received
| Section 31 | Section 33 | Section 35 | Court action | Total |
|---|---|---|---|---|
| 1 | 1 | 10 | 0 | 12 |
Part 9: Privacy impact assessments (PIAs)
| Number of PIA(s) completed | 2 |
|---|
Part 10: Resources Related to the Privacy Act
| Expenditures | Amount | |
|---|---|---|
| Salaries | $615,459 | |
| Overtime | $0 | |
| Goods and services | $50,439 | |
| • Professional services contracts | $22,772 | |
| • Other | $27,667 | |
| Total | $665,898 | |
| Resources | Person years dedicated to privacy activities |
|---|---|
| Full-time employees | 6.9 |
| Part-time and casual employees | 0.99 |
| Regional staff | 0 |
| Consultants and agency personnel | 0.15 |
| Students | 0 |
| Total | 8.04 |
- Date modified: