Annual Report to Parliament 2016-2017
Part II: Report on the Privacy Act
Requests Under the Privacy Act
The Annual Statistical Report for fiscal year 2016-17 is included at Part III of this report.
Interpretation of the Statistical Report
|Fiscal Year||# of Requests Received||# of Requests Completed||# of Pages Processed||# of Pages Released|
Requests Received Pursuant to the Privacy Act
261 requests were received during the period under review. In addition, 23 requests were carried forward from previous years, for a total of 284 requests.
Requests Completed Pursuant to the Privacy Act
244 requests were completed during the period under review. 40 were carried forward to be completed in fiscal year 2017-18.
There was a decrease in the number of requests completed from those of the previous year (19%). Responding to formal access to information requests involved the review of 54,095 pages, of which 19,094 pages were partially or entirely disclosed.
Disposition of Completed Requests
Of the 244 requests completed in fiscal year 2016-17:
- No relevant records existed under the control of the Department of Justice for 145 requests; and
- 39 requests were abandoned by the applicant. In the majority of cases the applicant did not pursue the requests, either by withdrawing them or by not providing the clarification that was requested by the ATIP Office.
The remaining 60 requests were released in the following manner:
- 15 were fully disclosed (25%);
- 40 were partially disclosed (67%); and
- 5 were exempted in their entirety (8%).
Disposition - Text Version
This pie graph illustrates the percentage of requests that were completed during the reporting period with the following dispositions: All Disclosed (25), Disclosed in Part (67%) and All Exempted (8%).
Completion Time and Extensions
Out of 244 requests completed in 2016-17, 218 (89%) were processed within 30 days or less.
Completion Time - Text Version
This pie graph illustrates the percentage of requests that were completed during the reporting period within the following timeframes: 1 to 15 days (41%), 16 to 30 days (48%), 31 to 60 days (7%), 61 to 120 days (1%), 121 to 180 days (0%), 181 to 365 days (2%) and more than 365 days (1%).
The ATIP Office routinely monitors the processing time for privacy requests. This routine monitoring is done through various statistical reports (weekly, monthly, quarterly and yearly) and meetings with ATIP staff to ensure that requests are being processed in a most timely manner. All ATIP staff, portfolio contacts, and senior management are made aware of the performance metrics.
In some instances, the Department found it necessary to seek extensions to the prescribed time limits due to the need to consult with other government institutions (4 times) and interference with operations (20 times).
The Department invoked exemptions under the PA for 71 requests. Section 26 was invoked most often (33 times), which exempts personal information relating to individuals other than the requester, and section 27 (29 times), which exempts information relating to solicitor-client privilege. For further details regarding all the exemptions invoked, please refer to the Statistical Report at Part III of this Report.
No Information was excluded.
Method of Access
A total of 30 requesters wanted paper copies and 25 requesters chose to receive information on CD-ROM at no extra charge, an option which tends to be more widely accepted.
Consultations by other Federal Institutions or Departments
|Fiscal Year||# of Requests Received||# Pages Received||# of Requests Completed||# of Pages Reviewed|
During the period under review, the Department received 73 requests from other government institutions and organizations requesting recommendations regarding records originating from, pertaining to, or of interest to the Department of Justice. In addition, four consultations outstanding from previous years were carried over, for a total of 77. In total, the Department were reviewed 4,904 pages for these consultations.
Of the 77 consultations active throughout the reporting period, 74 were completed during the 2016-17 fiscal year (4,904 pages) and the remaining three were carried forward to be completed in fiscal year 2017-18.
Other types of Requests
The ATIP Office also acted as a resource on several occasions for departmental officials as well as those from other government institutions, offering advice and guidance on the provisions of the legislation as well as related policies. The Office was consulted on the disclosure and collection of information on a wide-range of issues.
Complaints, Investigations and Federal Court Cases
Nine complaints were filed with the Office of the Privacy Commissioner (OPC) during the reporting period. The reasons for the complaints were as follows:
- One related to delay;
- Two related to exemption or exclusion of information; and,
- Six concerned the handling of the request in general.
Complaint findings are defined as follows:
- The OPC found evidence of the complainant’s rights being denied under the PA.
- Not well-founded:
- The investigation uncovered no evidence leading the OPC to conclude that the government institution violated the complainant’s rights under the PA.
- After a thorough investigation, the OPC helped negotiate a solution that satisfied all parties. The finding is used for those complaints in which well-founded would be too harsh to fit what essentially is a miscommunication or misunderstanding.
- Settled during the course of investigation:
- The OPC helped negotiate a solution that satisfied all parties during the investigation, but did not issue a finding.
- The complaint was withdrawn or abandoned by the complainant before allegations were fully investigated.
Eight investigations were completed during the reporting period, some of which had been carried forward from previous years. Out of the eight, six were not well-founded, one was discontinued by the complainant, and one was well-founded. No key issues were raised as a result of these complaints.
At the end of the fiscal year, 11 complaints were still under investigation by the OPC.
Review by the Federal Court of Canada
No applications were filed before the Federal Court pursuant to sections 41, 42 and 44 of the PA during the reporting period.
Request for Correction of Personal Information
Paragraph 12(2)(a) of the PA provides that every individual given access to personal information about himself or herself that has been used, is being used, or is available for use for an administrative purpose, is entitled to request correction of such information where the individual believes there is an error or omission therein.
The Department of Justice has not received any request for correction of personal information during the reporting period.
Use and Disclosure
It is the Department of Justice’s policy that personal information be used solely for the purpose for which it is collected or for a consistent use as described in the Info Source publication.
Disclosure under Paragraph 8(2)
Sub-paragraph 8(2)(m) of the PA permits the disclosure of personal information in situations where the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure or when the disclosure would clearly benefit the individual to whom the information relates. The Privacy Commissioner must be informed of disclosures to be made under these provisions.
The Department did not disclose personal information pursuant to paragraph 8(2)(m) during the reporting period.
The Department of Justice had no exempt banks under the PA.
Audits Conducted by the Privacy Commissioner
Pursuant to subsection 37(1) of the PA, the Privacy Commissioner may carry out investigations in respect of personal information under the control of government institutions to ensure compliance with paragraphs 4 to 8.
No formal investigations by the Commissioner were completed during the reporting period.
Federal institutions are required to notify the Office of the Privacy Commissioner of Canada and the Treasury Board of Canada Secretariat of all material privacy breaches and of the mitigation measures being implemented if the breach involves sensitive personal information and could reasonably be expected to cause serious injury to the individual.
No material breaches occurred during this reporting period.
Privacy Impact Assessments (PIAs)
PIAs are a means to ensure that privacy principles are taken into account during the design, implementation, and evolution of programs and services that involve personal information. Programs and services with potential privacy risks are required to undergo a PIA.
No PIAs were completed during this reporting period.
- Date modified: