Language selection

Search

2017-2018 Annual Report to Parliament on the Privacy Act

September 2018


Office of the Privacy Commissioner of Canada
30 Victoria Street, 1st Floor
Gatineau, Quebec
K1A 1H3

819-994-5444, 1-800-282-1376
Fax 819-994-5424

Follow us on Twitter: @privacyprivee
Facebook : https://www.facebook.com/PrivCanada/


Introduction

The Privacy Act (PA) came into effect on July 1, 1983. The Act imposes obligations on federal government departments and agencies to respect the privacy rights of individuals by limiting the collection, use and disclosure of personal information. The Act also gives individuals the right of access to their personal information and the right to request the correction of that information.

When the Federal Accountability Act received Royal Assent on December 12, 2006, the Office of the Privacy Commissioner (OPC) was added to the Schedule of the Privacy Act along with other Agents of Parliament. Therefore, while not initially subject to the Act, the OPC became so on April 1, 2007.

Section 72 of the Act requires that the head of every federal government institution submit an annual report to Parliament on the administration of the Act within their institutions during the fiscal year.

The OPC is pleased to submit its eleventh Annual Report which describes how we fulfilled our responsibilities under the Privacy Act in 2017-2018.

Mandate and Mission of the OPC

The mandate of the OPC is to oversee compliance with both the PA, which covers the personal information handling practices of federal government departments and agencies, and the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s private sector privacy law.

The OPC’s mission is to protect and promote the privacy rights of individuals.

The Commissioner works independently from any other part of the government to investigate privacy complaints from individuals with respect to the federal public sector and certain aspects of the private sector. In public sector matters, individuals may complain to the Commissioner about any matter specified in section 29 of the PA.

For matters relating to personal information in the private sector, the Commissioner may investigate complaints under section 11 of PIPEDA except in the provinces that have adopted substantially similar privacy legislation, namely Quebec, British Columbia, and Alberta. Ontario, New Brunswick and Newfoundland and Labrador now fall into this category with respect to personal health information held by health information custodians under their health sector privacy laws. However, even in those provinces with substantially similar legislation, and elsewhere in Canada, PIPEDA continues to apply to personal information collected, used or disclosed by all federal works, undertakings and businesses, including personal information about their employees. PIPEDA also applies to all personal data that flows across provincial or national borders, in the course of commercial activities.

The Commissioner focuses on resolving complaints through negotiation and persuasion, using mediation and conciliation if appropriate. However, if voluntary cooperation is not forthcoming, the Commissioner has the power to summon witnesses, administer oaths and compel the production of evidence. In cases that remain unresolved, particularly under PIPEDA, the complainant or the Commissioner may take the matter to Federal Court and seek a court order to rectify the situation.

As a public advocate for the privacy rights of Canadians, the Commissioner carries out the following activities:

  • Investigating complaints and issuing reports with recommendations to federal government institutions and private sector organizations to remedy situations, as appropriate;
  • Pursuing legal action before federal courts where appropriate to resolve outstanding matters;
  • Assessing compliance with obligations contained in the PA and PIPEDA through the conduct of independent audit and review activities;
  • Advising on, and reviewing, Privacy Impact Assessments (PIAs) of new and existing government initiatives;
  • Providing legal and policy analyses and expertise to help guide Parliament’s review of evolving legislation to ensure respect for individuals’ right to privacy;
  • Responding to inquiries from parliamentarians, individual Canadians and organizations seeking information and guidance, and taking proactive steps to inform them of emerging privacy issues;
  • Promoting privacy awareness and compliance, and fostering understanding of privacy rights and obligations through proactive engagement with federal government institutions, private-sector organizations, industry associations, legal community, academia, professional associations, and other stakeholders;
  • Preparing and disseminating public education materials, positions on evolving legislation, regulations and policies, guidance documents and fact sheets for use by the general public, federal government institutions and private sector organizations;
  • Conducting research and monitoring trends in technological advances and privacy practices, identify systemic privacy issues that need to be addressed by federal government institutions and private sector organizations and promoting integration of best practices; and
  • Working with privacy stakeholders from other jurisdictions in Canada and on the international scene to address global privacy issues that result from ever increasing transborder data flows.

Organizational Structure

The Privacy Commissioner is an Officer of Parliament who reports directly to the House of Commons and the Senate. The Commissioner may be assisted by Assistant Commissioners, who have delegated responsibilities under both the PA and PIPEDA.

In 2018, the OPC, following an organizational review, adopted a new structure to support the Privacy Commissioner’s vision to be more proactive, and to focus efforts where there can be an impact for the greatest number of Canadians.

The core responsibility of the OPC is the protection of privacy rights of Canadians. To do this, the OPC’s work will now fall into two program areas — Compliance and Promotion. Both areas are important in protecting privacy.

The OPC’s organizational structure is now comprised of three sectors: the Compliance Sector, the Policy and Promotion Sector, and the Corporate Management Sector. The work of each sector is overseen by a Deputy Commissioner. The three Deputy Commissioners, as well as the Legal Services Directorate, report directly to the Privacy Commissioner. The Commissioner is also supported by the OPC’s Executive Secretariat.

The OPC is structured in the following way:

Compliance Sector

The Compliance Program, headed by the Deputy Commissioner, Compliance, focuses on addressing existing privacy compliance problems through a variety of enforcement activities to ensure violations of the law are identified and that remedies are recommended. This includes investigations into complaints filed by Canadians, but also a shift towards more proactive enforcement, such as proactive, Commissioner-initiated investigations or, in certain cases, audits, to review issues that aren’t being addressed through the complaint system.

The Compliance Sector includes two directorates: the PA Compliance Directorate (public sector) and the PIPEDA Compliance Directorate (private sector).

Privacy Act Compliance Directorate

The PA Compliance Directorate investigates complaints under the Privacy Act from individuals who believe they have not been given access to their personal information held by government institutions, or feel that their information has been inappropriately, collected, used, disclosed or managed. The Directorate also investigates complaints and conducts audits that are initiated by the Commissioner, and receives notifications of breaches from federal government organizations.

PIPEDA Compliance Directorate

The PIPEDA Compliance Directorate investigates complaints under the PIPEDA from individuals about the collection, use and disclosure of their personal information in the course of commercial activities. The Directorate also investigates complaints and conducts audits that are initiated by the Commissioner, including sector-wide investigations, and receives notifications of breaches from private sector organizations.

Policy and Promotion Sector

The Promotion Program, headed by the Deputy Commissioner, Policy and Promotion, Policy and Promotion, is forward-looking and aims to inform Canadians of their rights and how to exercise them, and to bring organizations into compliance with the law. This involves, for example, the development and promotion of general—yet practical—information and guidance, reviewing and commenting on Privacy Impact Assessments (PIAs), and offering industry advice on specific initiatives. The goal is to share information and advice with businesses and departments when they are designing their services so that Canadians may enjoy the benefits of innovation without undue risk to their privacy.

The Policy and Promotion Sector includes five directorates: the Government Advisory Directorate, the Business Advisory Directorate, the Policy, Research and Parliamentary Affairs Directorate, the Technology Analysis Directorate and the Communications Directorate.

Government Advisory Directorate

The Government Advisory Directorate provides advice and recommendations to federal public sector institutions in relation to specific programs and initiatives, as well as in the review of PIAs and information sharing agreements submitted by departments and agencies. This group also undertakes various outreach initiatives with the federal public sector in order to encourage compliance with the PA.

Business Advisory Directorate

The Business Advisory Directorate provides advice to businesses subject to PIPEDA in the context of advisory services for new programs and initiatives, reviews for existing privacy practices and proactive engagements with the business community. This group also undertakes various outreach initiatives with the private sector in order to encourage compliance with PIPEDA.

Policy, Research and Parliamentary Affairs Directorate

The Policy, Research and Parliamentary Affairs Directorate develops strategic policy positions on legislative bills, government policies and private sector initiatives; supports the Commissioner’s appearances before Parliament; develops guidance for public and private sector; and conducts applied research on emerging privacy issues in support of this work. This Directorate also manages the OPC Contributions Program which funds external researchers and non-profit organizations to advance and apply new knowledge about data protection in the private sector.

Technology Analysis Directorate

The Technology Analysis Directorate identifies and analyzes technological trends and developments in electronic platforms and digital media; conducts research to assess the impact of technology on the protection of personal information in the digital world and provides strategic analysis and guidance on complex, varied and sensitive technological issues involving government and commercial systems that store personal information.

Communications Directorate

The Communications Directorate focuses on providing strategic advice and support for the planning and execution of public education and communications activities. Activities relate to the production and dissemination of information for Canadians and organizations aimed at increasing awareness of privacy rights and obligations through, for example, media monitoring and analysis, public opinion polling, media relations, publications, special events, various outreach campaigns and the OPC web site. The Directorate is also responsible for responding to requests for information from the public and organizations regarding privacy rights and responsibilities through the OPC’s Information Centre.

Corporate Management Sector

The Corporate Management Sector is led by the Deputy Commissioner, Corporate Management. The Corporate Management Sector includes four directorates: the Human Resources Directorate, the Finance and Administration Directorate, the Information Management/Information Technology Directorate, and the Business Planning, Performance, Audit and Evaluation Directorate.

The Corporate Management Sector provides advice and integrated administrative services such as corporate planning, resource management, financial management, information management/technology, human resources and people management and general administration to managers and staff.

Legal Services Directorate

The Legal Services Directorate reports directly to the Privacy Commissioner. The Directorate provides legal advice in relation to PIPEDA and PA investigations and audits, and in support of other operational activities across the OPC. It represents the OPC in litigation matters before the courts and in negotiations with other parties. The Directorate also includes OPC’s Access to Information and Privacy Program.

Office of the Privacy Commissioner of Canada

Organization Chart of the Office of the Privacy Commissioner of Canada

Organizational Chart
Office of the Privacy Commissioner of Canada

  • Privacy Commissioner
    • Executive Secretariat
    • Legal Services Directorate
      • ATIP Directorate
    • Deputy Commissioner – Compliance Sector
      • PIPEDA Compliance Directorate
      • PA Compliance Directorate
    • Deputy Commissioner – Corporate Management Sector
      • Human Resources Directorate
      • Finance and Administration Directorate
      • IM/IT Directorate
      • Business Planning, Performance, Audit and Evaluation Directorate
    • Deputy Commissioner – Policy and Promotion Sector
      • Policy, Research and Parliamentary Affairs Directorate
      • Technology Analysis Directorate
      • Government Advisory Directorate
      • Business Advisory Directorate
      • Communications Directorate

The ATIP Directorate is headed by a Director who is supported by one senior analyst.

Under section 73 of the PA, the Privacy Commissioner, as the head of the OPC, the Privacy Commissioner’s authority has been delegated to the ATIP Director with respect to the application of the Act and its Regulations. With respect to public interest disclosures under section 8(2)(m) of the Act, the Commissioner’s authority has been maintained. A copy of the Delegation Order is attached as Appendix A.

The ATIP Director also serves as the OPC’s Chief Privacy Officer.

Privacy Commissioner, Ad Hoc / Complaint Mechanism

Given the silence of the Federal Accountability Act with respect to an independent mechanism under which PA complaints against the OPC would be investigated, the Office has developed an alternative mechanism to investigate OPC actions with respect to its administration of the Act.

For this purpose, the Commissioner’s powers, duties and functions as set out in sections 29 through 35 and section 42 of the Act have been delegated to a Privacy Commissioner, Ad Hoc in order to investigate PA complaints lodged against the OPC.

In 2017-2018, the Privacy Commissioner, Ad Hoc was David Loukidelis (QC). Mr. Loukidelis was British Columbia’s Information and Privacy Commissioner from 1999 to 2010 and was British Columbia’s Deputy Attorney General and Deputy Minister of Justice from 2010 to 2012. He was also Registrar of Lobbyists for British Columbia from 2003 to 2010. His experience in privacy and freedom of information dates back more than 20 years.

ATIP Directorate Activities

Training employees

In the reporting fiscal year, seven ATIP training sessions were offered to 56 OPC employees, including new employees and those returning from extended leave or temporary assignments elsewhere. The ATIP Directorate also provides trainings sessions as needed. A formal training session exclusively intended for OPC Liaison Officers therefore took place in fall 2017. A manual for Liaison Officers was also developed in order to support them in their role.

Contributing actively to decision making

The ATIP Director plays a collaborative role in the planning, development and updating of OPC policies, procedures and directives. The ATIP Director also sits on the OPC’s key strategic decision-making committees. The OPC’s recognition of the importance to integrate the ATIP Director in its core decision-making committees has ensured that the Privacy Act is respected.

In addition, the ATIP Director serves as chair of the Privacy Accountability Working Group. This group comprises representatives from every OPC branch. Its purpose and key activities are to:

  • Promote a culture of privacy protection and awareness across the organization;
  • Ensure accountability for the handling of personal information across the OPC and that the Office’s internally-led initiatives are held to the same privacy-protective standards it expects of the organizations and institutions that it regulates;
  • Review recommendations that the OPC makes externally for internal applicability and compliance; and
  • Ensure that all initiatives involving collection, use and disclosure of personal information within the OPC are brought to the attention of the organization’s Chief Privacy Officer.

Privacy Act Statistical Interpretation

The OPC received 26 formal requests under the PA during the fiscal year. This was in addition to the 3 requests carried forward from the previous year, for a total of 29 requests. All of these 29 requests were closed during the course of this reporting fiscal year. However, in almost half of the requests closed – 20 (69%) of them – no records were found (1 request) the requests were abandoned (12 requests) or the requests were transferred (7 requests). With the consent of the requester, 3 of the 7 requests were transferred to the appropriate institutions for processing, i.e., National Defence, Canada Post and the Canada Revenue Agency.

Requests under the Privacy Act

Requests under the Privacy Act

Requests under the Privacy Act
Year 2015/2016 2016/2017 2017/2018
Received 109 50 26
Transferred 11 7 7
Processed 98 43 19

Of the 26 requests received, 7 were transferred, for a total of 22 requests processed under the PA concerning information under its control, i.e., a total of 32,501 pages of information (excluding the 3 requests from the previous reporting period). This represents approximately half as many requests compared to the previous year, but almost three times more pages of information processed.

The OPC also closed three requests that had been carried forward from 2016–2017. In sum, the OPC processed 22 requests for personal information under its control in 2017–2018. In all cases, the requests were submitted by the individuals to whom the personal information was attributed.

In four cases, the OPC was required to claim extensions of time limits. In the four cases, the volume of records that required processing was quite large, and finalizing those requests within the original 30-day timeframe would have unreasonably interfered with the operations of the OPC. With respect to the 22 requests processed in 2017–2018:

  • Information was partially disclosed in 8 instances;
  • In 1 instance, no records existed that responded to the requests;
  • Information was exempted entirely in 1 instance;
  • In 12 instances, the requests were abandoned by the requester.

Of the 22 requests processed in the reporting year, 8 were for the contents of PA or PIPEDA investigation files. Section 22.1 of the PA prohibits the OPC from releasing information it obtained during the course of its investigations or audits even after the matter and all related proceedings have been concluded. However, the OPC cannot refuse to disclose information it created during the course of an investigation or audit, once they and any related proceedings are completed — and subject to any applicable exemptions. This exemption was applied in 9 cases during the reporting period. With respect to other exemptions, section 26 was invoked in 5 cases and section 27 in one case.

It is quite common for the OPC to receive broad requests seeking access to all the personal information held by the Government of Canada. In most cases, the OPC does not have any of the requested personal information under its control. In such cases, requesters are advised to consult Info Source: Sources of Federal Government and Employee Information for a detailed listing of the personal information holdings of each federal organization and to submit requests to those most likely to have the personal information to which they seek access.

At no point during the reporting period were requests received for correction of personal information held within the OPC.

Lastly, the OPC was consulted once, by Statistics Canada, for documents relating to an OPC investigation.

It is important to note that processing times for access to information requests are tracked on a weekly basis by the Director and Analyst using the access to information management system.

Privacy Act complaints against the OPC

During the reporting period covered in this report, the OPC was the subject of 2 complaints under the Privacy Act. The Privacy Commissioner, Ad Hoc tabled 2 reports of findings during this fiscal year. The two complaints were not deemed to be well founded and therefore no further action was required.

Report on the TBS Directive on Privacy Impact Assessment (PIA)

The Directive on Privacy Impact Assessment, which came into effect on April 1, 2010, requires that TBS monitor compliance with the Directive. Given this responsibility, institutions are asked to include pertinent statistics in their annual reports on the administration of the PA.

The OPC conducted one privacy impact assessment concerning the collection and retention of information for Expressions of Interest (EOI). EOI allows the OPC to update its list of legal representatives by inviting qualified lawyers and law firms to express their interest in being placed on an eligibility list for possible appointment as legal representative for the OPC.

Data Sharing Activities

The OPC did not undertake any personal data sharing activities this reporting year.

Disclosures of Personal Information

The OPC disclosed no personal information under sections 8(2)(e), (m), or 8(2) (5) of the PA during this fiscal year.

Material Privacy Breach

No material privacy breaches occurred within the OPC during this fiscal reporting year.

Privacy Related Policy Instruments

No work concerning privacy-related policy instruments was undertaken during the fiscal reporting period covered by this report.

The ATIP Director is a member of the OPC’s Policy Development Committee. In that role, policies, directives and guidelines have been and continue to be reviewed to ensure that the PA is respected.

Additional copies of this report may be obtained from:

Director, Access to Information and Privacy
Office of the Privacy Commissioner of Canada
30 Victoria Street, 1st Floor
Gatineau, Quebec K1A 1H3

Appendix A — Privacy Act Delegation Order

The Privacy Commissioner of Canada, hereby designates pursuant to section 73 of the Privacy Act, the person holding the position set out below, or the person occupying on an acting basis that position, to exercise the powers, duties or functions of the Privacy Commissioner of Canada as the head of the government institution as specified below:

Position Legislative Authority
Director, ATIP

Privacy Act: Full authority, except for subparagraph 8(2)(m)

Privacy Regulations: Full authority

This delegation of authority supersedes any previous delegation of the powers, duties and functions set out herein.

Dated at the City of Gatineau, this 22 day of August, 2018

(Original signed by)

Daniel Therrien
Privacy Commissioner of Canada

Privacy Act

8(2)(j) Disclose personal information for research purposes
8(2)(m) Disclose personal information in the public interest or in the interest of the individual
8(4) Retain copy of 8(2)(e) requests and disclosed records
8(5) Notify Privacy Commissioner of 8(2)(m) disclosures
9(1) Retain record of use
9(4) Notify Privacy Commissioner of consistent use and amend index
10 Include personal information in personal information banks
14 Respond to request for access within 30 days; give access or give notice
15 Extend time limit for responding to request for access
17(2)(b) Decide whether to translate requested information
17(3)(b) Decide whether to give access in an alternative format
18(2) May refuse to disclose information contained in an exempt bank
19(1) Shall refuse to disclose information obtained in confidence from another government
19(2) May disclose any information referred to in 19(1) if the other government consents to the disclosure or makes the information public
20 May refuse to disclose information injurious to the conduct of federal-provincial affairs
21 May refuse to disclose information injurious to international affairs or defence
22 Series of discretionary exemptions related to law enforcement and investigations; and policing services for provinces or municipalities.
22.1(1) In force April 1, 2007 - Privacy Commissioner shall refuse to disclose information obtained or created in the course of an investigation conducted by the Commissioner.
22.1(2) In force April 1, 2007 - Privacy Commissioner shall not refuse under 22.1(1) to disclose any information created by the Commissioner in the course of an investigation conducted by the Commissioner once the investigation and related proceedings are concluded.
23 May refuse to disclose information prepared by an investigative body for security clearances.
24 May refuse to disclose information collected by the Correctional Service of Canada or the National Parole Board while individual was under sentence if conditions in section are met.
25 May refuse to disclose information which could threaten the safety of individuals.
26 May refuse to disclose information about another individual, and shall refuse to disclose such information where disclosure is prohibited under section 8.
27 May refuse to disclose information subject to solicitor-client privilege.
28 May refuse to disclose information relating to the individual’s physical or mental health where disclosure is contrary to best interests of the individual.
31 Receive notice of investigation by Privacy Commissioner.
33(2) Right to make representations to the Privacy Commissioner during an investigation.
35(1) Receive Privacy Commissioner’s report of findings of the investigation and give notice of action taken.
35(4) Give complainant access to information after 35(1)(b) notice.
36(3) Receive Privacy Commissioner’s report of findings of investigation of exempt bank.
37(3) Receive report of Privacy Commissioner’s findings after compliance investigation.
51(2)(b) Request that section 51 hearing be held in the National Capital Region.
51(3) Request and be given right to make representations in section 51 hearings.
70 Refuse to provide information that is excluded from the Act as a cabinet confidence.
72(1) Prepare annual report to Parliament.

Privacy Regulations

9 Provide reasonable facilities to examine information
11(2) and (4) Procedures for correction or notation of information
13(1) Disclosure of information relating to physical or mental health to qualified practitioner or psychologist
14 Require individual to examine information in presence of qualified practitioner or psychologist

Appendix B — Statistical Report

Statistical Report on the Privacy Act

Name of institution: Office of the Privacy Commissioner of Canada

Reporting period: 01/04/2017 to 31/03/2018

Part 1 – Requests under the Privacy Act

  Number of Requests
Received during reporting period 26
Outstanding from previous reporting period 3
Total 29
Closed during reporting period 29
Carried over to next reporting period 0

Part 2 - Requests closed during the reporting period

2.1 Disposition and completion time
Disposition of requests Completion Time
1 to 15 days 16 to 30 days 31 to 60 days 61 to 120 days 121 to 180 days 181 to 365 days More than 365 days Total
All disclosed 0 0 0 0 0 0 0 0
Disclosed in part 1 3 4 0 0 0 0 8
All exempted 1 0 0 0 0 0 0 1
All excluded 0 0 0 0 0 0 0 0
No records exist 8 0 0 0 0 0 0 8
Request abandoned 12 0 0 0 0 0 0 12
Neither confirmed nor denied 0 0 0 0 0 0 0 0
Total 22 3 4 0 0 0 0 29
2.2 Exemptions
Section
Number of requests Section Number of requests Section Number of requests
18(2) 0 22(1)(a)(i) 0 23(a) 0
19(1)(a) 0 22(1)(a)(ii) 0 23(b) 0
19(1)(b) 0 22(1)(a)(iii) 0 24(a) 0
19(1)(c) 0 22(1)(b) 0 24(b) 0
19(1)(d) 0 22(1)(c) 0 25 0
19(1)(e) 0 22(2) 0 26 5
19(1)(f) 0 22.1 9 27 1
20 0 22.2 0 28 0
21 0 22.3 0    
2.3 Exclusions
Section
Number of requests Section Number of requests Section Number of requests
69(1)(a) 0 70(1) 0 70(1)(d) 0
69(1)(b) 0 70(1)(a) 0 70(1)(e) 0
69.1 0 70(1)(b) 0 70(1)(c) 0
    0 70(1)(f) 70.1 0
2.4 Format of information released
Disposition Paper Electronic Other formats
All disclosed 0 0 0
Disclosed in part 5 3 0
Total 5 3 0
2.5 Complexity
2.5.1 Relevant pages processed and disclosed
Disposition of requests Number of pages processed Number of pages disclosed Number of requests
All disclosed 0 0 0
Disclosed in part 32,341 1,152 8
All exempted 160 0 1
All excluded 0 0 0
Request abandoned 0 0 12
Neither confirmed nor denied 0 0 0
Total 32,501 1,152 21
2.5.2 Relevant pages processed and disclosed by size of requests
Disposition Less than 100 pages processed 101-500 pages processed 501-1000 pages processed 1001-5000 pages processed More than 5000 pages processed
Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed
All disclosed 0 0 0 0 0 0 0 0 0 0
Disclosed in part 2 40 3 241 0 0 1 640 2 231
All exempted 0 0 1 0 0 0 0 0 0 0
All excluded 0 0 0 0 0 0 0 0 0 0
Abandoned 12 0 0 0 0 0 0 0 0 0
Neither confirmed nor denied 0 0 0 0 0 0 0 0 0 0
Total 14 40 4 241 0 0 1 640 2 231
2.5.3 Other complexities
Disposition Consultation required Legal advice sought Interwoven information Other Total
All disclosed 0 0 0 0 0
Disclosed in part 0 0 5 0 5
All exempted 0 0 0 0 0
All excluded 0 0 0 0 0
Abandoned 0 0 0 0 0
Neither confirmed nor denied 0 0 0 0 0
Total 0 0 5 0 5
2.6 Deemed refusals
2.6.1 Reasons for not meeting statutory deadline
Number of requests closed past the statutory deadline Principal reason
Workload External consultation Internal consultation Other
0 0 0 0 0
2.6.2 Number of days past deadline
Number of days past deadline Number of requests past deadline where no extension was taken Number of requests past deadline where an extension was taken Total
1 to 15 days 0 0 0
16 to 30 days 0 0 0
31 to 60 days 0 0 0
61 to 120 days 0 0 0
121 to 180 days 0 0 0
181 to 365 days 0 0 0
More than 365 days 0 0 0
Total 0 0 0
2.7 Requests for translation
Translation requests Accepted Refused Total
English to French 0 0 0
French to English 0 0 0
Total 0 0 0

Part 3 - Disclosures under subsection 8(2) and 8(5)

Paragraph 8(2)(e) Paragraph 8(2)(m) Paragraph 8(5) Total
0 0 0 0

Part 4 - Requests for correction of personal information and notations

Disposition for correction requests received Number
Notations attached 0
Requests for correction accepted 0
Total 0

Part 5 — Extensions

5.1 Reasons for extensions and disposition of requests
Disposition of requests where an extension was taken 15(a)(i)
Interference with operations
15(a)(ii)
Consultation
15(b)
Translation or conversion
Section 70 Other
All disclosed 0 0 0 0
Disclosed in part 4 0 0 0
All exempted 0 0 0 0
All excluded 0 0 0 0
No records exist 0 0 0 0
Request abandoned 0 0 0 0
Total 4 0 0 0
5.2 Length of extensions
Length of extensions 15(a)(i)
Interference with operations
15(a)(ii)
Consultation
15(b)
Translation purposes
Section 70 Other
1 to 15 days 3 0 0 0
16 to 30 days 1 0 0 0
Total 4 0 0 0

Part 6 — Consultations received from other institutions and organizations

6.1 Consultations received from other Government of Canada institutions and other organizations
Consultations Other Government of Canada institutions Number of pages to review Other organizations Number of pages to review
Received during reporting period 1 13 0 0
Outstanding from the previous reporting period 0 0 0 0
Total 1 13 0 0
Closed during the reporting period 1 0 0 0
Pending at the end of the reporting period 0 13 0 0
6.2 Recommendations and completion time for consultations received from other Government of Canada institutions
Recommendation Number of days required to complete consultation requests
1 to 15 days 16 to 30 days 31 to 60 days 61 to 120 days 121 to 180 days 181 to 365 days More than 365 days Total
All disclosed 0 0 0 0 0 0 0 0
Disclose in part 1 0 0 0 0 0 0 1
All exempted 0 0 0 0 0 0 0 0
All excluded 0 0 0 0 0 0 0 0
Consult other institution 0 0 0 0 0 0 0 0
Other 0 0 0 0 0 0 0 0
Total 1 0 0 0 0 0 0 1
6.3 Recommendations and completion time for consultations received from other organizations
Recommendation Number of days required to complete consultation requests
1 to 15 days 16 to 30 days 31 to 60 days 61 to 120 days 121 to 180 days 181 to 365 days More than 365 days Total
All disclosed 0 0 0 0 0 0 0 0
Disclose in part 0 0 0 0 0 0 0 0
All exempted 0 0 0 0 0 0 0 0
All excluded 0 0 0 0 0 0 0 0
Consult other institution 0 0 0 0 0 0 0 0
Other 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0

Part 7 — Completion time of consultations on Cabinet confidences

7.1 Requests with Legal Services
Number of Days Fewer Than 100 Pages Processed 101-500 pages processed 501-1000 pages processed 1001-5000 pages processed More than 5000 pages processed
Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed
1 to 15 0 0 0 0 0 0 0 0 0 0
16 to 30 0 0 0 0 0 0 0 0 0 0
31 to 60 0 0 0 0 0 0 0 0 0 0
61 to 120 0 0 0 0 0 0 0 0 0 0
121 to 180 0 0 0 0 0 0 0 0 0 0
181 to 365 0 0 0 0 0 0 0 0 0 0
More than 365 0 0 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0 0 0
7.2 Requests with Privy Council Office
Number of Days Fewer Than 100 Pages Processed 101-500 pages processed 501-1000 pages processed 1001-5000 pages processed More than 5000 pages processed
Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed
1 to 15 0 0 0 0 0 0 0 0 0 0
16 to 30 0 0 0 0 0 0 0 0 0 0
31 to 60 0 0 0 0 0 0 0 0 0 0
61 to 120 0 0 0 0 0 0 0 0 0 0
121 to 180 0 0 0 0 0 0 0 0 0 0
181 to 365 0 0 0 0 0 0 0 0 0 0
More than 365 0 0 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0 0 0

Part 8 — Complaints and investigations notices received

Section 31 Section 33 Section 35 Court action Total
2 2 2 1 7

Part 9 — Privacy Impact Assessments (PIAs)

Number of PIA(s) completed 1

Part 10 — Resources related to the Privacy Act

10.1 Costs
Expenditures Amount
Salaries $63,366
Overtime $0
Goods and Services $57
  • Professional services contracts
$0  
  • Other
$57  
Total $63,423
10.2 Human Resources
Resources Person years dedicated to privacy activities
Full-time employees 0.64
Part-time and casual employees 0.00
Regional staff 0.00
Consultants and agency personnel 0.00
Students 0.00
Total 0.64
Date modified: