Public Works and Government Services Canada
Symbol of the Government of Canada
Skip to content | Skip to institutional links

Common menu bar links

Home > Accountability and Transparency > ATIP > Privacy Act - Annual Report 2010-2011

Institutional links

Privacy Act - Annual Report 2010-2011

Table of Contents

Preface

Part I - Background

  1. Public Works and Government Services Canada

Part II: Report on the Privacy Act

  1. Organization of the Access to Information and Privacy Directorate
  2. Summary of Activities and Highlights
  3. Privacy Impact Assessments
  4. Statistical Report - Interpretation and Explanation of Trends
  5. Complaints and Requests for Judicial Review

Annex A: Delegation of Authority (Excerpt)

Annex B: Privacy Act, Sections 8 and 9 (Excerpt)

Annex C: Statistical Report - Privacy Act


Top of Page

Preface

The Privacy Act (Revised Statutes of Canada, 1985, Chapter P-21) was proclaimed on July 1, 1983. The Act was most recently amended as a result of the royal assent of the Federal Accountability Act on December 12, 2006. Certain provisions came into force on December 12, 2006, and others took effect on April 1, 2007, and September 1, 2007.

The Privacy Act extends to individuals the right of access to information about themselves held by the government, subject to specific and limited exceptions. The Act also provides individuals the right to a reasonable expectation of privacy, including a basic right to exercise control over the collection, use and disclosure of their personal information.

Section 72 of the Privacy Act requires that the head of every federal government institution prepare for submission to Parliament an annual report on the administration of the Act within their institution during each fiscal year.

This annual report provides a summary of the management and administration of the Privacy Act within Public Works and Government Services Canada (PWGSC) for the fiscal year 2010-2011.


Top of Page

Part I - Background

1. Public Works and Government Services Canada

1.1 Background

The Department, founded in 1841 and originally known as The Board of Works, was instrumental in the building of our nation's canals, roads and bridges, the Houses of Parliament, post offices and federal buildings across the country.

In 1993, the Department became Public Works and Government Services Canada (PWGSC) through the amalgamation of the former Supply and Services Canada, Public Works Canada, Government Telecommunications Agency (Communications Canada), and the Translation Bureau (Secretary of State of Canada).

The Department of Public Works and Government Services Act, passed in 1996, established the Department and set out the legal authorities for PWGSC's services. The Act established PWGSC as a common service organization providing government departments, boards and agencies with support services for their programs.

Following the government's decision to review the way in which government communications would be delivered, on April 1, 2004, PWGSC assumed some of the former Communication Canada's functions.

Today, the Department has evolved into a sophisticated operational arm of government that employs nearly 14,000 staff working in the National Capital Area and across the country including regional offices in Halifax, Montreal, Toronto, Edmonton, and Vancouver, and abroad in the United States and in Europe.

The Office of the Procurement Ombudsman, an independent office, and part of the portfolio of the Minister of PWGSC, was established on May 5, 2008, as one of the final steps in the implementation of the Federal Accountability Act.

1.2 Raison d'être and Responsibilities

Public Works and Government Services Canada plays a key role in the daily operations of the Government of Canada. The Department is the principal banker, accountant, central purchasing agent, linguistic service provider, office space portfolio manager and enabler of access to government services online.

PWGSC's vision is to excel in government operations by delivering high-quality services and programs that meet the needs of federal organizations and ensure sound stewardship on behalf of Canadians.

The Minister is also the Receiver General for Canada and has the responsibility for maintaining the Public Accounts of Canada. The Minister also has the authority for the administration of services related to benefits, superannuation, pension plans, and the disbursement of pay to federal employees.

The Department's goal is to manage business in a way that strengthens accountability and adds value for clients, and for Canadians. In doing so, PWGSC:

  • injects more than $14 billion annually into the Canadian economy through government procurement;
  • issues more than 14.5 million federal pay and pension payments to Canadians;
  • provides office accommodation to parliamentarians and to more than 255,000 public servants in 1,800 locations across Canada;
  • provides translation and interpretation services for more than 1,800 sessions of Parliament annually, and translates 1.7 million pages of text on behalf of other federal organizations; and,
  • handles more than $1.99 trillion in cash flow transactions as the Receiver General for Canada.

The Office of the Procurement Ombudsman reviews complaints from suppliers. It also reviews procurement practices in departments and agencies, and makes recommendations for the improvement of those practices to ensure improved fairness, openness, and transparency in the procurement process.

1.3 Strategic Outcome and Program Activity Architecture

PWGSC's Program Activity Architecture (PAA), as approved by Treasury Board, supports the strategic outcome which is high-quality, central programs and services that ensure sound stewardship on behalf of Canadians and meet the program needs of federal institutions. There are nine program activities that comprise PWGSC's PAA, as follows:

  • Acquisitions;
  • Accommodation and Real Property Assets Management;
  • Receiver General for Canada;
  • Information Technology Infrastructure Services;
  • Federal Pay and Pension Administration;
  • Linguistic Management and Services;
  • Specialized Programs and Services;
  • Procurement Ombudsman; and,
  • Integrated Services.

Note: Although it is a program activity of PWGSC, the Office of Procurement Ombudsman is required to operate in an impartial and independent manner.


Top of Page

Part II - Report on the Privacy Act

1. Organization of the Access to Information and Privacy Directorate

The Access to Information and Privacy (ATIP) Directorate administers the provisions of the Access to Information Act (Act) for PWGSC, including one Special Operating Agency, the Translation Bureau, as well as the Office of the Procurement Ombudsman.

The Director, ATIP, reports to the Director General, Executive Secretariat, who, in turn, reports to the Assistant Deputy Minister, Corporate Services and Strategic Policy Branch (ADMCSSPB). The ATIP Directorate operated with up to 15 ATIP officers and nine consultants who worked under three units to manage the requests received within the Department. Reporting to the Director, ATIP, the units were overseen by the Manager, Intake and Administration, the Manager, ATIP Operations, and the Chief, Privacy Policy. The first two are responsible for processing ATIP requests, consultations, complaints, and court cases received by the Department, while the other is dedicated to privacy policy. The administrative functions of the ATIP Directorate are supported by an administrative assistant and up to five clerks.

1.1 Delegation Instruments

Under Section 3 of the Privacy Act, the Minister of the Department is designated as the head of the government institution for purposes of the administration of the Act. Pursuant to Section 73, the Minister may delegate any of his powers, duties or functions under the Act by signing an order authorizing one or more officers or employees of the institution, who are at the appropriate level, to exercise or perform the powers, duties or functions of the head, specified in the order.

Within PWGSC this delegation instrument continued to be based on a centralized process with the Director General, Executive Secretariat, who reports to the ADMCSSPB, and the Director and Managers of the ATIP Directorate having full delegated authority under the Privacy Act, with the exception of paragraph 8(2)(m). Certain administrative functions are also delegated to the ATIP Chiefs to speed the processing of requests.

The delegation was revised in 2010 to provide full authority under the Act to the ADMCSSPB as the branch head responsible for the ATIP program. Although in effect, these changes will be incorporated in the Delegation of Authorities instrument of 2011-2012.

An excerpt of the Delegation of Authorities approved by the Minister of Public Works and Government Services can be found in Annex A.

The Director, Cheque Redemption Control, in Matane, Quebec, shares administrative powers under paragraph 8(2)(e) of the Act in regard to releasing transacted cheques to law enforcement bodies. This provides administrative flexibility in processing requests for cheques issued under the authority of the Receiver General for Canada.


Top of Page
1.2 Responsibilities of the ATIP Directorate

The responsibilities of the ATIP Directorate include the following

  • Managing all activities within PWGSC relating to the operation of the Act, as well as the regulations, directives and guidelines pursuant to them.
  • Developing, producing and promulgating departmental privacy policies, procedures, standards and guidelines.
  • Developing and delivering awareness training to PWGSC managers and staff to ensure departmental responsiveness to the legal obligations imposed by the Act and associated regulations.
  • Reviewing departmental policies, procedures and agreements to ensure that they are in compliance with the provisions of the Act and making recommendations for amendments.
  • Defending institutional decisions on the administration of the Act during investigations conducted by the Privacy Commissioner of Canada and during judicial proceedings at the Federal Court of Canada and the Supreme Court of Canada.
  • collaborating with departmental branches to ensure that Privacy Impact Assessments (PIAs) are completed and personal information banks (PIBs) are established for new or substantially modified programs or activities, as well as registering the new or modified PIBs with the Treasury Board of Canada Secretariat (TBS);
  • coordinating and approving the annual update of PWGSC's chapter in the TBS publication Info Source;
  • reporting annually to Parliament, in accordance with Section 72 of the Act and any instructions issued pursuant to paragraph 71(1)(e) of the Act;
  • acting as spokesperson for the Department in dealings with TBS, the Privacy Commissioner of Canada and other government departments and agencies;
  • notifying the Office of the Privacy Commissioner of Canada of any initiative or issue that may relate to the Privacy Act or any of its provisions, or that may have an impact on the privacy of Canadians, at a sufficiently early stage to permit the Commissioner to review and discuss the issues involved, including:
    1. New data matching programs by providing a copy of the departmental assessment of the program, at least 60 days before it is implemented;
    2. Use or disclosure of personal information in a manner consistent with the purpose for which the information was obtained or compiled, for which the consistent use is not identified in Info Source;
    3. Development of legislation or regulations with privacy implications, prior to submission of the appropriate documentation for approval by the Governor-in-Council, or where applicable, prior to the approval of ministerial regulations;
    4. Disclosure in the public interest under paragraph 8(2)(m) of the Privacy Act, either prior to the disclosure, or if this is not practicable, at the time of disclosure;
    5. PIAs, at a reasonably early stage prior to implementing the initiative, program or service; and
    6. any suspected or actual breach or violation of security involving personal information.

The administration of the Act by the ATIP Directorate is also facilitated at the branch, sector, and regional office levels of PWGSC. Each organizational branch has an ATIP Liaison Officer who coordinates the collection of information and provides guidance to branch managers on the application of the Act, as well as related departmental directives and procedures.


Top of Page
1.3 Policies and Procedures

The following departmental policies and procedures are being revised to reflect the new TBS Privacy Policy and Directives.

1.3.1 Departmental Policies

For the reference of all employees, departmental policies are posted on PWGSC's intranet.

Departmental Policy 002 outlines the privacy Delegation of Authority and sets out the definitions, and the roles and responsibilities of all stakeholders within PWGSC. An annex to the Policy has been developed to outline the administrative attribution of powers and the departmental guidelines and procedures with respect to the disclosure of personal information pursuant to subSection 8(2)of the Privacy Act. Paragraphs (8)(2)(j) and (m) of the Act continue to be delegated by the Minister pursuant to Section 73 of the Act.

Departmental Policy 014 sets out definitions as well as the roles and responsibilities of employees with respect to the protection of personal information in the workplace.

1.3.2 ATIP Liaison Officer Handbook

The Departmental ATIP Liaison Officer Handbook outlines the intent and the requirements of the Privacy Act and related Treasury Board guidelines so that all staff are aware of their responsibilities for the collection, use, disclosure, retention and disposal of personal information. In particular, staff are informed of their responsibilities to record and account for all uses and disclosures of personal information, by documenting all activities relating to personal information and by maintaining the relevant material on official departmental files.

Responsibility centres are also advised to consult with the ATIP Directorate before collecting any personal information and whenever there are questions relating to the retention and disposal of personal information.

The ATIP Liaison Officer Handbook is produced by the ATIP Directorate and is posted on PWGSC's intranet as a guide to:

  • introduce departmental ATIP Liaison Officers across the Department to the Privacy Act and regulations;
  • outline the roles and responsibilities of each PWGSC ATIP stakeholder; and
  • provide national processing standards and guidelines for the centralized handling of requests.
1.3.3 ATIP Directorate Desk Procedures

The ATIP Directorate has an ATIP Officer Desk Procedures manual in place to standardize the work procedures used by staff, to facilitate the training of new hires and to complement the functionality of the electronic ATIP tracking system.


Top of Page

2. Summary of Activities and Highlights

2.1 Management Accountability Framework (MAF) Action Plan

The MAF requirements for "Area of Management 12: Information Management", Line of Evidence 12.5 – Privacy, necessitate that PWGSC demonstrate compliance with statutory and regulatory requirements of the Act, including a demonstration of consistent public reporting on the administration of the Act.

PWGSC is committed to the continuous improvement of its management fundamentals and has used the results of the MAF assessment as a benchmark. Recognizing that further work is required to improve its chapter of Info Source, and with the goal of maintaining the Green rating obtained from the MAF Round VII assessment, PWGSC has developed a MAF action plan to improve the quality of the departmental content.

As sustained senior management engagement is key to ensuring the Department continues to improve its results, a MOU has also been prepared between the ADMCSSPB and the Deputy Minister to ensure that the activities of the MAF plan are implemented.

The ATIP Directorate continued to work closely with TBS and the departmental branches to ensure revised/new PIBs were registered and include them in the PWGSC's Info Source chapter, including the conversion of institution-specific PIBs to standard PIBs as recommended by TBS.

Although PWGSC was not evaluated in the MAF Round VIII assessment, TBS was pleased with the improvements made to the 2010 Info Source submission, but noted that some areas needed improvements. Specifically, the Department needs to review the translated versions of the PIBs to ensure that the information provided in the English document is the same as in the French.

Updating the Info Source is a work in progress and PWGSC is committed to continuous review, refinement and improvement to ensure comprehensive and complete revisions align with TBS requirements. A post mortem session was held with the departmental Info Source coordinators, and planning for the 2011 submission was undertaken, including an information session.


Top of Page
2.2 ATIP Officer Development Program

The ATIP Officer Development Program was developed in 2006 and revised in 2008-2009 to address the Department's mid and long-term shortage of skilled ATIP professionals by recruiting new employees at the junior level within a three-year horizon. The Program aims to foster the employees' loyalty towards PWGSC and to prepare them to fill senior ATIP Officer positions at the PM-04 group and level.. The Program is also intended to reduce the costs associated with the competitive staffing process and, in the long-term, the use of consultants.

In 2010-2011, two PM-02s and seven PM-01s were hired under the program from the pools of successful candidates created as a result of the advertised processes launched in the previous fiscal years.

As ATIP Trainees are promoted to the next level, appointments from the pools will be made to hire new participants in the program.

2.3 Committees

The Director General, Executive Secretariat, participates on the interdepartmental ATIP DG Committee. The objective is to provide strategic advice to TBS on overarching ATIP policy and operational questions.

The Director, ATIP, participated on the ATIP Community Development Initiative Working Group for developing and making recommendations to the ATIP DG Committee on generic tools for the ATIP Community, specifically organizational models, job descriptions, and competency profiles.

The Manager, Intake and Administration is a member of the Departmental Information Management Committee (DIMC) that provides a forum for strategic discussions on department-wide IM related matters, ensuring that the Department makes IM decisions that are fully consistent with departmental priorities and for promoting collaboration between branches to ensure alignment to PWGSC's IM/IT strategies and business priorities.

The ATIP Directorate is also represented at the Information Management Specialist Working Group (IMSWG) that was created in response to the TBS Information Management Policy, that came into effect on July 1, 2007. The IMSWG is composed of employees with IM functional expertise and is responsible for making recommendations to DIMC about Information Management within the Department, relating to their field of expertise.

2.4 Information Sessions

An overview of Privacy is incorporated into the general ATIP information sessions that were delivered to 531 participants during the fiscal year. These information sessions are described in the PWGSC Annual Report on the Access to Information Act.

In addition, 15 training and awareness sessions on Privacy have been provided to 828 managers and employees of the following areas: Accounting, Banking and Compensation; Corporate Services and Strategic Policy; Finance; Information Technology Services; and, the Office of the Procurement Ombudsman.


Top of Page
2.5 Collection, Use and Disclosure of Personal Information
2.5.1 Personal Information Banks

The ATIP Directorate must be notified whenever personal information in a PIB is used or disclosed for a use consistent with the purpose for which the information was obtained or compiled by the Department, but where such use is not included in the statement of consistent uses published in Info Source.

The following 15 new and revised institution-specific PIBs 1 were registered with TBS in 2010-2011:

  • PWGSC PPU 001 - Review of Procurement Practices and Supplier - Complaints
  • PWGSC PPU 006 - Crown and Leased Housing Landlords
  • PWGSC PPU 026 - Buyer Information - Crown Assets
  • PWGSC PPU 071 - Supplier Registration Information
  • PWGSC PPU 165 - Self-Serve Password Management Solution
  • PWGSC PPU 195 - Certification Program - Procurement and Material Management
  • PWGSC PPU 210 - Forensic Accounting
  • PWGSC PCU 606 - Internal and External Credential Management Services
  • PWGSC PCU 701 - Crown and Leased Housing Tenants
  • PWGSC PCU 703 - Federal Government Employees, Pensioners and Survivors - Insurance Information
    PWGSC PCU 707 - Directory Services
  • PWGSC PCU 709 - Document Imaging Solutions
    PWGSC PCU 712 - Receiver General Payments
  • PWGSC PCU 715 - Central Index
  • PWGSC PCU 717 - Receiver General Deposits

The Department also registered three new Standard PIBs developed by TBS:

  • PWGSC PSU 940 - Acquisition Cards
  • PWGSC PSU 941 - Internal Audit
  • PWGSC PSU 942 - Evaluation

Top of Page
2.5.2 Exempt Banks

PWGSC does not have any exempt banks

2.5.3 Departmental Forms

Departmental Policy 061 (Forms Management) requires that all new and revised forms that collect personal information be reviewed by the ATIP Directorate to ensure compliance with privacy legislative and policy requirements. During the 2010-2011 fiscal year, 10 forms were submitted for review.

2.5.4 Disclosure Under paragraph 8(2)(e) of the Act

The Department made 18 disclosures of personal information to investigative bodies during 2010-2011.

A copy of every request received under paragraph 8(2)(e), and a record of any information disclosed pursuant to the request, is kept in accordance with subSection 8(4) of the Privacy Act.

2.5.5 Disclosure Under Other Paragraphs of SubSection 8(2) of the Act

During fiscal year 2010-2011, PWGSC disclosed personal information pursuant to Paragraphs 8(2)(d) and (f) of the Privacy Act. There were no disclosures made under paragraph 8(2)(m) of the Act.

In accordance with subSection 9(1) of the Act, the Department retains a record of any use or purpose for which the information is disclosed where that use or purpose is not identified in the relevant PIB.

An excerpt of the Privacy Act, sections 8 and 9, is attached in Annex B for reference.


Top of Page

3. Privacy Impact Assessments

The Treasury Board of Canada approved the Privacy Impact Assessment (PIA) Directive with an effective date of April 1, 2010. The objective of the Directive is:

  • to provide direction to government institutions with respect to the administration of PIAs for new or substantially modified programs and activities involving the creation, collection and handling of personal information; and
  • to ensure, through the conduct of PIAs, sound management and decision making as well as careful consideration of privacy risks with respect to the creation, collection and handling of personal information as part of government programs or activities.

A PIA must be initiated for a program or activity in the following circumstances:

  • when personal information is used for or is intended to be used as part of a decision-making process that directly affects the individual;
  • upon substantial modifications to existing programs or activities where personal information is used or intended to be used for an administrative purpose; and
  • when contracting out or transferring a program or activities to another level of government or the private sector results in substantial modifications to the program or activities.

The departmental PIA framework provides for the review and approval process within PWGSC, as well as the roles and responsibilities of stakeholders. Project managers follow this framework when conducting PIAs.

The ATIP Directorate staff provides advice and guidance to PWGSC managers throughout the PIA process, including the review of PIA reports and liaison with the Office of the Privacy Commissioner.

When PWGSC's Legal Services unit employees review contractual terms and conditions, they inform contracting officers to seek the advice of the ATIP Directorate on the need for a PIA. The ATIP Directorate informs the contracting officers to check with their client departments and provides the name and telephone number of the responsible ATIP Coordinator. PWGSC's ATIP Directorate also advises on the requirement to include appropriate security and privacy clauses in procurement documentation.

Summaries of the PIAs completed by PWGSC are published on the Privacy Impact Assessment site. The site is intended to facilitate the public's understanding of the Access to Information Act, the Privacy Act and associated departmental procedures.

Table I provides the number of assessments conducted in the last three fiscal years.

Table I
PIAs and Preliminary PIAs (PPIAs)
Reporting Period PIAs PPIAs
Initiated Completed Initiated Completed
2008-2009 9 2 0 0
2009-2010 6 5 1 0
2010-2011 4 5 1 0

Top of Page
3.1 PIAs Initiated

The following PIAs were initiated in 2010-2011:

  • Access Key Program
  • Data Sharing with HRSDC for Pension
  • Government of Canada Pension Modernization Project - Release 2.0
  • Human Resources Information System Hosted Solution
3.2 PIAs Completed

During the 2010-2011 fiscal year, the following PIAs were completed and sent to the Privacy Commissioner of Canada:

  • Access Key Program - The existing Secure Channel Common Registration Service, commonly referred to as "epass", has transitioned to a new service offering called "Access Key", which provides authentication services to identify individuals and businesses in their dealings with online Government of Canada programs. Epass credentials owned by individuals have been migrated to Access Key in a seamless manner, and enables them to continue to securely and privately exchange data with the government protected websites. The PIA analysis identified some high risk areas that have been mitigated through the recommendations outlined in an action plan implemented as a collaborative effort between PWGSC and Bell Canada. The PIA summary has been prepared for publication on the ATIP website.
  • Certification Program for Federal Government Procurement and Material Management - This program enables practitioners to obtain a professional designation recognizing their level of qualifications. To obtain the professional designation, practitioners must meet the training, experience and knowledge requirements of the program as outlined in the Canadian General Standards Board standard CGSB-192.1-2005: Competencies of the Federal Government Procurement, Materiel Management and Real Property Community. The privacy risks identified during the PIA analysis have been determined to be low. The PIA summary is available at Publications Website Privacy Impact Assessment Summary.
  • Data Sharing Between the Controlled Goods Directorate and the Canadian Security Intelligence Service - The Controlled Goods Directorate (CGD) has initiated a datasharing Memorandum of Understanding with the Canadian Security Intelligence Service (CSIS) for the provision of security assessments of foreign temporary workers and visitors who may have access to the controlled goods in Canada. A PIA has been undertaken to assess the privacy implications of the data sharing between CGD and CSIS. The privacy risks associated the data sharing have been evaluated as low in severity. The PIA summary has been prepared for publication on the ATIP website.
  • Security Intelligence Analysis Division Reports Sharing Between CGD and CSIS - CGD prepared two reports based on the Security Intelligence Analysis Division (SIAD) work concerning the controlled goods-related visits to Canadian industry by foreign visitors and foreign temporary workers. These reports were prepared using the analysis information gathered during the security assessment process as requested by the Canadian industry holding these controlled goods and the foreign visitors and/or foreign temporary workers. The PIA analysis of this one-time sharing the SIAD reports with CSIS identified some privacy risks that were determined to be low. The PIA summary has been prepared for publication on the ATIP website.
  • Use of the Social Insurance Number (SIN) as a File Identifier for the Administration of the Public Service (PS), Canadian Forces (CF) and Royal Canadian Mounted Police (RCMP) Pension Plans - In order to comply with the legislative requirements for the PS, CF and RCMP pension plans, a file identifier is required to share limited personal information between the plan administrators. The SIN as the only identifier common to the three plans is used to confirm and calculate prior service when an employment ceases with one plan and employment commences with one of the other two plans. A multi-institutional PIA was lead by the Treasury Board Secretariat Pension and Benefits Sector, with input from the pension administrators (PWGSC, DND and RCMP) and their respective ATIP offices. The PIA did not identify any new privacy risks, other than administrative measures required to update the relevant PIBs and the privacy notices on applicable forms, and formalize a sharing agreement between the three Pension Administrators.
3.3 Preliminary PIAs

When the detailed information required for a comprehensive assessment is not yet available, a Preliminary PIA (PPIA) may be completed. Preliminary PIAs may also be conducted in unusual cases where, upon reviewing the policy and guidelines and obtaining expert advice, the need for a PIA remains ambivalent.

The following PPIA was initiated in the 2010-2011 fiscal year:

  • Voice Network Services

Top of Page

4. Statistical Report: Interpretation and Explanation of Trends

4.1 Requests under the Privacy Act

It is the practice of PWGSC to process requests formally where the information is sensitive and may be subject to an exemption or an exclusion pursuant to sections 18 through 28, 69 and 70 of the Act.

There were 109 requests filed under the Privacy Act in 2010-2011. Of these cases, 16 percent were for documents related to labour relations, 15 percent for pension and pay, 13 percent for employment related records, 10 percent for staffing processes, and 9 percent for security clearances. The remaining cases (37 percent) were for correspondence and other personal information pertaining to the requesters.

Compared with the last fiscal year, PWGSC experienced a 40 percent increase in the total number of privacy requests received. Table II provides the related detail.

Table II
Processing Trends for Privacy Requests
Reporting Period Outstanding Received Completed Carried Forward
2008-2009 6 61 56 11
2009-2010 11 78 71 18
2010-2011 18 109 89 38
4.1.1 Interdepartmental Consultations

In addition to privacy requests, the Department received 10 privacy consultation requests in 2010-2011, for a total of 142 pages of records. PWGSC took about 25 days to respond to these consultations. These consultation requests are not reflected in the statistical tables of Annex C: Statistical Report - Privacy Act.


Top of Page
4.2 Disposition of Completed Requests

Of the 127 requests in progress, 89 requests (70 percent) were completed during the 2010-2011 reporting period. The remaining 38 requests (30 percent) were carried forward to the next fiscal year.

Of the 89 cases where the Department completed the request, information was released either in whole or in part in 54 requests (61 percent). The 89 completed requests represent approximately 12,000 pages of records reviewed, and 8,000 pages released.

4.2.1 All Disclosed

In 25 of the 89 completed cases (28 percent), the applicants were provided with full access to the relevant records. This figure is up by 10 percent from last fiscal year.

4.2.2 Disclosed in Part

PWGSC was compelled by the exemptive and exclusionary provisions of the Privacy Act to provide applicants partial access in 29 of the 89 completed cases or 33 percent. This represents an eight percentage point decrease from last fiscal year. In most instances, the information withheld relates to information about other individuals.

4.2.3 Nothing Disclosed (All Exempted or All Excluded)

In 3 of the 89 completed requests (3 percent), PWGSC was compelled by the exemptive and exclusionary provisions of the Privacy Act to release no information.

4.2.4 Unable to Process

After an initial review, the Department was unable to process 18 requests (20 percent). In all instances this was because the Department did not have any records relating to the request.

4.2.5 Abandoned by the Applicant

Of the completed privacy requests, 13 (15 percent) were eventually considered to be abandoned. Such an action may occur at any point in the processing of a request.

4.2.6 Transferred

One of the 89 requests completed (1 percent) was transferred to another government institution in 2010-2011, with the requester's consent.


Top of Page
4.3 Exemptions Invoked

An individual's right of access to his/her personal information under the Privacy Act is limited by a number of exemptions specified in sections 18 through 28 of the legislation.

Annex C: Statistical Report - Privacy Act is intended to show the types of exemptions invoked to refuse access. For clarity purposes, if five different exemptions were used in one request, one exemption under each relevant section would be reported for a total of five exemptions. If the same exemption was used several times for the same request, it would be reported only once.

As noted in Annex C: Statistical Report - Privacy Act, information about another individual (Section 26 of the Act) accounts for the majority of the exemptions applied by the Department.

4.4 Exclusions Invoked

Pursuant to Section 69, the Act does not apply to material that is published or available for purchase, library or museum material preserved solely for public record, material deposited with the Library and Archives Canada, as well as records considered to be confidences of the Queen's Privy Council of Canada pursuant to Section 70 of the Act.

As in the case of exemptions, Annex C is intended to show the types of exclusions invoked. Again, for the sake of clarity, if five different exclusions are cited in one request, one exclusion under each relevant Section would be reported for a total of five. If the same exclusion was used several times for the same request, it would be reported only once.

Sections 69 and 70 were not invoked by PWGSC for any of the privacy request processed in the 2010-2011 fiscal year.

4.5 Extension of the Time Limits

Of the 89 requests completed during the fiscal year, 19 (21 percent) needed to be extended in accordance with Section 15 of the Privacy Act. Due to the nature of PWGSC's mandate, the records requested often contained sensitive information from another government department. As a result, in 12 cases meeting the original time limit would have unreasonably interfered with the operations of the Department. For the remaining seven cases, there was the need to consult with other government departments.

4.6 Completion Time

Within the first thirty days, 58 requests (65 percent) were completed, while 11 requests (12 percent) were completed within 31 to 60 days, and 9 (10 percent) were completed between 61 and 120 days from the date of receipt by the Department. Eleven of the cases (12 percent) required more than 120 days to process. On average, privacy requests were completed within 71 days in 2010-2011, which is 45 days longer than the requests completed in the previous fiscal year.


Top of Page
4.7 Translations

There was no request for the translation of information from one official language to the other.

4.8 Method of Access

Of the 58 requests in which information was released, the requesters received paper copies of the information in 54 cases, and electronic copies in the remaining four cases.

4.9 Corrections and Notations

There was no request for the correction of personal information or for a notation to be placed on a file.

4.10 Costs

Salary costs associated with the privacy program amounted to $235,280, and operations and maintenance costs to $182,569, for a combined total of $417,849. The associated full-time equivalent resources utilized were estimated at 3.06 for the 2010-2011 fiscal year.

5. Complaints and Requests for Judicial Review

The Table III provides a breakdown of the complaints made to the Privacy Commissioner of Canada and of requests for judicial review made to the Federal Court of Canada, for which PWGSC has been informed of over the past three fiscal years.

Table III
Complaints and Requests for Judicial Review
Reporting Period Complaints Requests for Judicial Review
2008-2009 0 0
2009-2010 7 0
2010-2011 2 0
5.1 Complaints to the Office of the Privacy Commissioner of Canada

Two complaints were lodged with the Privacy Commissioner of Canada against PWGSC in the 2010-2011 fiscal year. One complaint related to the time extension taken, and the other was about the delay in responding to the request.

Of the complaints investigated, one was not substantiated, one was resolved, and four complaint investigations were still ongoing at the end of the fiscal year.

5.2 Requests for Judicial Review

There was no request made to the Federal Court of Canada seeking a judicial review.


Top of Page

Annex A: Delegation of Authorities – Access to Information Act

PDF Version 29KB
Help with Alternative Format

Please note that the April 17, 2009 version has been updated as follows:

Changes to Schedule 1

Addition of authority to accept and release security. The Security for Debts Due to Her Majesty Regulations provide the Minister responsible for the recovery or collection of any debt or obligation due or payable to Her Majesty or claim by Her Majesty, with the authority to accept any security in respect of the debt, obligation or claim. The addition is to align the Delegation of Authorities Instrument with the Treasury Board Directive on Receivables Management that provides the authority to the Deputy Minister, the Chief Financial Officer and the senior official designated by the Deputy Minister as the lead official for the management of accounts receivable to seek security for debts due to Her Majesty on behalf of the Minister.

Recognize new or equivalent position titles to reflect the current corporate structures at both the national and regional level.

Increase Level 4 authority to allow Materiel Management managers to identify assets for disposal, write-off or loan. The authority to complete these transactions is only delegated to officers of Materiel Management in Corporate Services or Regional Corporate Services, Strategic Management & Communications.

Changes to Schedule 2

Removal of the authority for amendments to real property maintenance services contracts issued competitively by Acquisitions Branch.

Addition or change to the "Table of Equivalent Positions" to reflect current national and regional Real Property positions.

Addition or change to "Specific Delegation of Authorities Tables" included in the notes to reflect current national and regional Real Property positions.

Changes to Schedule 3

Aligning of Special Contracting limits with Services Contracts Approval Limits for level 2, 3 and 4.

Increase Level 2 Standing Offer and Supply Arrangement Approval Authority to reflect the limit for Non-regulated Telecommunication Services.

Change of the "Table of Equivalent Positions" to move the position of Senior Contracts Officer (Washington) from Level 2 to Level 3.

Minister's and Deputy Minister's Delegation of Authorities

We hereby delegate the powers vested in the offices of the Minister and Deputy Minister of Public Works and Government Services, in the manner defined in Schedules 1 to 4, the associated Tables of Equivalent Positions and specific delegations in the Notes to these schedules, including officers appointed on a temporary or acting basis to positions so defined, subject to the principles, guidelines, limitations and restrictions described in the department's Delegation of Authorities Manual and all relevant legislation, regulations and policies.

Specifically, this instrument is intended to delegate authority, as defined by:

Schedule 1

Department-Wide Authorities", the "Table of Equivalent Positions" for Schedule 1 and the Specific Delegations contained in the "Notes to Schedule 1";

Schedule 2

"Real Property Services Authorities", the "Table of Equivalent Positions" for Schedule 2 and the Specific Delegations contained in the "Notes to Schedule 2";

Schedule 3

"Common Service Acquisition Authorities", the "Table of Equivalent Positions" for Schedule 3 and the Specific Delegations contained in the "Notes to Schedule 3";

Schedule 4

"Receiver General for Canada Authorities".

Further, these delegations are made on the explicit understanding that they are to be used only:

  • commensurate with the level of responsibility assigned to the position and when required to undertake the duties of that position as described in the operational plans of the Department; and
  • to attain departmental objectives, within the departmental mandate; or
  • to attain clients' objectives when providing common services to client departments.

The department's Delegation of Authorities Manual documents the delegated authorities of Public Works and Government Services Canada and includes important information on the conditions under which we have made these delegations. All officers of the Department who are acting on our behalf in any matter related to these delegations must make themselves familiar with the contents of the Manual to ensure that they are fully cognizant of the conditions and implications of doing so.

The Honourable Rona Ambrose, P.C., M. P. (Edmonton–Spruce Grove)
Minister of Public Works and Government Services

François Guimont
Deputy Minister of Public Works and Government Services

DEPARTMENT–WIDE AUTHORITIES – SCHEDULE 1

Administrative Authorities - Approvals

Administrative Authorities – Approvals
  Asset Disposals Asset Write–Offs Asset Loans Project Approval: Information Technology Investments Treasury Board Submission Amendment to the Table of Equivalent Positions Access to Information Act
Departmental Limit FULL FULL FULL $5M NEW
$10M EXIST		 FULL FULL FULL
Generic Levels
Level 1 FULL
See Notes		 FULL FULL See Notes See Notes See Notes See Notes
Level 2 FULL
See Notes		 FULL FULL       See Notes
Level 3 FULL
See Notes		 FULL
See Notes		 FULL
See Notes		       See Notes
Level 4 FULL
See Notes		 FULL
See Notes		 FULL
See Notes		       See Notes
References to "Notes to Schedule 1" 50 51 52 53 54 55 56
Administrative Authorities - Approvals
  Privacy Act Use of Government Vehicles Exemption From Parking Charges Certification of True Copies Release Settlement Documents
Departmental Limit FULL FULL FULL FULL FULL
Generic Levels
Level 1 See Notes See Notes See Notes See Notes See Notes
Level 2 See Notes See Notes     See Notes
Level 3 See Notes See Notes      
Level 4 See Notes See Notes      
References to "Notes to Schedule 1" 57 58 59 60 61

Supplementary Information – SCHEDULE 1

  Asset Disposals Asset Write Offs Asset Loans Project Approval: Information Technology Investments Treasury Board Submission Amendment to the Table of Equivalent Positions Access to Information Act
Departmental Limit FULL FULL FULL $5M NEW
$10M EXIST		 FULL FULL FULL
Level 1 FULL
See Notes		 FULL FULL See Notes See Notes See Notes See Notes
  50 51 52 53 54 55 56
  Privacy Act Use of Government Vehicles Exemption From Parking Charges Certification of True Copies Release Settlement Documents
Departmental Limit FULL FULL FULL FULL FULL
Level 1 See Notes See Notes See Notes See Notes See Notes
  57 58 59 60 61

Columns 50 to 52 are administrative authorities that allow managers to identify assets for disposal, write-off or loan. The authority to complete these transactions is only delegated to officers of Materiel Management in Corporate Services or Regional Corporate Services, Strategic Management & Communications.

Departmental Limit: FULL means the authority to dispose, write-off or loan assets for which the Department is responsible.
Level 1: FULL means the authority to dispose, write-off or loan assets for which the manager is responsible.

Column 53 is a specific secondary control on spending related to IT procurement that is delegated to the Deputy (replacement of existing system) and CEO and COO, ITS (investment in new system).

Column 54 is a primary control on spending when that spending is outside the limits of Departmental authority. This is the authority to initiate a TB Submission. Only the Minister and Deputy Minister may approve a Submission to the Treasury Board.

Columns 55 to 61 are administrative authorities which are delegated to positions with assigned responsibility. Exercising of these authorities must also comply with relevant legislation, regulation and policy requirements and limitations.

TABLE OF EQUIVALENT POSITIONS – for Schedule 1

This Table defines the positions at each of the four levels that receive the general delegations of authorities through the Schedule.

Notes:

  1. Unless restricted by legislation, regulations and policies, the Deputy Minister and Associate Deputy Minister have full delegated authority; and
  2. For any position titles not listed in this Table of Equivalent Positions, the equivalent positions as recognized by the Chief Financial Officer shall apply.
Level Positions
Level 1 Chief Financial Officer
Assistant Deputy Minister
Associate, Assistant Deputy Minister
Chief Executive Officer
Chief Operating Officer
Chief Risk Officer
Director General
Associate Director General
Vice President
Executive Director
Special Advisor to Deputy Minister
Regional Director General
Regional Director
Senior Director
Director, Cheque Redemption and Control
Product Executive, Product Management
Delivery Executive, Service Management & Delivery
Level 2 Director
Deputy Director
Level 3 Manager
Financial Management Advisor
Facilities Management Integrator
Internal Audit Principal
Executive Assistant
Level 4 Head
Group Head
Chief
Section Chief
Team Leader
Supervisor
Unit Supervisor
Administrator
Senior Officer
Officer
Project Leader
Senior Advisor
Advisor
Senior Analyst
Analyst
Agent
Coordinator
Engineer
Specialist
Technologist
Inspector
Operator
Architect
Designer
Assistant
Hydrogeologist
Surveyor
Superintendent
Planner
Cartographer
Foreman
Technician
Stores-Person
Trainer
Counsellor
Estimator
Appraiser
Sign Writer
Fitter
Procurement Clerk

Column 56 Access to Information Act
Specific Delegation of Authority

  • Level 1 - Director General, Executive Secretariat - Full
  • Level 2 - Director, Access to Information and Privacy - Full
  • Level 3 - Manager, Risk and Quality Management - Full
  • Level 4 - Chief, Access to Information and Privacy - Full[1]
  • Level 4 - ATIP Officer - Full[2]

[1] Only in regard to Sections 7, 9, 25, 27 and 33; and Subsections 8(1), 11(2) to 11(6), 19(1) and 24(1) of the Access to Information Act; Section 8 and Subsections 6(1), 7(2)(3) of the Access to Information Regulations.

[2] Only in regard to Section 9 and Subsection 27(1) of the Access to Information Act.

Column 57 Privacy Act
Specific Delegation of Authority

  • Level 1 - Director General, Executive Secretariat - Full
  • Level 2 - Director, Access to Information and Privacy - Full*
  • Level 3 - Manager, Risk and Quality Management - Full*
  • Level 4 - Chief, Access to Information and Privacy - Full(1)
  • Level 4 - ATIP Officer - Full(2)

* Except for Section 8(2)(m) of the Privacy Act re; personal information to be disclosed in the public interest.

(1) Only in regard to Sections 14, 15 and 26 of the Privacy Act; and section 9 of the Privacy Regulation.

(2) Only in regard to Section 15 of the Privacy Act.


Top of Page

Annex B: Privacy Act, Sections 8 and 9 (Excerpt)

Disclosure of personal information

8. (1) Personal information under the control of a government institution shall not, without the consent of the individual to whom it relates, be disclosed by the institution except in accordance with this section.

Where personal information may be disclosed

(2) Subject to any other Act of Parliament, personal information under the control of a government institution may be disclosed

  • (a) for the purpose for which the information was obtained or compiled by the institution or for a use consistent with that purpose;
  • (b) for any purpose in accordance with any Act of Parliament or any regulation made thereunder that authorizes its disclosure;
  • (c) for the purpose of complying with a subpoena or warrant issued or order made by a court, person or body with jurisdiction to compel the production of information or for the purpose of complying with rules of court relating to the production of information;
  • (d) to the Attorney General of Canada for use in legal proceedings involving the Crown in right of Canada or the Government of Canada;
  • (e) to an investigative body specified in the regulations, on the written request of the body, for the purpose of enforcing any law of Canada or a province or carrying out a lawful investigation, if the request specifies the purpose and describes the information to be disclosed;
  • (f) under an agreement or arrangement between the Government of Canada or an institution thereof and the government of a province, the council of the Westbank First Nation, the council of a participating First Nation - as defined in subSection 2(1) of the First Nations Jurisdiction over Education in British Columbia Act -, the government of a foreign state, an international organization of states or an international organization established by the governments of states, or any institution of any such government or organization, for the purpose of administering or enforcing any law or carrying out a lawful investigation;
  • (g) to a member of Parliament for the purpose of assisting the individual to whom the information relates in resolving a problem;
  • (h) to officers or employees of the institution for internal audit purposes, or to the office of the Comptroller General or any other person or body specified in the regulations for audit purposes;
  • (i) to the Library and Archives of Canada for archival purposes;
  • (j) to any person or body for research or statistical purposes if the head of the government institution
    • (i) is satisfied that the purpose for which the information is disclosed cannot reasonably be accomplished unless the information is provided in a form that would identify the individual to whom it relates, and
    • (ii) obtains from the person or body a written undertaking that no subsequent disclosure of the information will be made in a form that could reasonably be expected to identify the individual to whom it relates;
  • (k) to any aboriginal government, association of aboriginal people, Indian band, government institution or part thereof, or to any person acting on behalf of such government, association, band, institution or part thereof, for the purpose of researching or validating the claims, disputes or grievances of any of the aboriginal peoples of Canada;
  • (l) to any government institution for the purpose of locating an individual in order to collect a debt owing to Her Majesty in right of Canada by that individual or make a payment owing to that individual by Her Majesty in right of Canada; and
  • (m) for any purpose where, in the opinion of the head of the institution,
    • (i) the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure, or
    • (ii) disclosure would clearly benefit the individual to whom the information relates.

Personal information disclosed by Library and Archives of Canada

(3) Subject to any other Act of Parliament, personal information under the custody or control of the Library and Archives of Canada that has been transferred there by a government institution for historical or archival purposes may be disclosed in accordance with the regulations to any person or body for research or statistical purposes.

Copies of requests under paragraph (2)(e) to be retained

(4) The head of a government institution shall retain a copy of every request received by the government institution under paragraph (2)(e) for such period of time as may be prescribed by regulation, shall keep a record of any information disclosed pursuant to the request for such period of time as may be prescribed by regulation and shall, on the request of the Privacy Commissioner, make those copies and records available to the Privacy Commissioner.
Notice of disclosure under paragraph (2)(m)

Record of disclosures to be retained

9. (1) The head of a government institution shall retain a record of any use by the institution of personal information contained in a personal information bank or any use or purpose for which that information is disclosed by the institution where the use or purpose is not included in the statements of uses and purposes set forth pursuant to subparagraph 11(1)(a)(iv) and subSection 11(2) in the index referred to in Section 11, and shall attach the record to the personal information.


Top of Page

Annex C: Statistical Report - Privacy Act

PDF Version 23KB
Help with Alternative Format

Institution: PUBLIC WORKS AND GOVERNMENT SERVICES CANADA
Reporting period: 01/04/2010 to 31/03/2011

I. requests under the Privacy Act

Received during reporting period: 109
Outstanding from previous period: 18
TOTAL: 127
Completed during reporting period: 89
Carried forward: 38

II. Disposition requests completed

  1. All disclosed: 25
  2. Disclosed in part: 29
  3. Nothing disclosed (exclusion): 0
  4. Nothing disclosed (exemption): 3
  5. Unable to process: 18
  6. Abandoned by applicant: 13
  7. Transferred: 1

TOTAL: 89


Top of Page

III. Exemptions invoked

Exemptions Numbers
S.
Art. 18(2) 		0
S.
Art. 19(1)(a) 		0
(b) 0
(c) 0
(d) 0
S.
Art. 20		 0
S.
Art. 21		 2
S.
Art. 22(1)(a)		 0
(b) 0
(c) 0
S.
Art. 22(2)		 0
S.
Art. 23(a)		 0
(b) 0
S.
Art. 24		 0
S.
Art. 25		 0
S.
Art. 26		 30
S.
Art. 27		 3
S.
Art. 28		 0

IV. Exclusions cited

Exclusions Numbers
S.
Art. 69(1)(a) 		0
(b) 0
S.
Art. 70(1)(a)		 0
(b) 0
(c) 0
(d) 0
(e) 0
(f) 0

V. Completion time

  • 30 days or under: 58
  • 31 to 60 days: 11
  • 61 to 120 days: 9
  • 121 days or over: 11

Top of Page

VI. Extensions

30 days or under

  • Interference with operations: 12
  • Consultation: 7
  • Translation: 0

TOTAL: 19

31 days or over

  • Interference with operations: 0
  • Consultation: 0
  • Translation: 0

TOTAL: 0

VII. Translations

Translations requested: 0

  • Translations prepared
    • English to French: 0
    • French to English: 0

VIII. Method of access

  • Copies given: 54
  • Examination: 0
  • Copies and examination: 0

IX. Corrections and notation

  • Corrections requested: 0
  • Corrections made: 0
  • Notation attached: 0

X. Costs

Financial (all reasons)
  • Salary: $235,280
  • Administration (O and M): $182,569
  • TOTAL: $417,849
Person year utilization (all reasons)
  • Person year (decimal format): 3.06

Top of Page

Additional Reporting Requirements - Privacy Act

Treasury Board Secretariat is monitoring compliance with the Privacy Impact Assessment (PIA) Policy (which came into effect on May 2, 2002) and the Directive on Privacy Impact Assessment (which takes effect April 1, 2010) through a variety of means. Institutions are therefore required to report the following information for this reporting period. Note that because some institutions are using the Core PIA as outlined in the Directive in advance of the implementation deadline, they will not have Preliminary PIAs to report.

Indicate the number of:

Preliminary Privacy Impact Assessments initiated: ___1___

Preliminary Privacy Impact Assessments completed:  ___0___

Privacy Impact Assessments initiated: ___4___

Privacy Impact Assessments completed: ___5___

Privacy Impact Assessments forwarded to the Office of the Privacy Commissioner (OPC): ___5___

In addition, institutions are required to report on the following:

Part III – Exemptions invoked

  • SubSection 22.3: ___2___

Public Works and Government Services Canada (PWGSC) did not invoke any of the exemptions noted below during the reporting period.

  • paragraph 19(1)(e)
  • paragraph 19(1)(f)
  • SubSection 22.1
  • SubSection 22.2

Part IV – Exclusions cited

PWGSC did not cite any of the exclusions noted below during the reporting period.

  • SubSection 69.1
  • SubSection 70.1

1 PIB Legend:
PCU - Central Bank (General Public); PCE - Central Bank (Employees).
PPU - Particular Bank (General Public); PPE - Particular Banks (Employees).
PSU - Standard Bank (General Public); PSE - Standard Bank (Employees). (Back to note 1)

Date Modified: 2012-06-18

Top of Page
Important Notices