Annual report on the Privacy Act 2017-18

Table of contents

Introduction

Purpose of the Privacy Act

The Privacy Act came into effect on July 1, 1983. The Act protects the privacy of individuals with respect to their personal information that is held by government institutions, and provides these individuals with a right of access to this information. In addition, the Privacy Act gives individuals rights over the collection, use and disclosure of their personal information.

Section 72 of the Privacy Act requires that the head of every government institution prepare and submit an annual report to parliament, detailing the administration of the act within the institution for each fiscal year.

This annual report describes how Fisheries and Oceans Canada (DFO) administered the Privacy Act from April 1, 2017 to March 31, 2018.

Mandate of Fisheries and Oceans Canada

Fisheries and Oceans Canada (DFO) supports strong and sustainable economic growth in our marine and fisheries sectors and contributes to a prosperous economy through global commerce by supporting exports and advancing safe maritime trade. The department supports the innovation needed for a knowledge-based economy through research in expanding sectors such as aquaculture and biotechnology. The department contributes to a clean and healthy environment and sustainable aquatic ecosystems for Canadians through habitat protection, oceans management and ecosystems research.

The Canadian Coast Guard (CCG), as a special operating agency within DFO, is responsible for services and programs that contribute to all three of the department's strategic outcomes while also contributing significantly to the safety, security, and accessibility of Canada's waterways. The CCG also supports other government organizations by providing a civilian fleet and a broadly distributed shore-based infrastructure.

Organizational structure

Departmental organization

DFO has a presence across Canada with the majority of employees working outside national headquarters in one of the department's 6 regions. National objectives, policies, procedures, and standards for the department and the Canadian Coast Guard are established at national headquarters, in Ottawa. Regions are responsible for delivering programs and activities in accordance with national and regional priorities and within national performance parameters.

ATIP Secretariat organization

The Access to Information and Privacy (ATIP) director reports to the director general, Executive Secretariat, who in turn reports to the senior assistant deputy minister, Strategic Policy Sector. The ATIP director is accountable for the development, coordination and implementation of effective ATIP-related policies, guidelines, systems and procedures. This accountability ensures that the department’s responsibilities under the Privacy Act are met, and enables appropriate processing and proper disclosure of information. 

The director general, Executive Secretariat serves as the chief privacy officer (CPO) responsible for ensuring that privacy issues are afforded visibility and considered a priority at DFO, as well as for working with senior management on strategic privacy matters. The CPO keeps abreast of legislative and policy changes to the existing federal privacy regime and ensures that the department’s practices are in line with all legal and policy requirements. 

The ATIP Secretariat is divided between the business lines that process requests under the act and those that execute all the other responsibilities related to the administration of the act at DFO. The business lines that process requests are: the Operations Division, which processes privacy files, and provides issues management; the Intake Unit, which oversees all incoming requests and liaises with requesters, programs and regions; and the Administrative Support Group, which handles scanning, file management and quality control.

The department’s responsibilities under the Privacy Act are generally undertaken by the Policy and Privacy Division (PPD), which acts as the policy centre for the secretariat, provides strategic issues management, develops, implements and maintains the department’s privacy policy suite, oversees the department’s 8(2) disclosures, investigates and responds to suspected privacy breaches, conducts privacy impact assessments, maintains and updates the department’s personal information banks, leads the privacy training program, liaises with the ATIP community, and monitors the ongoing legislative review of the Privacy Act. Other important work completed by the PPD includes the provisions of advice to employees and executives on complex privacy matters, liaising with the Office of the Privacy Commissioner, and providing disclosure recommendations related to investigations at DFO.

The remaining responsibilities are undertaken by the Strategic Projects and Infrastructure Division, which tracks departmental performance, and supports operations through assisting with staffing processes, maintaining technology, and other special projects to ensure the ongoing sound application of the act.

The ATIP Secretariat works with a network of ATIP contacts located in each region and sector to act as liaisons for their respective parts of the department.

In total, throughout the course of this reporting period, the ATIP Secretariat employed approximately 6 full-time employees and roughly a quarter of a full-time equivalent of a consultant, agency personnel and casual employee combined devoted to Privacy Act activities.

Delegation order

Responsibility for the administration of the Privacy Act at DFO is delegated from the minister to the director of the ATIP Secretariat and the deputy directors. A copy of the delegation order is found at Appendix A.

Highlights of the Statistical Report, 2017-18

The Statistical Report on the Privacy Act is prepared by government institutions to assist the Treasury Board of Canada Secretariat (TBS) to analyze trends and exercise oversight.

DFO’s complete 2017-18 Statistical Report on the Privacy Act is found in Appendix B. Previous years’ statistical reports can be obtained from the ATIP Secretariat upon request.

Overview of 2017 to 2018 requests under the Privacy Act

The analysis in this section compares data found in DFO’s 2017-18 Statistical Report on the Privacy Act with data from 2014 to 2015, to produce a trend analysis over 4 years.

In 2017 to 2018, DFO received 55 requests under the Privacy Act and had 5 requests outstanding from the previous reporting period. Of these 60 requests, DFO completed 57 and carried forward 3 into the next reporting period. As the following table illustrates, DFO saw a slight increase (10%) in requests under the Privacy Act in 2017 to 2018 from the previous year.

As shown in the table below, compliance for 2017 to 2018 is excellent, up from 60% in 2014 to 2015, 74% in 2015 to 2016 and 90% in 2016 to 2017. The 2017 to 2018 figures reveal 98% of privacy files were closed on or before their statutory or extended deadline.
Table 1: Overview of 2017 to 2018 requests under the Privacy Act
Number of requests 2014 to 2015 2015 to 2016 2016 to 2017 2017 to 2018
Received during reporting period 43 56 50 55
Outstanding from previous reporting period 37 11 5 5
Total requests to process during reporting period 80 67 55 60
Completed during reporting period 68 62 50 57
Carried over to next reporting period 12 5 5 3
On-time compliance rate 60% 74% 90% 98%

Requests closed during the reporting period

Disposition and completion time

Section 14 of the act requires institutions to provide a response to the requester within 30 days of receipt of the request, or to notify the requester that an extension is required. Of the 57 requests completed during the reporting period:

The 57 requests completed by the department in 2017 to 2018 were finalized in the following manner:

No requests were processed where all information was excluded from disclosure and no requests were neither confirmed nor denied.

Exemptions and exclusions

Exemptions are provisions of the act that allow or require the heads of federal government institutions to withhold information requested under the legislation. For requests completed during the reporting period, the department invoked exemptions pursuant to sections/subsections 19(1)(a), 21, 22(1)(a)(iii), 22(1)(b), 25, 26 and 27 of the Privacy Act. As was the case in 2016 to 2017, section 26 was the most frequently invoked provision. It was cited in 32 requests, and was used to protect personal information about individuals other than the requester. The second most cited exemption, invoked 9 times was subsection 22(1)(b), which was used to protect information which could be injurious to law enforcement and investigations.

Table 2: Exemptions invoked under the Privacy Act during the reporting period
Section of the Privacy Act Description Number of requests
19(1)(a) Personal information obtained in confidence 1
21 International affairs and defence 6
22(1)(a)(iii) Law enforcement and investigation 5
22(1)(b) Law enforcement and investigation 9
25 Safety of individuals 1
26 Information about another individual 32
27 Solicitor-client privilege 7

Exclusions are provisions of the act that remove certain records from the application of the legislation. Records excluded from the requirements of the Privacy Act include publicly available information and confidences of the Queen’s Privy Council (Cabinet Confidences) pursuant to sections 69 and 70, respectively. In 2017 to 2018, no exclusions for Cabinet Confidences or publicly available information were applied.

Format of information released

When requests are complete, requesters may receive the information in paper or electronic formats, or they may view the records at any DFO office. Access to relevant documents was given, in whole or in part, for 39 requests in 2017 to 2018. In 25 (64%) of these requests, information was released in an electronic format. For the remaining 14 (36%) requests, information was released in paper format.

Complexity

During the reporting period, a total of 14,555 relevant pages were processed compared to 32,580 in the previous fiscal year. While the total number of pages processed fell between 2016 to 2017 and 2017 to 2018, the department actually released a higher proportion of pages in whole or in part this year compared to last. Of the 14,555 pages processed in 2017 to 2018, 57% of pages processed (8,341 pages) were disclosed in whole or in part, compared to 51% of pages processed (16,558 pages) last year.

Of the 49 requests completed with records, 31 requests (63%) had fewer than 100 pages, 11 requests (23%) had 101 to 500 pages, 1 request (2%) had 501 to 1,000 pages and 6 requests (12%) had 1,001 to 5,000 pages.

The department completed a number of requests that involved other factors that increased the complexity of those requests, including:

Deemed refusals

Of the 57 requests that were closed during the reporting period, the ATIP Secretariat closed only one request past the statutory deadline. This represents a 98% rate of compliance compared to 90% in fiscal year 2016 to 2017, 76% in 2015 to 2016 and 60% in 2014 to 2015. This continues a long term trend toward clearing the backlog and returning to a high rate of compliance.

The principle reason for the delay in the 1 request related to consultations with another government institution.

Extensions

Section 15 of the act provides for the extension of statutory time limits if processing the request within the original time limit would unreasonably interfere with the operations of the department, if consultations are necessary, if additional time is necessary for translation purposes, or for converting the personal information into an alternative format.

During the reporting period, extensions under subparagraph 15(a)(i) were taken seven times because processing the request within the original time limit would unreasonably interfere with the operations of the department. Eight extensions were taken under subparagraph 15(a)(ii) for consultations.

In total, 15 extensions were taken on 12 requests and the records were “disclosed in part” for all 12 of these requests.

For 3 requests, an extension was taken for a period of 1 to 15 days beyond the statutory deadline under subparagraph 15(a)(i) (interference with operations) as well as an extension for a period of 1 to 15 days for consultations. All the rest (9) were for 16 to 30 days.

Consultations received from other institutions and organizations

When other institutions and organizations retrieve information that concerns or originates from DFO in response to Privacy Act requests, they may consult the DFO ATIP Secretariat for recommendations on release. Other government institutions are defined as federal institutions subject to the Privacy Act. Other organizations include the governments of the provinces, territories and municipalities, and of other countries.

In 2017 to 2018, DFO received 4 consultation requests from Government of Canada institutions and did not have any outstanding from the previous year. All 4 consultations were completed within 30 days. In 2 of the requests, DFO recommended disclosing the records in full, in 1 request the recommendation was to disclose in part, and in 1 request the recommendation was to exempt all of the information.

No requests from other organizations were received during the reporting period.

Other requests

The ATIP Secretariat conducts a significant amount of informal privacy-related activities in addition to processing privacy requests, developing policy tools, and developing and conducting training sessions. These activities include processing informal privacy requests such as:

The table below illustrates the workload associated with administering the Privacy Act apart from formal privacy requests. While the total number of other Privacy Act related requests decreased in this reporting period compared to fiscal year 2016 to 2017, the number of informal requests on matters such as responding to guidance on privacy impact assessments, privacy notices, information sharing agreements and contracts that include the sharing of personal information, has continued to increase. 

In addition, the figures on privacy investigations completed for potential privacy breaches remain consistent with the previous reporting period but remain higher compared to fiscal year 2014 to 2015 and 2015 to 2016. The likely cause of the increase of reported privacy breaches is the positive result of DFO’s aggressive training efforts and increased departmental awareness of its personal information protection responsibilities. The DFO Standard on Privacy Breaches requires all suspected privacy breaches to be reported to ATIP within 24 hours. This message is reinforced in privacy training and awareness sessions.

Table 3: Other Privacy Act related requests completed between 2014 to 2015 and 2017 to 2018
Other Privacy Act related requests 2014 to 2015 2015 to 2016 2016 to 2017 2017 to 2018
Informal privacy requests completed 68 107 140 145
Investigations completed for potential privacy breaches 18 14 27 26
Harassment/ Administrative investigations reviewed 31 29 44 26
Other 15 19 5 3
Total 132 169 216 200

Training and awareness

DFO makes significant efforts to promote awareness of federal privacy legislation and the corresponding responsibilities of DFO employees, providing ongoing individual and group training sessions. Privacy training is mandatory for all DFO executives and individuals acting in an executive position for more than 4 months. While regions, sectors and divisions are encouraged to request training as the need arises, the ATIP Secretariat also offers semi-annual awareness sessions to all employees of the department.

During the 2017 to 2018 reporting period, the department provided privacy training to 248 participants. These figures include all sessions (12) with a privacy component. This means that while some of the sessions were exclusively on privacy, others also included access to information elements in addition to privacy.

In addition to training offered by DFO, the department encourages employees to take privacy training offered by the Canada School of Public Service (CSPS). The ATIP Secretariat increased efforts to promote the CSPS training in 2017 to 2018, likely resulting in the spike in learners over the previous reporting period. CSPS provided privacy training to more than double the number of DFO participants (205 learners) than in the previous fiscal year of 86 learners. The following table highlights all privacy-related training activities undertaken during the reporting period.

Table 4: Privacy-related training and awareness activities in 2017 to 2018
Type of training Number of learners
DFO training: 12 sessions 248
CSPS training: Access to Information and Privacy Fundamentals (I015) and Privacy in the Government of Canada (I702) 205
Total 453

Policies, guidelines, procedures and initiatives

The PPD continues to revise DFO’s ATIP policy suite where appropriate. The suite of policy tools were developed by the ATIP Secretariat to help DFO employees understand their responsibilities with regards to the protection of personal information. Included in the policy suite are the DFO Privacy Policy, Directive on Privacy Practices, the Standard on Privacy Breaches, the Standard on Permissible Disclosures of Personal Information and related tools such as Guidelines for the Informal Release of Information, the Privacy Impact Assessment: Needs Analysis, the Privacy Notice Template and privacy breach reporting forms.

This year, the secretariat completed an update of the department’s internal facing ATIP website to remove out-of-date guidance, publish communication pieces on DFO best practices and tips, and provide information on departmental ATIP training offerings.

The PPD continued with its project to review forms used by internal services within DFO and where necessary, developed privacy notice statements that meet all legislative and policy requirements. The PPD also actively monitors parliamentary questions in order to support timely and effective responses and to proactively identify potential files requiring ATIP’s review.

Strategic collaboration

The ATIP Secretariat continues to be an active participant in the development and renewal of departmental policy and guidance documents within DFO.  Through ATIP’s participation in these processes, personal information protection principles are embedded in departmental policy documents to ensure compliance with the Privacy Act. This year, the ATIP Secretariat was engaged by the departmental security officer and the Conservation and Protection Directorate to review and revise 3 policy documents that involved the collection, use, and disclosure of personal information.

Summary of key issues and actions taken on complaints or audits

The department reviews the outcomes of each privacy commissioner investigation and audit. Where appropriate, DFO incorporates lessons learned into business processes.

In 2017 to 2018, DFO received 3 privacy complaints from the OPC. One complaint related to the processing of a formal request under the Privacy Act and is currently awaiting the Office of the Privacy Commissioner’s findings. The remaining 2 complaints were related to DFO’s disclosure of personal information.  Representations were sent to the OPC on both of these complaints.

One of the 3 complaints received this fiscal year was closed and a report of findings was issued by the OPC.  This complaint was deemed to be well-founded, caused by human error. To minimize the opportunity for a re-occurrence of this nature, DFO conducted privacy training sessions with employees and issued a directive reminding the employees and managers involved of their roles and responsibilities under the Privacy Act.

Monitoring compliance

DFO makes every effort to meet statutory deadlines and actively monitors the time taken to process privacy requests and requests for the correction of personal information. Monitoring begins as soon as a request is received by the ATIP Secretariat, entered into the case management system and assigned to an analyst. All requests, including requests for consultations, and requests for informal advice or review of records, are entered into the case management system for tracking. This electronic tracking of deadlines is essential, as analysts work on numerous requests, each with multiple actions coming due, at any given time. Analysts meet with their team leaders on a weekly basis to identify issues with requests that might result in delays. Issues are raised with the ATIP management team, if necessary. The director of the ATIP Secretariat gets involved in files where he can use his authority as the minister’s delegate under the Privacy Act to promote compliance with deadlines and deliverables.

Material privacy breaches

A privacy breach is defined by the Office of the Privacy Commissioner as the loss of, unauthorized access to, or disclosure of, personal information. A material privacy breach is defined by the Treasury Board Secretariat (TBS) as involving sensitive information that could reasonably be expected to cause serious injury or harm to the individual and/or involves a large number of affected individuals.

During the reporting period, 2 privacy breaches reported to the DFO ATIP Secretariat were deemed to be material. In both cases, the personal information was sensitive and potentially involved a large number of affected individuals. Investigations found that the probability of impact to affected individuals was low. DFO reported these breaches to the OPC and TBS and took measures to mitigate each breach, including privacy training and implementing more privacy-centric practices to prevent a re- occurrence of this nature.

Privacy impact assessments

To fulfill its mandate, many of DFO’s activities require the collection, use and disclosure of personal information. In accordance with Treasury Board Secretariat policies and directives, the department uses privacy impact assessments (PIAs) as a risk management tool to determine whether privacy risks are present in new or existing departmental programs, initiatives or projects that collect, use and retain personal information.

Two PIAs were completed during the reporting period, 1 on the aquatic invasive species program and the other on the Ice Assistance Emergency Program which was completed in collaboration with Employment and Social Development Canada (ESDC).

Consult the full executive summaries of these PIAs.

Aquatic invasive species program

Aquatic invasive species (AIS) are aquatic organisms, when introduced outside of their natural environment, out-compete native species. In Canada, there are hundreds of invasive species that generally share common characteristics including high rates of reproduction, few natural predators, and the ability to thrive in different environments. These characteristics make AIS difficult to control, and can result in devastating changes to natural habitat rendering it inhospitable for native species. To prevent the introduction of aquatic invasive species (AIS) into Canadian waters and to control and manage their establishment and spread, the Aquatic Invasive Species Regulations were introduced. The regulations complement existing federal and provincial authorities and bridge gaps within these frameworks to enable a broad range of AIS management activities.

Ice Assistance Emergency Program

The 2017 Ice Assistance Emergency Program (IAEP) is a new temporary activity designed to reduce the economic hardship faced by fishers on the East Coast of Newfoundland and Labrador and Quebec, who have exhausted their eligibility for Employment Insurance benefits, and who are unable to commence fishing due to severe ice conditions. The IAEP provides up to $5 million in grant payments to fishers in the 8 affected areas beginning the second week of May 2017, when commercial fishing would typically start, to mid-June 2017, when ice conditions are expected to improve sufficiently for fishing to commence.

Public interest disclosures

Subsection 8(2) of the Privacy Act describes certain instances in which personal information under the control of a federal government institution may be disclosed without the consent of the individual to whom the information relates.

Paragraph 8(2)(m) allows institutions to disclose personal information in circumstances where the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure, or where disclosure would clearly benefit the individual to whom the information relates. In 2017 to 2018, DFO made 2 disclosures under paragraph 8(2)(m) 1 of which was made on compassionate grounds. In both disclosures, the public interest in disclosure clearly outweighed the invasion of privacy that could result from disclosure and the privacy commissioner was notified before and/or at the time of the disclosure.

Appendix A:  Delegation order

Delegation order

Description

Copy of the delegation order designating the director and deputy directors of the ATIP Secretariat to exercise the powers, duties and functions of the Minister as the head of Fisheries and Oceans Canada, under the provisions of the Privacy Act and related Regulations.

Appendix B:  2017-18 Statistical Report on the Privacy Act

Statistical Report on the Privacy Act

Name of institution: Fisheries and Oceans Canada

Reporting period: 2017-04-01 to 2018-03-31

Part 1: Requests under the Privacy Act
Source Number of requests
Received during reporting period 55
Outstanding from previous reporting period 5
Total 60
Closed during reporting period 57
Carried over to next reporting period 3

Part 2: Requests closed during the reporting period

2.1 Disposition and completion time
Disposition of requests Completion time
1 to 15 days 16 to 30 days 31 to 60 days 61 to 120 days 121 to 180 days 181 to 365 days More than 365 days Total
All disclosed 2 6 0 0 0 0 0 8
Disclosed in part 2 14 13 2 0 0 0 31
All exempted 0 1 0 0 0 0 0 1
All excluded 0 0 0 0 0 0 0 0
No records exist 5 3 0 0 0 0 0 8
Request abandoned 8 1 0 0 0 0 0 9
Neither confirmed nor denied 0 0 0 0 0 0 0 0
Total 17 25 13 2 0 0 0 57
2.2 Exemptions
Section Number of requests Section Number of requests Section Number of requests
18(2) 0 22(1)(a)(i) 0 23(a) 0
19(1)(a) 1 22(1)(a)(ii) 0 23(b) 0
19(1)(b) 0 22(1)(a)(iii) 5 24(a) 0
19(1)(c) 0 22(1)(b) 9 24(b) 0
19(1)(d) 0 22(1)(c) 0 25 1
19(1)(e) 0 22(2) 0 26 32
19(1)(f) 0 22.1 0 27 7
20 0 22.2 0 28 0
21 6 22.3 0
2.3 Exclusions
Section Number of requests Section Number of requests Section Number of requests
69(1)(a) 0 70(1) 0 70(1)(d) 0
69(1)(b) 0 70(1)(a) 0 70(1)(e) 0
69.1 0 70(1)(b) 0 70(1)(f) 0
    70(1)(c) 0 70.1 0
2.4 Format of information released
Disposition Paper Electronic Other formats
All disclosed 5 3 0
Disclosed in part 9 22 0
Total 14 25 0

2.5 Complexity

2.5.1 Relevant pages processed and disclosed
Disposition of requests Number of pages processed Number of pages disclosed Number of requests
All disclosed 384 384 8
Disclosed in part 14168 7957 31
All exempted 3 0 1
All excluded 0 0 0
Request abandoned 0 0 9
Neither confirmed nor denied 0 0 0
Total 14555 8341 49
2.5.2 Relevant pages processed and disclosed by size of requests
Disposition Less than 100 pages processed 101-500 pages processed 501-1000 pages processed 1001-5000 pages processed More than 5000 pages processed
Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed
All disclosed 7 117 1 267 0 0 0 0 0 0
Disclosed in part 14 345 10 1443 1 321 6 5848 0 0
All exempted 1 0 0 0 0 0 0 0 0 0
All excluded 0 0 0 0 0 0 0 0 0 0
Request abandoned 9 0 0 0 0 0 0 0 0 0
Neither confirmed nor denied 0 0 0 0 0 0 0 0 0 0
Total 31 462 11 1710 1 321 6 5848 0 0
2.5.3 Other complexities
Disposition Consultation required Legal advice sought Interwoven information Other Total
All disclosed 0 0 0 2 2
Disclosed in part 8 0 14 9 31
All exempted 0 0 1 0 1
All excluded 0 0 0 0 0
Request abandoned 0 0 0 1 1
Neither confirmed nor denied 0 0 0 0 0
Total 8 0 15 12 35

2.6 Deemed refusals

2.6.1 Reasons for not meeting statutory deadline
Number of requests closed past the statutory deadline Principal reason
Workload External consultation Internal consultation Other
1 0 1 0 0
2.6.2 Number of days past deadline
Number of days past deadline Number of requests past deadline where no extension was taken Number of requests past deadline where an extension was taken Total
1 to 15 days 0 1 1
16 to 30 days 0 0 0
31 to 60 days 0 0 0
61 to 120 days 0 0 0
121  to 180 days 0 0 0
181 to 365 days 0 0 0
More than 365 days 0 0 0
Total 0 1 1
2.7  Requests for translation
Translation requests Accepted Refused Total
English to French 0 0 0
French to English 0 0 0
Total 0 0 0

Part 3: Disclosures under subsections 8(2) and 8(5)

Paragraph 8(2)(e) Paragraph 8(2)(m) Subsection 8(5) Total
0 2 2 4

Part 4: Requests for correction of personal information and notations

Disposition for correction requests received Number
Notations attached 0
Requests for correction accepted 0
Total 0

Part 5: Extensions

5.1  Reasons for extensions and disposition of requests
Disposition of requests where an extension was taken 15(a)(i) Interference with operations 15(a)(ii) Consultation 15(b) Translation or conversion
Section 70 Other
All disclosed 0 0 0 0
Disclosed in part 7 0 8 0
All exempted 0 0 0 0
All excluded 0 0 0 0
No records exist 0 0 0 0
Request abandoned 0 0 0 0
Total 7 0 8 0
5.2 Length of extensions
Length of extensions 15(a)(i) Interference with operations 15(a)(ii) Consultation 15(b) Translation purposes
Section 70 Other
1 to 15 days 3 0 3 0
16 to 30 days 4 0 5 0
Total 7 0 8 0

Part 6: Consultations received from other institutions and organizations

6.1 Consultations received from other Government of Canada institutions and other organizations
Consultations Other Government of Canada institutions Number of pages to review Other organizations Number of pages to review
Received during the reporting period 4 70 0 0
Outstanding from the previous reporting period 0 0 0 0
Total 4 70 0 0
Closed during the reporting period 4 70 0 0
Pending at the end of the reporting period 0 0 0 0
6.2 Recommendations and completion time for consultations received from other Government of Canada institutions
Recommendation Number of days required to complete consultation requests
1 to 15 days 16 to 30 days 31 to 60 days 61 to 120 days 121  to 180 days 181 to 365 days More than 365 days Total
All disclosed 1 1 0 0 0 0 0 2
Disclosed in part 0 1 0 0 0 0 0 1
All exempted 0 1 0 0 0 0 0 1
All excluded 0 0 0 0 0 0 0 0
Consult other institution 0 0 0 0 0 0 0 0
Other 0 0 0 0 0 0 0 0
Total 1 3 0 0 0 0 0 4
6.3 Recommendations and completion time for consultations received from other organizations
Recommendation Number of days required to complete consultation requests
1 to 15 days 16 to 30 days 31 to 60 days 61 to 120 days 121  to 180 days 181 to 365 days More than 365 days Total
All disclosed 0 0 0 0 0 0 0 0
Disclosed in part 0 0 0 0 0 0 0 0
All exempted 0 0 0 0 0 0 0 0
All excluded 0 0 0 0 0 0 0 0
Consult other institution 0 0 0 0 0 0 0 0
Other 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0

Part 7: Completion time of consultations on Cabinet confidences

7.1 Requests with Legal Services
Number of days Fewer than 100 pages processed 101-500 pages processed 501-1000 pages processed 1001-5000 pages processed More than 5000 pages processed
Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed
1 to 15 0 0 0 0 0 0 0 0 0 0
16 to 30 0 0 0 0 0 0 0 0 0 0
31 to 60 0 0 0 0 0 0 0 0 0 0
61 to 120 0 0 0 0 0 0 0 0 0 0
121 to 180 0 0 0 0 0 0 0 0 0 0
181 to 365 0 0 0 0 0 0 0 0 0 0
More than 365 0 0 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0 0 0
7.2 Requests with Privy Council Office
Number of days Fewer than 100 pages processed 101-500 pages processed 501-1000 1001-5000 pages processed More than 5000 pages processed
Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed
1 to 15 0 0 0 0 0 0 0 0 0 0
16 to 30 0 0 0 0 0 0 0 0 0 0
31 to 60 0 0 0 0 0 0 0 0 0 0
61 to 120 0 0 0 0 0 0 0 0 0 0
121 to 180 0 0 0 0 0 0 0 0 0 0
181 to 365 0 0 0 0 0 0 0 0 0 0
More than 365 0 0 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0 0 0

Part 8: Complaints and investigations notices received

Section 31 Section 33 Section 35 Court action Total
3 2 1 0 6

Part 9: Privacy impact assessments (PIAs)

Number of PIA(s) completed 2

Part 10: Resources Related to the Privacy Act

10.1  Costs
Expenditures Amount
Salaries $565,129
Overtime $0
Goods and services $182,061
• Professional services contracts $31,608  
• Other $150,453
Total $747,190
10.2  Human resources
Resources Person years dedicated to privacy activities
Full-time employees 5.88
Part-time and casual employees 0.03
Regional staff 0.00
Consultants and agency personnel 0.24
Students 0.00
Total 6.15

Note: Enter values to two decimal places.