Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.
CHAPTER 4- Notable Investigations
Each year, a number of our investigations stand out from the others for one reason or another. Often it is their complexity or the light they shed on the access to information system that makes them noteworthy.
This year, three of the investigations we summarize below highlight the importance of the duty of institutions to help requesters in any way they can with their access requests. This duty to assist, as it's known, has always been an implied duty of institutions; now it is entrenched in the Access to Information Act itself, as a result of amendments that were introduced in the Federal Accountability Act.
We also look at a case involving the newest in communications technology, the BlackBerry, and one of the newest institutions to become subject to the Act, the Canadian Broadcasting Corporation.
Going the distance
This case highlights the commitment of one institution to finding an innovative way to resolve a complaint and the Office's role in making this happen. This was particularly noteworthy because the institution faced the competing interests of disclosing information under the Access to Information Act and protecting personal information under the Privacy Act.
The requester asked Health Canada for an electronic copy of the entire database of the Canadian Hospitals Injury Reporting and Prevention Program (CHIRPP). CHIRPP is a surveillance system that collects detailed health information on the circumstances of injuries treated at the emergency departments of 10 paediatric and four general hospitals across Canada.
The program was launched at Health Canada in 1990 and now resides within the Public Health Agency of Canada. Officials there analyze the injury records and share the analysis with a wide range of stakeholders for policy and program development and evaluation, and for public health research.
At the time of the request, the database comprised approximately 1.5 million individual records, each having 82 data fields.
Even though Health Canada extended the deadline for disclosing the information, it was unable to meet it. While officials were actively working on the request, including having several discussions with the requester to explore options to provide access that would not compromise patient privacy, the requester complained to us about the continuing delays.
Resolving the complaint
Health Canada's challenge was to find a way to assess an enormous number of records without having to look at each one and to release as much information as possible while ensuring that none of it would identify individual patients.
With the assistance of an expert in statistical disclosure control methodology, officials developed computer programs that would protect personidentifiable information by making it anonymous, suppressing it or rolling up multiple pieces of information into one. Among this information were the injured person's medical record number, date of birth, sex, postal code and an abbreviation of his or her name.
Health Canada officials eventually disclosed a sample of the records for one calendar year and asked the requester for his comments before preparing data for the other years. The officials expected to be able release one year at a time, with each year's release taking approximately six weeks to produce.
The requester was not satisfied with the sample, stating that too much information had been withheld or collapsed. He also questioned Health Canada's proposal to release one year's worth of data at a time.
At this point, we had several discussions with Health Canada about how to meet the requester's requirements. Officials examined the information again and modified the computer programs in order to maximize the amount of information that could be released while still protecting patient privacy. They also explained to the requester that it was more manageable for them to manipulate and produce one calendar year's worth of data at a time, rather than preparing the entire release at once, because of the extensive computer programming involved. Over the course of the subsequent year, Health Canada released several years' worth of data.
Our role in this case was one of mediator. We brokered a workable solution that addressed and accommodated the respective needs and interests of both the requester and Health Canada. We also monitored the progress Health Canada was making on the request to ensure it was being advanced in as timely a way as possible under challenging circumstances.
This request took a long time to process because of a number of challenges Health Canada faced such as the size, amount and sensitivity of the information in the database, and the complexity of preparing the information for release in a way that would respond to the request but not compromise patient privacy.
This case serves as an excellent example of a federal institution providing every assistance to a requester before there was any legal requirement to do so. This is a hallmark of the duty to assist that is now entrenched in the Access to Information Act. Health Canada expended considerable time, effort and financial resources to find a solution that would respect the requester's right of access under the Act while meeting its own obligations under the Privacy Act. And, while the requester accepted the solution with reservations, he was satisfied that there had been genuine co-operation from all involved, and an attempt to balance competing privacy and access interests in a creative way.
You take it... No, you take it!
This case highlights how important it is that institutions clearly understand their obligations under the Access to Information Act and that they do everything they can to help individuals with their access requests.
An individual made four access requests to Industry Canada for information about financial contributions made to named individuals through Aboriginal Business Canada. At the time of the requests, this program was being transferred from Industry Canada to Indian and Northern Affairs Canada (INAC). A memorandum of understanding outlining the details of the transfer specifically stated that Industry Canada was to redirect access requests to INAC until the program files were transferred to INAC after which point INAC would handle all requests.
While the transfer was ongoing, Industry Canada attempted to redirect the four requests to INAC, since it could no longer legally process them. INAC refused to accept the requests, saying that it did not as yet have control of the program records. Industry Canada officials explained this to the requester and suggested that he submit his requests directly to INAC. The requester did so and then complained to us.
Resolving the complaint
We were not instrumental in resolving the complaint; nevertheless we found that both institutions failed the requester, leaving him caught in the middle and fending for himself, because officials could not agree on their respective obligations. Although INAC did process the requester's second set of requests, and did disclose the records he was looking for, both institutions did him a disservice by not resolving their differences when he first made his requests. This left the requester with no choice but to start over.
The duty to assist that is now such an important part of the Access to Information Act requires institutions to make every reasonable effort, particularly in unusual situations, such as when a program gets transferred from one institution to another, to help requesters gain access to the information they seek.
Balancing the risks and benefits
How does a government institution balance the public's right to information with the need to protect safety and security in a time of war? Investigations of complaints related to Canada's military mission in Afghanistan shed light on this important question and the need of institutions to communicate clearly with requesters.
We received more than 100 complaints in 2007-2008 from the media, members of Parliament, academics and the public related to access requests for information about various aspects of the Afghanistan mission, such as operations, related events and activities, treatment of detainees, and policies.
A few of these requests garnered considerable media and public attention and complaints to our office. In April 2007, for example, the print media reported allegations of concealment, heavy censuring and political interference at the Department of Foreign Affairs and International Trade (DFAIT). This was because DFAIT had not revealed certain information about human rights abuses of Afghan detainees in response to access requests for an internal report, Afghanistan 2006, Good Governance, Democratic Development and Human Rights.
We also investigated complaints against the Department of National Defence that it had refused to disclose information about Afghan detainees, including lists, photographs, and medical conditions and other personal information.
Resolving the complaint
The allegations against DFAIT piqued the interest of the House of Commons Standing Committee on Access to Information, Privacy and Ethics, which decided to study the governance report to determine whether DFAIT had violated the Access to Information Act in any way. The Information Commissioner appeared before the Committee on May 31, 2007, but could say very little about our investigations since we must carry them out in private.
In the end, we reported to the complainants and informed the Committee that we found no evidence that government officials had concealed the existence of the report or other related documents, nor any evidence of political interference to suppress the information. However, we did find administrative delays in the processing of the requests and confusion about the existence of the report. DFAIT could have avoided this confusion, and the public brouhaha that ensued, if it had communicated more effectively with the requesters at the time their requests were processed.
DFAIT eventually disclosed much more information in the governance report to the requesters as a result of our intervention, although not all of it. We supported DFAIT's position to continue to withhold some details, mainly to avoid harming international relations.
During the course of the investigations into the complaints against the Department of National Defence, that department agreed to release as much information as possible while continuing to protect personal information. We supported its position to continue to withhold other information that would put the defence of Canada or Canada's allies at risk if disclosed.
The matter of the DFAIT report carries an important lesson for all institutions on the importance of communicating with, and serving requesters, particularly in the context of the duty to assist that is now entrenched in the Access to Information Act. In fact, the report of the House of Commons Standing Committee on Access to Information, Privacy and Ethics, issued in early April 2008, recommended that the government develop guidelines on how to implement the duty to assist (http://cmte.parl.gc.ca/cmte/CommitteePublication. aspx?COM=13184&SourceId=233921&Switch Language=1).
The attention around the Department of National Defence case brought to light a special group known as the Tiger Team that the Department had put in place to vet all access requests relating to the Afghanistan mission. Concerns were raised that this additional layer of review was causing delays in responding in a timely fashion to requesters, that the team was in fact deciding whether to release or withhold information rather than the access to information and privacy coordinator doing so, and that no information about the mission was being disclosed.
We do not know yet whether the Tiger Team is contributing to delays. However, we will have an opportunity to explore this during our report card process in 2008-2009. Meanwhile, requesters who are not satisfied with any institution's response to their access requests always have recourse to our office, and we will investigate their complaints objectively and thoroughly.
It is perhaps useful to remember that decision makers will naturally hesitate to release information that they believe could harm international relations, national defence or individual safety. However, it should also be remembered that federal institutions may only exempt information that would otherwise be releasable if they can show that it would cause harm if it were released. Another argument in favour of releasing information is that citizens will be better informed, which might lead to greater public understanding of initiatives such as the Afghanistan mission.
To delete or not to delete...
Are government institutions implementing policies on how employees are to maintain and manage information as they use new wireless communication technology?
A requester asked for all the PIN-to-PIN BlackBerry messages of the Clerk of the Privy Council and the Deputy Minister of Human Resources and Social Development Canada between March 1 and August 31, 2005. PIN-to-PIN messages allow one BlackBerry user to communicate with another using a personal identification number (PIN) and without the communication being recorded elsewhere.
After the Privy Council Office and Human Resources and Social Development Canada told the requester that no relevant documents existed, he complained to our office that the institutions had failed to keep government records. He was particularly concerned because he had made the requests just three weeks after the time period in question, which might indicate that the institutions lacked a proper record-keeping policy on BlackBerry messages.
Resolving the complaint
In the course of our investigation, we learned that the Privy Council Office and Human Resources and Social Development Canada had, in fact, drafted such policies. The policies identify PIN-to-PIN messages as records that either are transitory and, therefore, may be destroyed or that are of enduring value and must be retained in an institutional email account. The policies also state that any messages that exist on a BlackBerry at the time an access to information or privacy request is received are considered official records that must not be deleted and must be processed in response to the request.
We found no evidence that, in not retaining the BlackBerry messages of these two officials, these two institutions had failed to comply with their respective record-keeping policies. Once the messages were cleared from the devices, they were no longer retrievable on the devices. By the time the access requests were received, there were no such messages for the relevant period. These facts led us to conclude that the complaints could not be substantiated.
This case shows how important it is for institutions to keep on top of the proliferation of communications technology and to ensure that employees understand that communications with devices such as BlackBerrys produce records, just like documents, e-mails and voice mails, and that employees have a responsibility to manage them properly.
The Secretary of the Treasury Board reminded federal institutions in November 2005 of some of the principles of good information management, security and access to information and privacy responsibilities when employees use BlackBerrys. However, there is no uniform federal policy on PIN-to PIN communication and institutions have been advised to each craft their own policy.
Through our investigation, it became apparent to us that the goals of consistency and simplicity favour a single government policy. While we can assess these policies in the course of investigating a complaint, the Office also has a broader role to play in encouraging federal institutions to implement and enforce effective policies for the proper management of their information holdings, in collaboration with the Treasury Board Secretariat and Library and Archives Canada.
Tuning into a new frequency
An institution that recently became subject to the Act was immediately inundated with access requests and could not handle the volume. The Office worked alongside the institution in taking a flexible approach to resolving the complaints and a realistic timeline for doing so.
The Canadian Broadcasting Corporation (CBC) is one of several federal institutions that became subject to the Access to Information Act on September 1, 2007. Within three months, the CBC had received hundreds of access requests and found it impossible to meet the 30-day response deadline under the Act.
In a December 28, 2007, news release, the CBC announced that it was "beefing up its Access to Information Office to respond to a greater-than- anticipated volume of requests" and address the delays. It promised to put in place processes and resources to respond to the flow of requests as quickly as possible, including getting expert advice on how best to reorganize its resources, and actively filling additional positions to help it administer the backlog and get on a better footing in the subsequent months.
While the CBC was wading through the large volume of requests, our office was flooded with complaints-536 of them in six months, mostly from one source. Although some of the complaints concerned time extensions, fees, missing records and the use of exemptions or exclusions, the majority of them were about delays.
Resolving the complaint
We concluded that the bulk of the complainant's 383 delay complaints were valid, and the CBC resolved them to our satisfaction. A small number were either discontinued or found to be not substantiated.
CBC officials co-operated with us fully as we worked with them to establish target dates to respond to the requests. We worked with the complainant to prioritize some of them and reported weekly on the CBC's progress. By March 31, 2008, the CBC had responded to approximately 120 of the requests the complainant had brought to our attention. The CBC and our office agreed on a one-year target date to respond to all of the remaining ones. We reported to the complainant that we were satisfied that the CBC made a reasonable commitment and that the complainant would receive a response as each request was processed. We also informed the complainant that we would monitor the CBC's progress, and confirmed the complainant's right to complain to our office about any of the responses.
These complaints gave us an opportunity to take a different and more flexible approach to resolving delay complaints than we have in the past. We considered the CBC's circumstances: it had just become subject to the Act when it was inundated with hundreds of requests over a very short time period, and it did not have adequate resources to process them in a timely way. By negotiating a target date to respond to all the requests, the CBC could focus on the task of completing them, and we could close the complaint files but still monitor the CBC's progress to ensure that the complainant continues to receive responses.