Frequently asked questions: Processing of an Access to information request
Can my identity be shared in the processing of an Access to information request?
The identity of a requester is considered personal information and should only be shared on a “need to know basis” in accordance with the principles of the Privacy Act.
Under 4(2.1) of the Access to Information Act, government institutions must make every reasonable effort to provide timely and accurate responses without regard to the identity of requestors.
In a 2015-16 investigation, the Information Commissioner found that the institution had created and circulated a list of all requestors seeking records relating to a specific Minister’s expenses. The Commissioner concluded that the institution had failed to take appropriate measures to safeguard the identities of the requesters.
Who has the authority to make decisions on access requests?
Under the Act, the head of the government institution is responsible to respond to access requests and make all the decisions related to it (application of exemptions, severance, etc.).
Section 95 provides that the head can delegate theirs powers, duties and functions under the Act to any officer or employee. This is done through a delegation order. Only the head of the institution and those listed in the delegation order have the authority to make decisions with respect to access requests and the Commissioner’s investigations under the Act.
For example, when a member of a Minister's office instructed public servants to retrieve the original release package and later instructed them to release only one chapter of the report, the Commissioner concluded that he interfered with the release of records under the Act. This was because the ministerial staff member had no delegated authority to make any decisions on access to information matters, no legal authority to challenge interpretations of or reverse a decision properly made under the Act by departmental officials having delegated authority to do so.