National Defence (Re), 2021 OIC 31

Date: 2021-11-10
OIC file number: 5821-00483
Institution file number: A-2020-01502

Summary

The complainant alleged that the Department of National Defence (DND) refused to process a request under the Access to Information Act for all records of misconduct by an identified individual.

DND refused to process the request claiming that the request for information about an individual other than the requester does not meet the requirements of section 6 of the Access to Information Act.

The Office of the Information Commissioner (OIC) viewed DND’s representations as falling well short of establishing that the request fails to provide sufficient detail to enable an experienced employee to identify records responsive to the request.

DND conceded that the request meets the requirements of section 6, and agreed to process the request as worded.

The complaint is well founded.

Complaint

[1]      The complainant alleges that the Department of National Defence (DND) refuses to process a request under the Access to Information Act for all records of misconduct by an identified individual.

[2]      DND refused to process the request claiming that the request for information about an individual other than the requester does not meet the requirements of section 6 of the Access to Information Act.

Investigation

Section 6: request for access to records

[3]      Section 6 requires that an access request, in order to be valid, be in writing to the institution that has control of the record. In addition, the request must provide sufficient detail to enable an experienced employee of the institution to identify the record with a reasonable effort.

Was the access request valid?

[4]      In response to questions posed during the investigation concerning the use of section 6, DND stated that:

• i)     the complainant “…failed to demonstrate their ‘right of access’ to the personal information of the other individual (…)”;
• ii)    “….the act of severing the records would render the records meaningless or create a false meaning…”;
• iii)   “…accessing and processing the other individual's personal information would be contrary to the purpose (consistent use) for which that information was obtained” and would “…be a breach of the other individual’s privacy”; and
• iv)    DND is unable to identify the requested records because it “…must adhere to principles of consistent use of personal information and avoid breaching privacy”.

[5]      The Office of the Information Commissioner (OIC) viewed these representations as falling well short of establishing that the request fails to provide sufficient detail to enable an experienced employee of the institution to identify records responsive to the request with a reasonable effort.

[6]      While the Access to Information Act sets out an exemption to the right of access for personal information (subsection 19(1)) (subject to specified conditions permitting disclosure [subsection 19(2)]), this does not render a request for information pertaining to another individual invalid.

[7]      Whether or not some or all of the requested information qualifies for exemption under subsection 19(1) and/or whether severance of the records “…would render the records meaningless or create a false meaning”, is not relevant to an institution’s ability to identify responsive records.

[8]      As for DND’s contention that the Privacy Act’s restrictions on institutions’ use and disclosure of personal information somehow authorizes its refusal to receive and process the request, the OIC pointed out that:

1. not only doesthe right of access to records under the control of a government institution set out in the Access to Information Act apply “notwithstanding any other Act of Parliament” (s.4(1));
2. but the Privacy Act expressly includes an exception to the restriction on use and disclosure of personal information “…for any purpose in accordance with any Act of Parliament (…)” (see, subsections 7(b) and 8(2) of the Privacy Act).

[9]      It was the OIC’s view that the request satisfies the requirements of section 6, i.e., the request:

• i)    seeks copies of all records of misconduct by a specific individual;
• ii)   specifies the name and service number of that individual; and,
• iii)   identifies offices within DND that should be included within the search.

[10]    DND conceded that the request meets the requirements of section 6, and agreed to process the request as worded. DND confirmed to the OIC that the request had been tasked to the relevant offices within DND and that processing of the request is underway.

[11]    Therefore, it is not necessary for the Information Commissioner to order DND to process the request.

Result

[12]    The complaint is well founded.

Section 41 of the Access to Information Act provides a right to the complainant who receives this report to apply to the Federal Court for a review. The complainant must apply for this review within 35 business days after the date of this report and must serve a copy of the application for review to the relevant parties, as per section 43.