The Information Commissioner’s investigation confirmed that the deposit demanded by the RCMP was far greater than the actual costs to the RCMP of complying with the request. Despite the large amount of data to be depersonalized and prepared for release on CD-ROM, simply designed and off-the-shelf software was available to accomplish the task using very little CPU processing time. Moreover, processing the request in a modern multi-tasking computing environment, CPU systems did not need to be entirely devoted to responding to the access request. In fact, the real machine-time costs of computing in this case were so low as to be unmeasurable.

In protracted discussions during the investigation, the RCMP recognized that one entire database need not be processed as it consisted entirely of personalized information and, while maintaining its legal position, the RCMP, on December 1, 2005, disclosed the requested records to the requester in electronic format, without charging any fees.

The fee regulations for computer time do not reflect the cost realities in modern computing environments. The regulations should not be interpreted as authorizing the collection of fees which exceed the actual direct costs of the associated computing (in fact, in 2005-06, the actual direct costs of computing time are negligible).

An individual concerned about the government’s refusal to pay interest on the retroactive amounts awarded to her by way of disability pension made an access request to Human Resources Development Canada (HRDC), now known as Human Resources and Social Development (HRSD), for records about Canada Pension Plan (CPP) Disability Plan. In particular, she asked for records concerning a recently launched class action suit against the government seeking interest on retroactive disability pension payments.

In response, HRSD provided 12 pages of records as well as a few previously released records. Only one record (the statement of claim) was provided (or exempted) concerning the related class action suit.

In particular, HRSD did not, in response to the request, search for relevant records which may have been held by the department’s in-house lawyers. HRSD took the view that its lawyers are employees of the Department of Justice and, even though the lawyers’ offices may be on HRSD premises, any records held exclusively by them and not shared with HRSD employees, are Department of Justice records, not HRSD records. Under this view, the requester would have to make an access request to the Department of Justice rather than to HRSD for any records the in-house lawyers might hold relating to the pension interest class action.

Does an access request, addressed to HRSD, cover records relevant to the request which are held by the HRSD legal branch?

The investigation confirmed that two class actions had been filed seeking payment of interest on retroactive CPP disability pension payments. HRSD’s in-house lawyers were seized of these actions, and HRSD was the "client" department.

The investigation confirmed that some 53 pages of records relevant to the access request were held exclusively in HRSD’s legal services branch.

The Information Commissioner concluded that the lawyer in HRSD’s legal branch, who had physical possession of records relevant to the access request, was an employee of the Department of Justice. He also took into account the fact that the records the lawyer possessed consisted of an exchange of communications between Department of Justice lawyers which were not shared (or intended to be shared) with HRSD employees.

In these circumstances, the commissioner concluded that the 53 records were not under the control of HRSD and, hence, a separate request would have to be made for them to the Department of Justice.

Although Department of Justice lawyers may be housed in and work for another government institution, not all records held by those lawyers will be considered to be under the control of the client department. Some record held by lawyers consist of communications between or among Department of Justice lawyers which are not shared with, or intended to be shared with, officials of the client department. Such records remain under the control of the Department of Justice and access requests for them must be addressed to the Department of Justice.

A member of the media heard rumours that a particular member of the Immigration Refugee Board (IRB) habitually rejects the refugee claims of Muslim and Arab claimants without good reason. The journalist made access requests to the IRB for statistics about the outcomes of refugee claims cases heard by the Board member.

In response, the IRB refused to disclose the requested information, and it relied on two provisions of the Access to Information Act to justify its decision – paragraph 16(1)(c) and subsection 19(1). Paragraph 16(1)(c), the protection of law enforcement exemption, authorizes refusal to disclose information the disclosure of which could reasonably be expected to be injurious to law enforcement. Subsection 19(1), the protection of privacy exemption, authorizes refusal to disclose information about identifiable individuals.

Is it justifiable to keep secret the decision record of a quasi-judicial officer on either privacy grounds or on the grounds of protection of law enforcement efforts?

The access requester pointed out that the IRB had released such statistics in the past. She could conceive of no way in which disclosure would interfere with the IRB’s work. She also argued that the decision record of a public official, especially a specialized judge, could not properly be considered the decision-maker’s personal information. The requester emphasized the importance of holding the IRB accountable through transparency of its process. Here are her words:

"As you know, failed refugee claimants in Canada are not entitled to an appeal based on the merits of their cases. Appeals to the Federal Court on the grounds that a decision contains an error of law are rarely heard, and rarely successful. It is therefore extremely important that IRB members make good decisions. The public must be able to properly scrutinize the work of those members, especially if there is a concern that a member has a pattern of making bad decisions. That requires access to the kind of information I was denied."

For its part, the IRB argued that statistics on decision outcomes could be highly misleading. If, for example, a member’s caseload consisted of claims from certain regions or specific types, skewed results (either pro-acceptance of claims or vice versa) could be perfectly normal and not indicative of any bias or arbitrariness by the decision-maker.

The IRB argued that the use by the media of previous disclosures of acceptance rates proved its point; a member was named a "refusenik" by the Globe and Mail, a claim the newspaper later retracted. Here is how the IRB expressed its concern:

"Acceptance and rejection rates appear to indicate whether decision-makers are more or less likely to accept the claims, which come before them. However, the requested statistics are highly misleading because they fail to take account of relevant factors. For example, the decision-maker named by the Globe and Mail as the member who had allegedly rejected all cases he heard in the specified time period had, in fact, heard few cases in the specified region since he works regularly in another region. Such statistics also fail to assess the types of cases assigned to decision-makers. For example, a member who works on large numbers of ‘expedited claims’ (claims which appear to be ‘manifestly founded’ from the outset) will have high positive rates while members who work on many claims from democratic nations will have high negative rates."

The Information Commissioner felt that it was entirely within the IRB’s control to provide contextual information to help requesters fully understand statistical information about the acceptance rates of IRB members. He also rejected the IRB’s concerns about "judge shopping", since the assignment of cases is entirely within the IRB’s control. For these reasons he did not accept the IRB’s contention that disclosure of acceptance rates could reasonably be expected to be injurious to the IRB enforcement of the Immigration Act.

With respect to the "personal information" exemption (subsection 19(1)), the Information Commissioner concluded that the requested information – the outcomes of quasi-judicial decision-making – is not information about the deciders; it is, rather, their "work product". He also concluded that Parliament’s intention that the requested information not receive privacy protection is made clear by the definition of "personal information". In particular, paragraph 3(j) of the Privacy Act states that information relating to the position or functions of a public official does not qualify for privacy protection. As well, subparagraph 8(2)(m)(i) of the Privacy Act authorizes the disclosure of personal information where the public interest in disclosure clearly outweighs any invasion of privacy that could result.

With respect to the matter of the public interest in disclosure, the Information Commissioner concluded that the public interest in the accountability of the IRB through transparency clearly outweighs any possible negative effects on the reputation of the Board and its members from disclosure of statistics on decision outcomes, especially when the IRB is fully able to disclose any needed contextual information to aid in the interpretation of such statistics.

The IRB agreed to disclose the requested information.

The Access to Information Act does not permit government institutions to rely on secrecy as a means of winning and keeping public respect and confidence. To the contrary, the Act fosters the accountability of government institutions through transparency. The need for disclosure is especially important when a government institution exercises quasi-judicial powers – making decisions which directly affect the rights and liberties of individuals.

Case 4 - May a Government Institution Unilaterally Convert an Access to Information Act Request into a Privacy Act Request?

A lawyer made requests, on behalf of two clients, to the Canada Revenue Agency (CRA) under the Access to Information Act. The requests were for records relating to the clients’ income tax affairs. The requests were made on official access to information (ATI) request forms, accompanied by the required application fees. Approximately one week after receiving the requests, CRA wrote to the lawyer to say that the requests did not comply with section 6 of the Act. Section 6 requires that access requests "provide sufficient detail to enable an experienced employee of the institution with a reasonable effort to identify the record."

The lawyer did not understand how he could be more specific because he wanted all records held by CRA concerning their income tax affairs. He made a complaint to the Information Commissioner.

CRA decided to proceed to gather the responsive records, but also decided, unilaterally, to convert the ATI requests into Privacy Act requests.

Must an access requester formulate requests with specifics as to what branches of the institution may hold the records, or what functional areas are relevant to the subject of the request? That was one issue raised by this complaint. The second was whether a government institution may, unilaterally, convert an ATI request into a Privacy Act request.

The Information Commissioner concluded, on the first issue, that section 6 of the Act does not require a sophisticated knowledge, on the part of the requesters, concerning the organization, business processes, records management systems, or functional divisions of the government institution to which a request is made. Rather, it assumes that experienced officials of the government institution will do their part to comply with requests, even if the requests are for all records on a particular topic.

The Information Commissioner acknowledged that it is always good practice for government institutions to clarify requests, and for ATIP officials to keep in close communication with requesters so that access requests are well-formulated and well-understood. The Information Commissioner emphasized, however, that the Act gives no authority to government institutions to decide that access requests which are broadly worded are improper.

With respect to the second issue, the Information Commissioner concluded that requesters have the right to choose whether to make requests for information under either the Access to Information Act or the Privacy Act. Some requesters will choose to request information about themselves under the Access to Information Act because a greater array of records is available under that Act (whereas, under the Privacy Act, one may only receive access to one’s own personal information). On the other hand, there are fees for making a request and obtaining copies under the Access to Information Act, while there are no fees under the Privacy Act. It is up to the requester, however, not the receiving institution, to decide which Act should govern the processing of the request.

CRA agreed to process the requests under the Access to Information Act, without further clarification, and responses were provided.

Government institutions walk a fine line when trying to be helpful to access requesters. For example, they may believe that fees could be eliminated if an access request is converted into a Privacy Act request. Even if that is the prudent course, it should not be taken without the requester’s consent. And, too, institutions may feel that the time and fees associated with a broadly worded access request could be reduced if the request is more narrowly focused. Even if they are correct, it is rarely an acceptable answer to decide that the request does not comply with section 6. The prudent course is to develop a good communication with the requester to encourage a reformulation of the request; if the requester wishes to proceed with a broadly-worded request, that is his or her right.

A journalist made access requests to the MacKenzie Valley Land and Water Board (MVLWB) seeking copies of the expense claims and monthly government credit card bills for a former chairperson of the MVLWB. In response, the Board refused to disclose the requested records, pursuant to subsection 19(1) of the Access to Information Act, to protect the privacy of the former Board chairperson. The requester complained to the Information Commissioner.

Do a public official’s expense claims and government credit card bills constitute the official’s personal information which may be exempted from the right of access under subsection 19(1) of the Act?

The Information Commissioner noted that this issue is not new. Indeed, most government institutions now post expense and travel claims of senior public officials on their websites. The reason for this level of openness is that the definition of "personal information" (which may be kept secret) contains an explicit exception for information about present or former public officials which relates to their position or functions (see paragraph 3(j) of the Privacy Act).

The MVLWB accepted the commissioner’s views and disclosed the requested records.

Public officials do not have as much privacy protection as do others. It is a "red flag" when a government institution justifies secrecy about the actions of its officials on the grounds of protecting their privacy. While a zone of privacy does remain for public officials, it is limited, and does not extend to records about their expense claims and use of government credit cards.

While in a Canadian jail, awaiting deportation, an individual made an access request to the RCMP for copies of agreements between U.S. agencies and the RCMP regarding the sharing of information. Some four months after receiving the request, the RCMP still had not given out the records; it had missed the response deadline by some three months. Yet, at that point, the requester had been deported. The RCMP decided that the requester had lost his right of access because he was no longer present in Canada. The RCMP informed the requester that his "requests are no longer deemed to be valid and are considered by this office to be abandoned." The requester complained to the Information Commissioner.

If an individual is entitled to make access requests by virtue of being present in Canada, is the entitlement lost if the person ceases to be present in Canada before the response is given?

In this case, the issue was made more complex by the fact that, but for the RCMP’s foot-dragging, the response might have been issued before the requester’s deportation.

The requester argued that, by virtue of Extension Order No. 1, he was properly qualified to make his access request, that his entitlement did not cease upon his deportation and that, if the RCMP had answered in a timely manner, he would have received his records while present in Canada. Section 2 of the Access to Information Act Extension Order No. 1 states:

"2. This right to be given access under subsection 4(1) of the Access to Information Act to records under the control of a government institution is hereby extended to include all individuals who are present in Canada but who are not Canadian citizens or permanent residents within the meaning of the Immigration Act and all corporations that are present in Canada."

The RCMP also invoked Extension Order No. 1 as authority for its view. It pointed to the opening words: "This right to be given access …"; in the RCMP’s view, these words make it clear that the requester must be in Canada both at the time of the request and at the time access is given. In support of its position, the RCMP pointed to the Treasury Board Guidelines, Chapter 2-2, page 1, which states that the requester (unless otherwise qualified) must be physically in Canada "both at the time that the request is filed and at the time that access is given".

The Information Commissioner concluded that the RCMP, and the Treasury Board Guidelines, had misinterpreted the intent of Extension Order No. 1. In particular, the Information Commissioner concluded that the RCMP’s interpretation was too open to abuse to be appropriate. In the Information Commissioner’s view, the critical moment is the date of the access request; if the requester is "qualified" at that date, then he or she has a continuing right to receive access even if the qualification is subsequently lost.

The RCMP, without giving up its legal position, but recognizing that its own delay was a cause of the problem, agreed to continue processing the request.

Cases such as this one will be rare. The better practice in such cases is for government institutions to respect the right of access if the process was triggered by a qualified requester, even if the requester thereafter ceases to be qualified.

An individual associated with the hobby of medal collecting made frequent access requests to the Library and Archives of Canada (LAC) for information about the deceased persons who had been awarded the medals. The requester was aware that, by virtue of paragraph 3(m) of the Privacy Act, such information is protected "personal information" unless the medal recipient has been dead for 20 years or more. In the past, the LAC had been willing to assist the requester by verifying whether or not proof of death was contained in the file and, if so, whether it showed that 20 years or more had elapsed since death. By so doing, the LAC assisted the requester in determining whether or not he was entitled to receive the medal recipient’s file.

The complaint to the Information Commissioner was made after LAC changed its policy; it would no longer assist the requester in determining date of death. If the requester could not prove that he was seeking information about a person who had been dead for 20 years or more, LAC would not even begin looking through the requested file; rather, it would simply refuse access based on subsection 19(1) of the Access to Information Act.

Who has the onus to prove that requested information is "personal" and, hence, qualifies for exemption from the right of access under subsection 19(1) of the Act? Is it the requester? Is it the government institution?

The investigation confirmed that LAC had changed its policy, now placing the onus on the requester to provide proof of death when seeking records about other persons – even if proof of death is contained on file. The LAC did not consider that it should continue to undertake confirmation of death research for access requesters, in order to verify for them whether or not requesters have a right of access to another person’s information.

The Information Commissioner disagreed with the LAC view. The jurisprudence is clear that the onus of proof that secrecy is justifiable is on the party asserting it, in this case, on the LAC. Before the LAC may invoke subsection 19(1) to refuse disclosure of requested information, it must be satisfied that the information is "personal", and information about a person who has been dead for 20 years or more is not "personal".

Consequently, if there is proof in the file that a person has been dead for 20 years or more, then the information must be disclosed to the requester.

The LAC promised to review its policy, and it disclosed the specific records requested by the complainant.

Whenever a government institution proposes to refuse disclosure on the basis of subsection 19(1) of the Act, it bears the onus of demonstrating that the information is "personal". If there is evidence in the file that the person to whom the information relates has been dead for 20 years or more, then the information is not "personal" and access may not be denied under subsection 19(1).

An anonymous letter was received by the Information Commissioner, alleging improprieties within Citizenship and Immigration Canada in the processing of access requests. In particular, the writer alleged interference in, and delay of, the process by the Minister’s Office. As well, the writer alleged widespread disclosure within the department of the identities of access requesters.

Based on these allegations, the Information Commissioner initiated a complaint on his own motion and commenced an investigation.

Does the Minister’s Office have an involvement in the processing of access requests in Citizenship and Immigration Canada and, if so, is such involvement proper? Are the identities of access requesters used and disclosed in accordance with the requirements of the Privacy Act? These were the principal issues addressed by the investigation.

With respect to the involvement of the Minister’s Office, the investigation confirmed that, in the past, the Minister’s Office was part of the access to information process. Without a sign-off from the Minister’s Office, access requests could not be answered. However, because of the delays caused by such a process, the department had made significant changes.

At the time of the investigation (and for some 6-8 months prior to it), the Minister’s Office received notice of selected impending access disclosures, but it played no approval role or did it have any delaying effect. The investigation confirmed that the Minister’s Office played no role in deciding whether or not to exempt requested information.

With respect to the issue of disclosure of requester identities, the investigation determined that care was taken by officials to disclose requester identities only to the extent necessary to process the request. For example, officials in operating areas who are tasked to find requested records are not informed of the requesters’ identities; neither are identities disclosed to senior officials or the Minister’s Office.

Consequently, the commissioner was satisfied that the anonymous allegations did not have merit at the time they were investigated.

Departments are becoming more sensitive to the need to separate their access to information process from their communications services to the minister. By so doing, delays and unnecessary disclosures of requester identities are likely to be avoided.

A journalist made a request to the Canada Revenue Agency (CRA) for access to a copy of the report (or draft report) of an internal audit of travel and hospitality expenses. At the time of the request, the report of the audit had not been approved by the CRA’s management, so it was considered to be a draft report. CRA decided to refuse access to any portion of the report relying on paragraphs 21(1)(a) and (b) of the Access to Information Act to justify its decision. The requester did not accept that every portion qualified for exemption, and he complained to the Information Commissioner.

Paragraph 21(1)(a) authorizes refusal to disclose internal advice or recommendations; paragraph 21(1)(b) authorizes refusal to disclose accounts of internal consultations or deliberations. CRA argued that the very purpose of audit reports is to provide senior management with advice and recommendations and that such reports contain accounts of consultations and deliberations among public officials. Moreover, the CRA argued, the very process of getting approval for a draft audit report is itself a "consultation and deliberation" – a process which should be kept confidential. According to CRA, it fully intended to publicly disclose the final report, but did not consider it appropriate to disclose a draft version which might contain misleading, incorrect or incomplete information.

The Information Commissioner reminded CRA of its obligation, set out in section 25 of the Act, to avoid blanket secrecy in favor of a page-by-page, line-by-line analysis into specific portions which may deserve secrecy. For example, the Information Commissioner reminded CRA that factual and background information would not qualify for exemption and should be disclosed.

The department agreed that it should not have decided to withhold the entire draft audit report; it agreed that portions could have been severed and disclosed without revealing advice, recommendations or accounts of consultations or deliberations.

The requester suggested that, rather than asking the CRA to prepare and release a severed version of the draft report, the CRA be asked to give him an advance copy of the final version, when it was ready. CRA agreed, and, on that basis, the complaint was considered resolved.

In most institutions there is concern about disclosure, under the Act, of draft audit reports or audit reports in the approval process. Some of this concern relates to the integrity of the audit process (i.e. concerns about incomplete, inaccurate, or misleading content); some of the concern relates to a perceived need to "manage the message". Most government institutions do not wish to disclose audit reports until the institution’s head, its public affairs branch, and, in some cases, central agencies have been fully informed, and until a communications "plan" or "line" has been developed. No matter what the concern, however, it is rarely justifiable to withhold a draft report in its entirety. By their nature, audit reports contain descriptive and factual information that will not qualify for section 21 exemptions.