We have archived this page on the web

The information on this page is for reference only. It was accurate at the time of publishing but may no longer reflect the current state at the Canada Border Services Agency. It is not subject to the Government of Canada web standards.

Annual Report to Parliament on the Privacy Act
Canada Border Services Agency 2017-2018

This document is also available in PDF (1.5 Mb) [help with PDF files]

Table of Contents

Chapter One: Privacy Act Report

Introduction

The Canada Border Services Agency (CBSA) is pleased to present to Parliament, in accordance with section 72 of the Privacy Act, its annual report on the management of this Act. The report describes the activities that support compliance with the Privacy Act for the fiscal year commencing , and ending . During this period, the CBSA continued to build on successful practices implemented in previous years.

The purpose of this Act is to extend the present laws of Canada that protect the privacy of individuals with respect to personal information about themselves held by a government institution and that provide individuals with a right of access to that information.Footnote 1

As stated in subsections 72(1) and 72(2) of the Privacy Act, “The head of every government institution shall prepare for submission to Parliament an annual report on the administration of this Act within the institution during each financial year.… Every report prepared under subsection (1) shall be laid before each House of Parliament within three months after the financial year in respect of which it is made or, if that House is not then sitting, on any of the first fifteen days next thereafter that it is sitting.”Footnote 2

Organization

I. About the Canada Border Services Agency

Since 2003, the CBSA has been an integral part of the Public Safety Canada (PS) portfolio, which was created to ensure coordination across all federal departments and agencies responsible for national security and the safety of Canadians.Footnote 3 The CBSA itself is responsible for providing integrated border services that support national security and public safety priorities and facilitate the free flow of persons and goods, including animals and plants, that meet all requirements under the program legislation.

The CBSA carries out its responsibilities with a workforce of approximately 14,000 employees, including over 7,000 uniformed CBSA officers who provide services at approximately 1,100 points across Canada and at 36 international locations.

II. Access to Information and Privacy Division

The Access to Information and Privacy (ATIP) Division is comprised of six units: an Administration section, three Case Management units, and two Policy units. The Administration section’s function is to receive all incoming requests and consultations, to ensure quality control of all outgoing correspondence, and to support the Case Management units in their day-to-day business. The Case Management units assign branches and regions with retrieval requests, process requests under the Privacy Act, and provide daily operational guidance and support to CBSA employees. The ATIP Policy and Governance Unit develops policies, tools, and procedures to support ATIP requirements within the CBSA and provides training to employees. The Information Sharing and Collaborative Arrangement Policy Unit maintains the policy framework for the CBSA’s information sharing and domestic written collaborative arrangements. On average, 60 full-time equivalents, and seven part time and casual employees were employed in the ATIP Division during fiscal year 2017–2018.

The ATIP coordinator for the CBSA is the Director of the ATIP Division. The ATIP Division is part of the Corporate Secretariat, which reports to the Vice-President (VP) of the Corporate Affairs Branch. Consistent with best practices identified by the Treasury Board of Canada Secretariat (TBS),Footnote 4 the CBSA's ATIP coordinator is positioned within three levels of the President and has full delegated authority, reporting directly to the Director General of the Corporate Secretariat, who in turn reports to the VP of the Corporate Affairs Branch.

Key to maintaining compliance with the statutory time requirements of the Privacy Act is the ATIP Division’s ability to obtain personal information from branches and regions in a timely and reliable manner. Supported by a network of 17 ATIP liaison officers across the CBSA, the ATIP Division is well positioned to receive, coordinate, and process requests for personal information under the Privacy Act.

The ATIP Division works closely with other members of the PS portfolio, including the Canadian Security Intelligence Service, the Correctional Service of Canada, the Parole Board of Canada, and the Royal Canadian Mounted Police, to share best practices and develop streamlined processes for the retrieval of jointly held records within the 30-day legislated time frame required to respond to privacy requests.

Activities and Accomplishments

I. Performance

Fiscal year 2017–2018 saw record high volumes of privacy requests made to the CBSA. The record volumes are largely attributable to individuals seeking copies of their history of arrival dates into Canada. In fiscal year 2017–2018, 80% of all the privacy requests received by the CBSA came from individuals seeking their Traveller History Report, which contains information used to support residency requirements for programs administered by Immigration, Refugees and Citizenship Canada (IRCC) and Employment and Social Development Canada (ESDC).

The CBSA continued to see high volumes of privacy requests submitted through the Access to Information and Privacy Online Request tool. Through this tool, the Agency received 8,898 requests, which amounted to 66.3% of all privacy requests received by the CBSA.

The CBSA continued to offer the electronic format for responses to privacy requests. Although electronic format made up only 11.1% of all formal privacy requests that were either all disclosed or disclosed in part in fiscal year 2017–2018, these requests accounted for 88.1% of all the pages the CBSA disclosed in their entirety or disclosed in part this fiscal year.

The ATIP Division also provided case-by-case policy guidance to CBSA program areas related to the disclosure of information under section 8 of the Privacy Act and section 107 of the Customs Act. In total, the ATIP Division received 1,592 requests for guidance in fiscal year 2017–2018, representing an increase of 18.8% over the previous year.

II. Education and Training

In fiscal year 2017–2018, the ATIP Division continued to conduct bilingual training sessions that supported the implementation of streamlined processing procedures and built an awareness of ATIP obligations. These sessions are designed to ensure that the participants fully understand their responsibilities under the Privacy Act, with a focus on requests made pursuant to the Act and the duty to assist principles. Fifteen sessions were offered, with 204 National Capital Region (NCR) and regional employees taking part.

CBSA employees also took advantage of the free online course entitled “Managing Information at the Canada Border Services Agency and the Access to Information Act and the Privacy Act.” This one-hour online course was designed to provide employees with the basic principles for effectively managing information in their daily work. After completing this course, employees will have acquired the knowledge to better identify various types of information, learned how requests under the Access to Information Act and the Privacy Act are handled, and learned about their responsibilities throughout the process. A total of 689 participants completed the online training in fiscal year 2017–2018.

Moreover, the ATIP Division delivered 11 in-class training sessions on section 107 of the Customs Act, as well as basic information sharing, disclosure of intelligence-related information, and business line specific training sessions to 238 employees in the NCR and across the regions. In addition, before attending the in-class training, employees are advised to complete the interactive online training course, regarding information sharing that was developed by the ATIP Division.

Further, the ATIP Division developed a communications plan to raise employees’ awareness of their obligations under the Privacy Act. The plan leverages key dates, such as Data Privacy Day, and other activities at the CBSA to promote ATIP tools, resources, and awareness.

Finally, the ATIP Division continues to actively participate in the TBS-led ATIP coordinators’ and ATIP practitioners’ meetings. These meetings provide opportunities for ATIP employees from the CBSA to liaise with employees from other institutions to discuss various issues and challenges that have been identified by the ATIP community.

III. New and Revised Privacy-related Policies and Procedures

During fiscal year 2017–2018, the CBSA continued to revise existing policies and to develop new ones.

The ATIP Division has taken a number of measures to enhance and promote ATIP tools that are readily accessible to CBSA employees by utilizing Apollo (GCDocs). To this end, we are able to ensure that the ATIP intranet site is up to date and available to all CBSA employees. This allows the ATIP Division to quickly share information and best practices and to facilitate collaboration across the Agency.

During the reporting period, the Policy and Governance Unit developed an ATIP Handbook. This handbook is designed to help ATIP employees in their day to day work. It includes reference material and provides clear guidance on CBSA policy and procedures which can be easily referenced. The first issue of the Handbook focused on the Administrative section of the ATIP Division. The second issue, currently underway, will focus on the day to day work of the Case Management units. The Handbook will remain an evergreen document subject to updates and revisions.

Additionally, the policies and procedures surrounding the processing of privacy breaches were reviewed and updated. This includes a new tool to determine the severity of the breach as well as reporting procedures and reference material.

The CBSA has also been participating in the Department of Justice working groups looking at updating the Privacy Act. Some of the factors that are being examined by the Privacy Act Renewal working groups are the changes to the Privacy landscape over the years, including Canadian jurisprudence, best internationals practices, technology, the pace of technological changes, and today’s operational realities. The CBSA will continue to participate in the Privacy Act Renewal working groups.

The ATIP Division continued to provide the service of informally reviewing CBSA records for internal programs as if they had been requested under the Privacy Act. The ATIP Division received 84 internal requests of this nature in fiscal year 2017–2018.

The ATIP Division closely monitors the time it takes to process privacy requests. Monthly reports, which show trends and performance, are submitted to the managers of the Case Management units, the Director of the ATIP Division, and the Director General of the Corporate Secretariat. Monthly reports consisting of statistics on the performance of the offices of primary interest are also distributed to all ATIP liaison officers. Finally, quarterly trend reports portraying the overall performance of the Agency are reviewed and discussed during meetings of the Agency’s Executive CommitteeFootnote 5 and are included in the Agency Performance Summary.

IV. Reading Room

The CBSA, in accordance with the Privacy Act, maintains a reading room for applicants who wish to review material in person at the CBSA. Applicants may access the reading room by contacting the CBSA's ATIP Director by telephone at 343-291-7021 or by sending an email to ATIP-AIPRP@cbsa-asfc.gc.ca. The reading room is located at:

Place Vanier Complex, 14th Floor, Tower A
333 North River Road
Ottawa, Ontario K1A 0L8

V. Audits of, and Investigations into the Privacy Practices of the Canada Border Services Agency

In 2017–2018, the CBSA underwent an audit by the Office of the Privacy Commissioner of Canada (OPC) concerning the national security reporting activities at the National Targeting Centre. The audit was completed in the fall of 2017 and the recommendations are as follows:

Recommendation Management Response

The CBSA should ensure that only the personal information which is directly related to and demonstrably necessary for the purposes of administering the Scenario-Based Targeting (SBT) program is collected and retained by the National Targeting Center (NTC) and Border Services Officers

The CBSA should document the steps it takes to ensure that personal information used by the SBT program is as accurate, up-to-date and complete as possible.

Agreed. Based on the Office of the Privacy Commissioner observations and the Agency’s commitment to maintain the highest regard for the privacy of personal information, we will review and modify, as required, internal procedures and related training courses to confirm that only information related to and demonstrably necessary for the program is collected and retained. This update will include a description of the steps to be taken to confirm that the information used is as accurate, up-to-date and complete as possible.

As part of the Agency’s commitment to the protection of personal information, the CBSA NTC has proactively ceased the notation of Canada Revenue Agency transitory information within NTC records as of .

The CBSA should revise its Memorandum of Understandings (MOU) with domestic and international partners to ensure they contain specific provisions to limit retention and use of data that is obtained from the CBSA for purposes of database checks. Such provisions should mitigate against any ongoing suspicion of people who have been determined to not pose a threat to national security.

Agreed. The CBSA is already engaged with key domestic partners at differing stages regarding MOU development, and every document will be vetted specifically during the drafting or revision process to ensure the appropriate safeguards are incorporated. Similarly, international partners will be engaged where necessary, to enhance provisions within existing treaties and MOUs to limit the retention and use of date from the CBSA. The CBSA is committed to ensuring that all future international treaties and MOUs include such provisions. As an interim step, the CBSA will undertake an internal scan of key MOUs.

It is the CBSA’s current practice, as agreements or arrangements are implemented or renewed, to ensure these documents include appropriate privacy protections such as caveats warning against onward disclosure, an obligation to correct information, and to report any privacy breaches involving specific information to the entity that provided the information so that appropriate remedies can be applied. Other provisions may include auditing arrangements between the participants in an arrangement or parties to an agreement.

The CBSA should formally review individual national security scenarios for privacy, human rights and civil liberties impacts prior to launch and on an ongoing basis. Decisions made to modify or delete scenarios on the basis of such reviews should be documented.

Agreed. The CBSA will review individual national security scenarios for privacy, human rights and civil liberties impacts prior to launch and on an ongoing basis. All modifications will be documented.

It is the practice of the CBSA Scenario Management Committee to conduct monthly reviews of scenarios for effectiveness, lawfulness and all modifications and deletions are documented. To date, the CBSA has not identified violations of privacy, human rights and civil liberties within national security based targeting rules.

Privacy impacts will be addressed within the Air Passenger Targeting Privacy Impact Assessment.

The CBSA should continue its efforts to refine existing processes for review and modification of national security scenarios to ensure scenario factors are carefully tailored to limit the collection of personal information, minimize intrusiveness and ensure proportionality.

The criteria for measuring the success of national security scenarios should include some measurement that specifically align to national security related outcomes and be based on the ultimate outcome of the target, rather than on interim results.

Agreed. The CBSA will continue to review and refine national security scenarios in order to limit the collection of personal information, minimized intrusiveness and ensure proportionality.

CBSA’s risk assessment is an incremental and multi-layered process, which begins with an initial risk assessment of all arriving commercial air passengers. The extent of personal information collected during this process increases at each step and is proportionate to our need to detect and prevent terrorism or serious transnational crimes. SBT is a method that is minimally invasive in terms of privacy impacts, which allows the CBSA to achieve its national security and public safety mandate.

SBT ensures that only a finite number of travellers are selected for further risk assessment and of those, only a limited number are referred for further examination at a port of entry.

In 2016-17, of the approximate 29 million travellers who arrived in Canada by commercial air carrier:

  • Approximately 60,000 or 0.2% of travellers matched a national security SBT rule;
  • Of the 60,000 travellers, 552 were identified for further examination at a port of entry based on risk assessments by an NTC targeting officer, which represents 0.002% of the 29 million travellers.

The CBSA does not keep an active record of all persons who matched a SBT rule and were subsequently deemed to be of low risk. The CBSA only retains a record of those individuals for whom a request for examination at the port of entry was issued. This record is retained for an activation period of seven days, is subsequently deactivated for access by all frontline personnel and is retained only for the purposes of file management, recording of examination results, and risk determination.

In regards to measuring success, the targeting program reports on both direct and indirect results achieved in the conduct of an examination at the Port of Entry.

All examination reports are reviewed for results from a customs, immigration, and intelligence perspective. Analysis of these results enables the CBSA to continuously modify and/or delete national security SBT rules to further improve results and further facilitate entry of low risk travellers.

Going forward, the CBSA will continue to capture both indirect and direct results of all referrals and examinations, including measures which are aligned to national security related outcomes.

VI. Privacy Impact Assessments

In fiscal year 2017–2018, the CBSA completed four Privacy Impact Assessments (PIA). They were all sent to the OPC and TBS for review and comments.

The four PIAs completed by the CBSA are:

The full executive summaries of these PIAs can be found on the CBSA's website.

Enhanced Driver’s License / Enhanced Identification Card

This is an addendum to the PIA submitted in December 2008 entitled Enhanced Driver's License (EDL) and Enhanced Identification Card Program – Use of EDL data by the CBSA, which is a collaborative program between the CBSA and three participating provinces: Ontario, Manitoba, and British Columbia. These provinces earlier agreed to make available enhanced documents (such as a Driver's License or an Identification Card) that meets the requirements of the Western Hemisphere Travel Initiative, allowing Canadian citizens to use the identification to facilitate land or water travel between Canada and the United States (U.S.).

Personal information is collected by the provinces and provided to the CBSA to enable query access by U.S. Customs and Border Protection in the event that a Canadian presents their card as identification at a land/water POE. The CBSA has undertaken the policy and technology work to permit Border Services Officers (BSO) to have access to the CBSA's EDL database and equipped select POEs with Radio Frequency Identification (RFID) abilities to read the card. POEs that are not RFID-enabled will still be able to scan/swipe the cards and access the CBSA database.

Asia-Pacific Economic Cooperation Business Travel Card

The Asia-Pacific Economic Cooperation (APEC) Business Travel Card (ABTC) scheme was created in the late 1990s to respond to demands of the regional business community for simpler short-term entry procedures within APEC. For fully participating economies, the ABTC provides frequent business travellers with visa-free travel, multiple short-term entries into participating APEC economies, and expedited airport processing.

The ABTC scheme is comprised of 19 fully participating countries or economies: Australia, Brunei Darussalam, Chile, China, Hong Kong, Indonesia, Japan, South Korea, Malaysia, Mexico, New Zealand, Papua New Guinea, Peru, the Philippines, Russia, Singapore, Chinese Taipei, Thailand, and Vietnam. Canada and the U.S. are considered transitional members.

For the domestic pilot project, the CBSA obtains consent from applicants and members for collecting, using, and sharing of customs/personal information pursuant to the Certification and Consent Statement in the application package that an applicant will need to agree to before proceeding with the application, as well as a Privacy Statement in the application package that explains the authorities for the collection, use, and disclosure of personal information. It also includes an attestation that the applicant is a bona fide business person.

CBSA – CISC Information Sharing Framework

The primary function of the Criminal Intelligence Service of Canada (CISC) is to facilitate the timely production and exchange of criminal intelligence information to the law enforcement community at the municipal, provincial, and federal levels. Police agencies use the information stored in a criminal intelligence databank to support the detection, prevention, and disruption of serious and organized crime in Canada.

Through a partnership with CISC, the CBSA will disclose publicly available court records related to customs and immigration offences into CISC’s criminal intelligence data bank when there are reasonable grounds to believe the offence has a nexus to serious or organized crime. Police partners will be able to search this information to support specific lawful investigations. Partners may also request additional information related to the publicly available court records through the standard written request process detailed in both the Privacy Act and the Customs Act.

The CBSA’s investigative bodies will collect personal information uploaded into the data bank to support ongoing lawful investigations of customs and immigration-related offences with a nexus to serious and organized crime.

Wireless Handheld Initiative (Mobile IPIL)

Wireless handheld devices will be introduced to support the Entry/Exit Initiative and Beyond the Border Action Plan. The devices will be equipped with a mobile version of the Integrated Primary Inspection Line application to facilitate the secure and accurate capture and risk assessment of individual traveller and conveyance information. The devices will be deployed at CBSA service points which are not equipped with primary inspection booths.

The introduction of handheld devices during primary processing will allow a Border Services Officer (BSO) to capture and risk assess conveyance and traveller information while remaining with the traveller, just as they would today if they were working at a site with primary inspection booths.

While the mobile device introduces a new means for capturing traveller and conveyance information, the type of data collected remains unchanged. The handheld is a tool used by the BSO to collect information directly from the traveller and verify it against information that is already held within CBSA information holdings.

Disclosures Made Pursuant to Paragraph 8(2)(e) of the Privacy Act

During the 2017–2018 fiscal year, 848 disclosures pursuant to paragraph 8(2)(e) of the Privacy Act were made by the CBSA.

Disclosures Made Pursuant to Paragraph 8(2)(m) of the Privacy Act

During the 2017–2018 fiscal year, the CBSA made one disclosure related to immigration removals pursuant to paragraph 8(2)(m) of the Privacy Act.

It is in the public interest to demonstrate that the CBSA is carrying out its mandate. This disclosure served to demonstrate that the objectives and integrity of the immigration system and the protection of the health and safety of Canadians were being maintained. The balance between the public’s need to know and protection of an individual’s privacy is of utmost concern to the CBSA. In this case, it was determined that public interest in the disclosure of this individual’s removal status outweighed any injury to the individual.

The OPC was notified before the disclosure was made.

Delegation Order

See Annex A for a signed copy of the delegation order.

Chapter Two: Statistical Report

Statistical report on the Privacy Act

See Annex B for the CBSA's statistical report on the Privacy Act.

Interpretation of the Statistical Report

I. Requests Processed Under the Privacy Act

The CBSA received 13,429 privacy requests in fiscal year 2017–2018, which was an increase of 15.9% over the previous year. Moreover, the CBSA responded to 13,575 Privacy Act requests, representing 89.7% of the total number of requests received and outstanding from the previous reporting period.

For the past five years, the CBSA has consistently been among the top government departments in terms of workload. While receiving a substantial number of requests each year, the CBSA has been able to maintain and improve upon its performance in a year which has seen its greatest number of requests ever received.

Demandes de renseignements personnels reçues/traitées

II. Outstanding Requests from Previous Years

During this reporting period, the CBSA built on the positive steps taken last year and was able to close more files than it received. Of the 1,555 requests carried over to fiscal year 2018–2019, 1,384 were on time and 171 were late.

III. Completion Time

Of all the requests completed, the CBSA was successful in responding to 90.8% within the legislated timelines, an increase from the 89.7% achieved last fiscal year.

In total, 1,503 extensions were applied for in fiscal year 2017–2018. This represents an increase of 65% in extensions in comparison to the previous fiscal year. This in reflective of the increased volume of requests received, which has made it more challenging for the Agency to process files within the 30 day legislated time frame.

IV. Complaints and Investigations

Subsection 29(1) of the Privacy Act describes how the OPC receives and investigates complaints from individuals regarding their personal information held by a government institution. Examples of complaints the OPC may choose to investigate include a refusal of access to personal information; an allegation that personal information about an individual that is held by a government institution has been misused or wrongfully disclosed; or failure to provide access to personal information in the official language requested by the individual.

Throughout fiscal year 2017–2018, 35 Privacy Act complaints were filed against the CBSA, which represents a decrease of 53% compared to fiscal year 2016–2017. This marks the second year in a row that the number of complaints received decreased substantially. The reason most cited for complaints was a delay in responding to requests. The complaints received during the fiscal year were related to the following issues: time delay (16); refusal to disclose (9); application of exemptions (8); collection (1); and miscellaneous (1). For context, the number of complaints filed relate to only 0.24% of the 13,575 privacy requests completed during this period.

Of the 40 complaints resolved in fiscal year 2017–2018, 35 were deemed well-founded, two were deemed not well-founded, two were settled, and one was discontinued. Where complaints are substantiated, the matter is reviewed by the delegated managers and processes are adjusted if required.

V. Privacy Breaches

One material privacy breach was reported during the 2017–2018 fiscal year. The breach involved unauthorized disclosure of information by an employee of the CBSA to two individuals outside of the Agency. The CBSA holds its employees to a high standard and expects them to carry out their duties with respect, integrity and professionalism. In this case, the matter was investigated and the employee’s network access was revoked.

VI. Conclusion

The achievements portrayed in this report reflect the CBSA’s commitment to ensuring that every reasonable effort is made to meet its obligations under the Privacy Act. The CBSA strives to provide Canadians with their personal information to which they have a right in a timely and helpful manner while protecting the privacy rights of all Canadians.

Annex A – Delegation Order

Ministerial Order
Access to Information Act & Privacy Act (ATIP)

Pursuant to section 73 of the Access to Information Act and section 73 of the Privacy Act, I hereby designate the persons holding the positions set out in the schedule hereto, or a person authorized to exercise the powers or perform the duties and functions of that position, to exercise or perform the powers, duties and functions of the Minister of Public Safety and Emergency Preparedness as the head of the Canada Border Services Agency under the provisions of the Act and related regulations set out in the schedule opposite each position.

This order replaces previous designation orders and comes into force on the date on which it is signed.

Dated at Ottawa, Province of Ontario, this 15th day of February, 2017.

The Honourable Ralph Goodale, P.C., M.P.
Minister of Public Safety and Emergency Preparedness

Schedule
Ministerial Order under the Access to Information Act & the Privacy Act

Position Access to Information Act and Regulations Privacy Act and Regulations
President Full Authority Full Authority
Executive Vice-President Full Authority Full Authority
Vice-President, Corporate Affairs Branch Full Authority Full Authority
Director General, Corporate Secretariat Full Authority Full Authority
Director, ATI Privacy Division Full Authority Full Authority
Assistant Director, ATI Privacy Division Full Authority Full Authority 
(except 8(2)(m))
Team Leader, ATI Privacy Division Full Authority Full Authority 
(except 8(2)(m))

Annex B – Statistical Report on the Privacy Act

Name of instituation: Canada Border Services Agency

Reporting period: 2017-04-01 to 2018-03-31

Part 1 — Requests Under the Privacy Act

  Number of Requests
Received during reporting period 13,429
Outstanding from previous reporting period 1,701
Total 15,130
Closed during reporting period 13,575
Carried over to next reporting period 1,555

Part 2 — Requests Closed During the Reporting Period

2.1 Disposition and completion time
Disposition of requests Completion Time
1 to 15 days 16 to 30 days 31 to 60 days 61 to 120 days 121 to 180 days 181 to 365 days More than 365 days Total
All disclosed 32 6,872 2,106 63 9 4 0 9,086
Disclosed in part 14 1,185 960 371 67 112 182 2,891
All exempted 0 5 4 1 0 0 0 10
All excluded 0 0 0 0 0 0 0 0
No records exist 8 281 114 19 4 2 1 429
Request abandoned 499 549 45 3 1 0 62 1,159
Neither confirmed nor denied 0 0 0 0 0 0 0 0
Total 553 8,892 3,229 457 81 118 245 13,575
2.2 Exemptions
Section Number of Requests
18(2) 0
19(1)(a) 660
19(1)(b) 50
19(1)(c) 52
19(1)(d) 127
19(1)(e) 0
19(1)(f) 0
20 1
21 803
22(1)(a)(i) 19
22(1)(a)(ii) 9
22(1)(a)(iii) 2
22(1)(b) 1,413
22(1)(c) 44
22(2) 0
22.1 0
22.2 0
22.3 0
23(a) 1
23(b) 0
24(a) 0
24(b) 0
25 1
26 2,725
27 216
28 3
2.3 Exclusions
Section Number of Requests
69(1)(a) 0
69(1)(b) 0
69.1 0
70(1) 0
70(1)(a) 0
70(1)(b) 0
70(1)(c) 0
70(1)(d) 0
70(1)(e) 0
70(1)(f) 0
70.1 0
2.4 Format of information released
Disposition Paper Electronic Other formats
All disclosed 9,018 68 0
Disclosed in part 1,634 1,257 0
Total 10,652 1,325 0

2.5 Complexity

2.5.1 Relevant pages processed and disclosed
Disposition of Requests Number of Pages Processed Number of Pages Disclosed Number of Requests
All disclosed 36,341 36,341 9,086
Disclosed in part 634,939 418,773 2,891
All exempted 697 0 10
All excluded 0 0 0
Request abandoned 12,254 520 1,159
Neither confirmed nor denied 0 0 0
Total 684,231 455,634 13,146
2.5.2 Relevant pages processed and disclosed by size of requests
Disposition Less than 100 pages processed 101-500 pages processed 501-1000 pages processed 1001-5000 pages processed More than 5000 pages processed
Number of Requests Pages Disclosed Number of Requests Pages Disclosed Number of Requests Pages Disclosed Number of Requests Pages Disclosed Number of Requests Pages Disclosed
All disclosed 9,054 32,021 15 2,610 17 1,710 0 0 0 0
Disclosed in part 1,731 22,221 753 139,972 280 132,624 126 123,824 1 132
All exempted 8 0 2 0 0 0 0 0 0 0
All excluded 0 0 0 0 0 0 0 0 0 0
Request abandoned  1,147 13 6 0 2 507 4 0 0 0
Neither confirmed nor denied 0 0 0 0 0 0 0 0 0 0
Total 11,940 54,255 776 142,582 299 134,841 130 123,824 1 132
2.5.3 Other complexities
Disposition Consultation Required Legal Advice Sought Interwoven Information Other Total
All disclosed 3 0 0 0 3
Disclosed in part 325 0 2,725 0 3,050
All exempted 0 0 0 0 0
All excluded 0 0 0 0 0
Request abandoned 35 0 0 0 35
Neither confirmed nor denied 0 0 0 0 0
Total 363 0 2,725 0 3,088

2.6 Deemed refusals

2.6.1 Reasons for not meeting statutory deadline
Number of requests closed past the statutory deadline Principal Reason
Workload External consultation Internal consultation Other
1,247 1,247 0 0 0
2.6.2 Number of days past deadline
Number of Days Past Deadline Number of Requests Past Deadline Where No Extension Was Taken Number of Requests Past Deadline Where An Extension Was Taken Total
1 to 15 days 307 123 430
16 to 30 days 37 44 81
31 to 60 days 47 73 120
61 to 120 days 49 77 126
121 to 180 days 41 61 102
181 to 365 days 57 79 136
More than 365 days 113 139 252
Total 651 596 1,247
2.7 Requests for translation
Translation Requests Accepted Refused Total
English to French  0 0 0
French to English  0 0 0
Total 0 0 0

Part 3 — Disclosures Under Subsection 8(2) and 8(5)

Paragraph 8(2)(e) Paragraph 8(2)(m) Paragraph 8(5) Total
848 1 1 850

Part 4 — Requests for Correction of Personal Information and Notations

Disposition for Correction Requests Received Number
Notations attached 38
Requests for correction accepted 7
Total 45

Part 5 — Extensions

5.1 Reasons for extensions and disposition of requests
Disposition of Requests Where an Extension Was Taken 15(a)(i) Interference with operations 15(a)(ii) Consultation 15(b) Translation or conversion
Section 70 Other
All disclosed 305 0 2 0
Disclosed in part 1,037 0 56 0
All exempted 2 0 1 0
All excluded 0 0 0 0
No records exist 51 0 0 0
Request abandoned 47 0 2 0
Total 1,442 0 61 0
5.2 Length of extensions
Length of Extensions 15(a)(i) Interference with operations 15(a)(ii) Consultation 15(b) Translation purposes
Section 70 Other
1 to 15 days 0 0 0 0
16 to 30 days 1,442 0 61 0
Total 1,442 0 61 0

Part 6 — Consultations Received From Other Institutions and Organizations

6.1 Consultations received from other government institutions and organizations
Consultations Other Government of Canada Institutions Number of Pages to Review Other Organizations Number of Pages to Review
Received during the reporting period 55 61,322 0 0
Outstanding from the previous reporting period 8 817 0 0
Total 63 62,139 0 0
Closed during the reporting period 58 30,980 0 0
Pending at the end of the reporting period 5 31,159 0 0
6.2 Recommendations and completion time for consultations received from other Government of Canada institutions
Recommendation Number of days required to complete consultation requests
1 to 15 days 16 to 30 days 31 to 60 days 61 to 120 days 121 to 180 days 181 to 365 days More than 365 days Total
All disclosed 13 2 4 1 0 2 0 22
Disclosed in part 7 11 3 3 0 1 0 25
All exempted 0 3 1 2 1 2 0 9
All excluded 0 0 0 0 0 0 0 0
Consult other institution 0 0 0 0 0 0 0 0
Other 2 0 0 0 0 0 0 2
Total 22 16 8 6 1 5 0 58
6.3 Recommendations and completion time for consultations received from other organizations
Recommendation Number of days required to complete consultation requests
1 to 15 days 16 to 30 days 31 to 60 days 61 to 120 days 121 to 180 days 181 to 365 days More than 365 days Total
All disclosed 0 0 0 0 0 0 0 0
Disclosed in part 0 0 0 0 0 0 0 0
All exempted 0 0 0 0 0 0 0 0
All excluded 0 0 0 0 0 0 0 0
Consult other institution 0 0 0 0 0 0 0 0
Other 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0

Part 7 — Completion time of consultations on Cabinet confidences

7.1 Requests with Legal Services
Number of Days Fewer Than 100 Pages Processed 101-500 Pages Processed 501-1000 Pages Processed 1001-5000 Pages Processed More than 5000 Pages Processed
Number of Requests Pages Disclosed Number of Requests Pages Disclosed Number of Requests Pages Disclosed Number of Requests Pages Disclosed Number of Requests Pages Disclosed
1 to 15 0 0 0 0 0 0 0 0 0 0
16 to 30 0 0 0 0 0 0 0 0 0 0
31 to 60 0 0 0 0 0 0 0 0 0 0
61 to 120 0 0 0 0 0 0 0 0 0 0
121 to 180 0 0 0 0 0 0 0 0 0 0
181 to 365 0 0 0 0 0 0 0 0 0 0
More than 365 0 0 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0 0 0
7.2 Requests with Privy Council Office
Number of Days Fewer Than 100 Pages Processed 101-500 Pages Processed 501-1000 Pages Processed 1001-5000 Pages Processed More than 5000 Pages Processed
Number of Requests Pages Disclosed Number of Requests Pages Disclosed Number of Requests Pages Disclosed Number of Requests Pages Disclosed Number of Requests Pages Disclosed
1 to 15 0 0 0 0 0 0 0 0 0 0
16 to 30 0 0 0 0 0 0 0 0 0 0
31 to 60 0 0 0 0 0 0 0 0 0 0
61 to 120 0 0 0 0 0 0 0 0 0 0
121 to 180 0 0 0 0 0 0 0 0 0 0
181 to 365 0 0 0 0 0 0 0 0 0 0
More than 365 0 0 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0 0 0

Part 8 - Complaints and Investigations Notices Received

Section 31 Section 33 Section 35 Court action Total
35 0 35 0 70

Part 9 - Privacy Impact Assessments (PIAs)

Number of PIA(s) completed 4

Part 10 — Resources related to the Privacy Act

10.1 Costs
Expenditures Amount
Salaries  $3,176,046
Overtime $73,284
Goods and Services $257,092
• Professional services contracts $0  
• Other $257,092
Total $3,506,422
10.2 Human Resources
Resources Person Years Dedicated to Privacy Activities
Full-time employees 43.02
Part-time and casual employees 4.28
Regional staff 0.00
Consultants and agency personnel 0.00
Students 0.00
Total 47.30
Date modified: