We are pleased to table the Annual Report to Parliament on the administration of the Privacy Act for fiscal year 2010-2011, as required under subsections 72(1) and 72(2).
The Privacy Act provides Canadian citizens and individuals present in Canada the right to seek access to their personal information that is held by the federal government. It also governs the collection, use, disclosure, retention and disposal of personal information.
On behalf of the Government of Canada, the Department of Foreign Affairs and International Trade is Canada’s face and voice to the world, working to advance Canada’s political and economic interests in the international community as well as to apply Canadian experience to help address global issues.
The Department's legal mandate, as set out in the Department of Foreign Affairs and International Trade Act, RSC 1985, c. E-22, is to:
In addition, Passport Canada which is a Special Operating Agency of Foreign Affairs and International Trade Canada is responsible for issuing, refusing, revoking and withholding Canadian passports, in addition to administering their use and recovery. Passport Canada supervises all matters relating to Canadian travel documents and provides guidance to Canadian government offices abroad, enabling them to issue passports. Besides serving the public directly, Passport Canada also works with national and international police authorities, security agents, border officials and any federal, provincial and territorial authorities that provide identification documents.
The Minister of Foreign Affairs is also responsible for the Export and Import Permits Act, RSC 1985, c. E-19, which authorizes the government to control and monitor the transborder flow of specified goods, and for the Special Economic Measures Act, 40-41 Elizabeth II, c. 17, which authorizes the government to apply economic sanctions in response to a serious threat to international peace and security.
The Department also provides administrative support to other government departments with personnel abroad.
In 2010-2011, the Department had 13,259 Full-time Equivalents with the workforce made up of three groups. First, Canada-based rotational staff made up mainly of Foreign Service officers, in addition to administrative support employees and information technology specialists who relocate regularly between headquarters and Canada’s missions abroad. Second, non-rotational staff who work primarily at Headquarters. Third, locally-engaged staff who work at missions abroad.
Canada’s success in building a sustainable recovery and long-term competitive strength is fundamentally linked to its engagement with the global setting. It is for that reason that the pursuit of economic opportunity remains DFAIT’s leading priority. With its world-class financial and banking system, its potential to become an energy superpower, its highly skilled labour force, and its competitive corporate tax rates, Canada is well positioned to succeed in world markets and to attract foreign investment. However, there are international developments that could adversely affect Canada, such as the uneven and potentially fragile economic recovery of Canada’s major trading partners, persistent global financial imbalances, the slower-than-expected pace in concluding the World Trade Organization’s Doha Round, and the threat of protectionism in many countries. In this context, there is a premium on the effective promotion and advocacy of Canada’s economic interests. In support of the government’s national competitiveness strategy (Advantage Canada) and Economic Action Plan, DFAIT undertook the following initiatives in 2010-2011:
The United States remains Canada’s most important economic and security partner, with some $2 billion in goods and services crossing the border daily. Canada’s security and prosperity are inextricably linked to effective management of the relationship with the United States on a range of bilateral, regional and global economic issues. The most significant plans are as follows:
Canada’s engagement in the Americas is predicated on a whole-of-government approach that advances the key themes of democratic governance, prosperity and security in the region. The department continues to position Canada as a reliable supporter of democratic rule, a preferred trading partner and a key actor in addressing regional security threats. Key plans related to DFAIT’s activities in the Americas include the following actions:
The NATO-led mission remains Canada's priority. Afghanistan’s stability and development is fundamental to regional stability and to Canada’s own security. An international consensus on the way forward, led by President Obama's new strategy announced in late 2009 and the conclusions of the London Conference of January 2010, commits all sides to greater progress. The most significant plans were as follows:
The emergence of a multi-polar world has fundamentally challenged the capacity of conventional global governance to deal with issues of global impact. The urgent need to address challenges arising from the worldwide recession, such as the reform of global financial architecture, as well as horizontal issues such as climate change have, in part, accounted for the rising interest in, and influence of, the G20. In hosting the G8 and G20, Canada had a unique opportunity to exert influence in the search for innovative solutions to an array of global challenges. Key plans included the following:
Overall, DFAIT continued its efforts to ensure that Canada's values and interests are reflected in multilateral forums, including those of the UN, the G8 and G20, La Francophonie, and NATO as well as regional organizations. DFAIT delivers results related to its priorities through diplomacy and advocacy, bilaterally and multilaterally. Canada’s efforts to improve human rights, democratic governance, and corporate social responsibility around the world serve to protect Canadians and their interests at home and abroad.
With regard to the Arctic, a region of growing global interest in terms of commerce, resources and transportation, DFAIT continued to develop and promote Canada’s Arctic Foreign Policy—the international dimension of the Government of Canada’s Northern Strategy. The department worked bilaterally with other Arctic partners, within the Arctic Council, with the five Arctic coastal states and in other multilateral forums to assert Canada’s Arctic sovereignty and to promote collaboration on issues of environment, economic and social development, and governance.
The rapidly changing nature of the international environment has required the department to undertake comprehensive actions to modernize all aspects of its operations. DFAIT must ensure that it is as agile and responsive as possible in order to be able to address the risks and to take advantage of the opportunities generated by new global realities. It is against this backdrop that a comprehensive transformation agenda to modernize the department was launched in 2008, an effort that continued in 2010-2011.
Finally, it made ongoing improvements to its human resources and financial management, and increased its accountability.
Under Section 73 the Act, the Minister’s authority is delegated to enable the Department to meet its legislated requirements as well as exercise its powers. Since October 2009 responsibility for all sections of the Act was delegated to the Deputy Ministers, to the Corporate Secretary, to the Director of the Access to Information and Privacy Protection Division, to the Deputy Directors of the ATIP Office, as well as to Heads of Mission but only as it relates to disclosure under section 8(2)(m) of the Privacy Act. (See Annex A)
In addition, Passport Canada as a special operating agency obtained its own ATIP delegated authority to respond to requests under both the Access to Information Act and Privacy Act as they relate to its passport records. This delegation came into effect on April 1, 2011. For reporting purposes, however, the DFAIT ATIP Office will continue to include PPTC in its annual reports to Parliament as well as for TBS statistical reports.
The Access to Information and Privacy Protection Division (ATIP Office) is responsible for the administration of the ATIA, including the processing of requests and consultations. The Director of the ATIP Office reports to the Corporate Secretary, who in turn reports to the Associate Deputy Minister of Foreign Affairs.
In 2010-2011, with the addition of 10 new full-time equivalents, the division had four teams of processing Analysts reporting to two Deputy Directors. In addition, the Backlog Team, comprised mainly of consultants and support staff, reported directly to the division’s third Deputy Director. The Deputy Directors, the Manager of Business Practices and Systems, as well as the Policy & Governance team reported to the Director (see Figure 1).
Figure 1 – ATIP Office Organizational Structure
More recent changes to the ATIP Office’s capacity (53 full-time equivalents) and structure, including new fast-track Consultation team and an Intake Unit, will be reported in the next Annual Report to Parliament in 2011-2012.
The graph in Figure 2 represents the ever increasing number of requests (all types) received by DFAIT under both Acts. During this reporting period, DFAIT (including Passport Canada) received a total of four thousand, one hundred and sixty-three requests (4,163), that totalled two hundred and forty-seven thousand, seven hundred and thirty-eight (247,738) pages. This represents an increase of 24% over last fiscal year. The types of requests that faced growth were Access to Information Act requests, consultations under both Acts from other government departments as well as requests under the Privacy Act primarily to Passport Canada from investigative bodies.
Figure 2 — Number of ATIP Requests Received per Fiscal Year
Given its mandate and various responsibilities at the international level, DFAIT plays a key consultation role under the Access to Information Act and the Privacy Act on behalf of other government departments (OGDs).
Other ongoing challenges include:
There are significant information management and information technology (IM/IT) challenges within DFAIT, which continue to be examined for e-solutions.
Since 1998, DFAIT’s performance under the Access to Information Act has been scrutinized closely by the Office of the Information Commissioner (OIC) due to poor departmental compliance with the Act’s prescribed time limits. As well, improved compliance and commitment to these legislative responsibilities has been identified as a Government of Canada priority, reflected in the following instruments:
Services for Canadians comprise one of three strategic outcomes under the Department’s Program Activity Architecture (PAA). ATIP is one of the key services provided to the general public in Canada by the Department, and better service requires improved compliance with the relevant Acts. Furthermore, given the additional function of the departmental ATIP office of consulting foreign governments on the release of information originating with them, there is a major component of ATIP implementation that includes managing our international relationships and ensuring partners that their information is managed appropriately.
Improving compliance with the Access to Information Act and the Privacy Act continued to be a departmental priority, especially in light of a growing backlog related to requests for information related to the Government’s key international priorities such as Afghanistan. So much so that, while financial restraints faced DFAIT in 2010-2011, the ATIP Office was nonetheless able to build additional capacity with the injection of $2.7M in new ATIP funding in June 2010.
The following section explains in more detail the TBS statistical report as provided in Annex B.
Between April 1, 2010 and March 31, 2011, the Department received three hundred and twenty (320) requests for personal information under the Privacy Act. Along with those new requests, forty -six (46) requests were carried over from the previous fiscal year, for a total of three-hundred and sixty-six (366) requests. During the reporting period, three hundred and thirty-three (333) requests were completed and thirty-three (33) still active files were carried over to the next reporting period.
The distribution of completed requests is as follows: (See Figure 3)
|Requests||Number of Requests|
|Disclosed in part||217|
|Nothing disclosed (excluded)||0|
|Nothing disclosed (exempted)||1|
|Unable to process||41|
|Abandonded by applicant||29|
Figure 3 — Disposition of Completed Requests
The exemption most commonly used by the Department during the period was section 26 [Information about another individual] of the Privacy Act. It was invoked in two hundred and eleven (211) requests. The Department applied exclusions under sub-section 70(1) [confidences of cabinet] five (5) times during this reporting period.
During the reporting period, the Department claimed extensions pursuant to paragraphs 15(a)(i) and 15(a)(ii): 22 and 13 times, respectively.
When a request contains records that are of a greater interest to another institution, the Access to Information and Privacy Coordinator of that institution is consulted. Between April 1, 2010 and March 31, 2011, the Department received one hundred and one (101) consultations under the Privacy Act from other federal government institutions.
During the reporting period, one hundred and twenty-six (126) consultations were completed under the Privacy Act representing three thousand, five-hundred and two (3,502) pages.
In return, the Department consulted other government institutions the following number of times during the reporting period.
|Requests||Number of Requests|
|Other Federal Governments||80|
|Privy Council Office (Cabinet Confidences)||5|
|Provincial Institutions or Municipalities||2|
|Foreign Governments or Institutions of States||14|
Subsection 8(1) of the Privacy Act states that “personal information under the control of a government institution shall not, without the consent of the individual to whom it relates, be disclosed by the institution except in accordance with this section.”
Subsection 8(2) of the Privacy Act states that “personal information under the control of a government institution may be disclosed” under certain specific circumstances (see Figure 4).
Figure 4 — Disclosure of Personal Information Pursuant to s. 8(2)
Personal information may be disclosed “for any purpose in accordance with any Act of Parliament or any regulation made there under that authorizes its disclosure.”
Under this paragraph of the Privacy Act, eight (8) requests were received and treated.
Personal information may be disclosed “for the purpose of complying with a subpoena or warrant issued or order made by a court, person or body with jurisdiction to compel the production of information or for the purpose of complying with rules of court relating to the production of information.”
Under this paragraph of the Privacy Act, one (1) request was received and treated.
Personal information may be disclosed “to the Attorney General of Canada for use in legal proceedings involving the Crown in right of Canada or the Government of Canada.”
Under this paragraph of the Privacy Act, two (2) request was received and treated.
Personal information may be disclosed “to an investigative body ... for the purpose of enforcing any law of Canada or a province or carrying out a lawful investigation...”
Under this paragraph of the Privacy Act, seven hundred and forty-two (742) requests were received and treated. Most of the requests under section 8(2)(e) are received from the RCMP and CSIS who require access to passport application files. As such, the ATIP team at Passport Canada processes the bulk of these requests on behalf of DFAIT’s ATIP Office.
Personal information may be disclosed “under an agreement or arrangement between the Government of Canada [...] and the government of a province [or territory] [...] for the purpose of administering or enforcing any law or carrying out a lawful investigation.”
Under this paragraph of the Privacy Act, nine hundred and sixty-six (966) requests were received and treated. Most of requests under section 8(2)(f) are received from the Sûreté du Québec who requires access to passport application files. As in the case of 8(2)(e) requests, the ATIP team at Passport Canada processes the bulk of these requests on behalf of DFAIT’s ATIP Office.
Personal information may be disclosed “to a member of Parliament for the purpose of assisting the individual to whom the information relates in resolving a problem.”
The ATIP Office did not disclose any personal information pursuant to this paragraph during this reporting period.
Personal information may be disclosed “to any government institution for the purpose of locating an individual in order to collect a debt owing to Her Majesty in right of Canada”.
The ATIP Office did not disclose any personal information pursuant to this paragraph during this reporting period.
Personal information may be disclosed “for any purpose where, in the opinion of the head of the institution,
(i) the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure, or
(ii) disclosure would clearly benefit the individual to whom the information relates.
Under this paragraph of the Privacy Act, thirty-five (35) requests were received and treated during the reporting period. Most of these requests are received under section 8(2)(m)(ii) of the Act from the Public Health Agency of Canada (PHAC) who require contact information about individuals who were identified as sitting in close proximity to a person with infectious tuberculosis for longer than eight hours on a commercial aircraft. The release is deemed necessary to notify the appropriate provincial/territorial public health authorities who will inform the individuals of the risk of having been infected with latent tuberculosis infection. DFAIT has no objection to the release of the personal information without the consent of the subject individuals since the disclosure will clearly benefit the individuals to whom the information relates. In all cases, the Privacy Commissioner’s Office was notified of the release at the same time as the disclosure to the PHAC took place due to the urgency in such matters.
During the reporting period, three (3) complaints against the Department were filed with the Privacy Commissioner of Canada.
|Reason for Complaint||Number of Complaints|
|Refusal - Exemptions||0|
|Refusal - General||1|
|Miscellaneous Use and Disclosure||0|
Two (2) investigations were completed during the reporting period.
|Discontinued||0||No Action Required||2|
|Not substantiated||0||Remedial Action Taken||0|
|Not Well Founded||1|
As a result of a previous complaint regarding the handling of consular records, the ATIP Office worked closely with the Consular Program to:
Assist the Consular Program in developing its own online tutorial for consular training including ATIP provisions.
During the reporting period Passport Canada (PPTC) handled thirty-three (33) incidents of privacy breaches, all of which involved the lost or theft of passport applications and improper disclosure. All subject individuals were notified in writing of the breach and of their right to submit a complaint to the Office of the Privacy Commissioner of Canada (OPC). Depending on the case, PPTC notified the OPC directly who was satisfied with its process and corrective measures.
DFAIT’s ATIP Office did not report any other type of privacy breaches during the reporting period.
During this reporting period, there was one ongoing Federal Court activity for a specific Privacy Act request involving DFAIT.
In September 2009, Mr. Abdelrazik’s counsel filed an application (T-1581-09) pursuant to section 41 of the Privacy Act for an order compelling the production of personal information pertaining to the Applicant relating to a request made in November 2008. The applicant was justifiably concerned about the delays in responding to his request and had received a well-founded finding from the Privacy Commissioner of Canada. However, the file took an unusually long time to process due the voluminous nature of the records (approx. 15,000 pages), the complexity of the case involving litigation, the need to conduct numerous consultations including for cabinet confidences, as well as factors as a result of the ATIP Office’s lack of capacity. After lengthy consultations the ATIP Office managed to complete the processing in August 2010.
DFAIT was not the subject of any audit or review by agents of Parliament, including the Privacy Commissioner’s Office, in relation to the administration of the Privacy Act during the reporting period.
The Privacy Impact Assessment (PIA) Policy that was introduced by TBS in May 2002 was replaced by the new TBS’ Directive on Privacy Impact Assessment as of April 1st, 2010. This new Directive ensures that privacy is taken into account and that privacy implications are appropriately identified, assessed and resolved before a new or substantially-modified program, activity or service involving personal information is implemented. It is a step-by-step evaluation of the flow of personal information held within a given program, activity or service. More specifically, this process enables the Department to determine whether new technologies, information systems, initiatives, and proposed programs, activities, services or policies meet federal government privacy requirements. With the new Directive, a Preliminary Privacy Impact Assessment (also known as PPIA) is no longer initiated.
In addition, as a result of TBS’ 2005 Management of Information Technology Security (MITS) requirements, DFAIT must ensure the security of information and information technology (IT) assets which includes the requirement to prepare Privacy Impact Assessments for most of its systems.
During the reporting period and in compliance with the above new Directive, DFAIT did not initiate any new PPIAs. During that same period, DFAIT initiated eight (8) new PIAs as well as submitted one (1) PPIA and one (1) PIA to the Office of the Privacy Commissioner (OPC) for review. In addition, one (1) PIA was completed and since published on its departmental Internet site..
It is important to note as well that another fifteen (15) projects relating to DFAIT program activities were reviewed by the ATIP Office during the reporting period but deemed not to require a Privacy Impact Assessment.
The following information pertains to PPIA and PIA activities in 2010-2011 and for ease of reference have been listed in alphabetical order:
The Emergency Management Portal is a web-based reporting tool that will provide senior management and operational teams at HQ and missions with a centralized view of international emergencies affecting our missions around the world. It will consolidate all emergency management activities and information for the purpose of monitoring, managing and reporting on international emergencies, humanitarian, consular, global health, security, environmental, technological, political and economic crises. The portal will provide real-time situational awareness, analysis and lessons learned to improve emergency and crisis management.
A PPIA was previously initiated. It was completed and forwarded to the OPC during the reporting period. The Executive summary of the PPIA will be posted on DFAIT’s Website shortly, however, it will be captured in the next reporting period. The Executive summary will be posted at Publications - Access to Information and Privacy.
Used by its officials, DFAIT implemented ccmMercury in 2001. At the time of implementation, a single system to manage the Ministerial correspondence process had been developed. Over the years, additional systems were deployed through ccmMercury as per the Department’s requirement. Each system is independent of other systems within the ccmMercury environment. ccmMercury is a database application designed to allow users to track the workflow of a record including related attachments in many file formats. Its integration with an imaging solution allows a user to scan documents and through the use of templates, documents such as standard replies and routing slips can be automatically created. Searching and reporting capabilities allow users to easily find and report on the data captured in a system.
A PIA was previously initiated. During the reporting period, the PIA was completed and forwarded to the OPC. At the end of the reporting period, the ATIP Office was still awaiting the OPC’s comments on the PIA. During that same period, the Executive Summary of the PIA was also posted on DFAIT’s Internet Website, which can be found at Publications - Access to Information and Privacy.
This fund is made up of public monies and is used to provide financial assistance to distressed Canadians abroad.
A PIA was required and initiated during the reporting period. Upon completion of the PIA, the Executive Summary will be posted on DFAIT’s Internet Website at Publications - Access to Information and Privacy.
ROCA is a service that enables Canadians travelling or living abroad to sign up and be contacted and assisted by government officials in case of an emergency abroad (such as a natural disaster, civil unrest, or emergency at home).
During the reporting period, the ATIP Office was informed that the Department was looking at expanding ROCA through Facebook. A PIA was required for such an initiative and was initiated during the same period. Upon completion of the PIA, the Executive Summary will be posted on DFAIT’s Internet Website at Publications - Access to Information and Privacy.
The Office of the Extractive Sector CSR Counsellor was established in 2009 as part of the Government of Canada’s CSR Strategy for the International Extractive Sector. The Strategy is designed to help Canadian mining, oil and gas companies meet their social and environmental responsibilities when operating abroad. The Office of the CSR Counsellor has a mandate to review CSR practices of Canadian companies operating outside of Canada and to advise stakeholders on recognized best practices and endorsed performance standards.
A PIA was required and was initiated during the reporting period. Upon completion of the PIA, the Executive Summary will be posted on DFAIT’s Internet Website at Publications - Access to Information and Privacy.
FSDs are designed to provide a system of allowances, benefits and conditions of employment that, in combination with salary, enable departments and agencies to recruit, retain and deploy qualified employees in support of government programs outside Canada.
The FSD Portal is an application that will be used to manage clients in missions outside of Canada. The Portal will receive data from the Human Resources Management System for all DFAIT clients. The client information of other government departments will be manually captured within the Portal. FSD Portal will also feed DFAIT’s Integrated Management System with the necessary information to assure that the clients are paid in a timely fashion.
A PIA was required for the above portal and was initiated during the reporting period. Upon completion of the PIA, the Executive Summary will be posted on DFAIT’s Internet Website at http://www.international.gc.ca/about-a_propos/atip-aiprp/publications.aspx?lang=eng&menu_id=3.
As with many other government departments, DFAIT uses the Human Resources Management System for human resource related matters such as appointments, leave, etc.
A PIA was previously initiated, completed and forwarded to the OPC. During the reporting period, the OPC advised that they were not going to be providing recommendations on the PIA, however they may choose to do so at a later date. During that same period, DFAIT also decided to implement the Recruit Module of the HRMS application. A PIA was then initiated for the said module. As soon as the PIA is completed, it will be posted on the DFAIT’s Internet Website at Publications - Access to Information and Privacy.
The IPL Software is a payroll application that is used by the mission to produce the monthly pay for its Locally Engaged Staff in Japan (including missions in Tokyo, Kyushy, Ngoya and Spporo).
A PIA was required and initiated during the reporting period. Upon completion of the PIA, the Executive Summary will be posted on DFAIT’s Internet Website at Publications - Access to Information and Privacy.
The Physical Resources Bureau supports Canadian international objectives and programs through the provision of office and staff accommodation. As well, the Bureau provides asset management, maintenance and material services to the bureau clientele in a cost effective, economical and efficient manner. An online collaboration service for project management was used for some time on a pilot basis. It was very successful and the Department is preparing for full implementation. The online collaboration service will be hosted by a service provider on their premises.
A PIA was previously initiated. During the reporting period, additional information was provided to the ATIP Office. It was confirmed that the information collected is not deemed personal information as defined under the Privacy Act.. Thus, a PIA is not necessary and will not be completed.
The International Trade Missions Division is primarily responsible for the planning, coordination and execution of trade missions abroad.
A PPIA was originally submitted to the OPC on Aug. 14, 2007. The OPC provided some recommendations, but had additional questions. The ATIP Office did provide a response to the OPC and at the end of the reporting period was still awaiting a response from the OPC. The ATIP Office was also informed by the Trade Missions Division that there were changes to the collection, use and disclosure of the personal information being collected. The ATIP Office discussed this further with the Division. Shortly after the end of the reporting period, the ATIP Office confirmed with the Division that a PIA is required to address the changes. A PIA was then initiated and will be captured during the next reporting period. Upon completion of the PIA, the Executive Summary of the PIA will be posted on DFAIT’s Internet Website at Publications - Access to Information and Privacy.
There is an existing information sharing agreement between PPTC, the DoJ and the RCMP regarding the suspension or denial of a passport, and the termination of a suspension or denial. The agreement required revisions as the information will no longer be shared with the RCMP.
During the reporting period, the DoJ was developing an overarching PIA to address and assess the changes relating to the process reflected in the above-mentioned agreement. PPTC initiated an Addendum PIA to be submitted to the DoJ as an appendix to their overarching PIA.Upon completion of the Addendum PIA, the Executive Summary will be posted on DFAIT’s Internet Website at Publications - Access to Information and Privacy.
Following certain United Nations’ resolutions on combating terrorism, the International Civil Aviation Organization adopted new passport specifications that included a global blueprint for the integration of biometric identification information into passports and other machine-readable travel documents. These new specifications require the inclusion of an embedded chip that held the passport holder’s photo. In 2004, the Canadian government instituted its National Security Policy and presented an implementation plan to pursue initiatives reinforcing border security.
This PIA was sent to the OPC on March 19, 2008. The OPC further provided recommendations and a response was forwarded back on Dec. 29, 2008. In October 2009, the ATIP Office was informed by the OPC that they were satisfied with its response and that they were closing their file pending future submissions from PPTC on the national implementation. Later, the ATIP Office was informed by PPTC that the planning phase of the e-passport National Rollout Project was ongoing. During the reporting period, the updated PIA report (not a new PIA) describing the action items and their status was finalized by PPTC and forwarded to the OPC. At the end of the reporting period, the ATIP Office was still awaiting the OPC’s comments on the PIA update report and action plan.
Passport Canada introduced two new policies that are reflected on its Passport Application Forms. These new polices are the new Guarantor Policy and the Loss of Canadian Citizenship pursuant to section 8 of the Citizenship Act policy.
The new Guarantor Policy enables Canadian passport holders (with some restrictions as not all Canadian Passport Holders may act as Guarantor) to be a guarantor for a new passport applicant in Canada and in the USA.
The Directive on Policy regarding Loss of Citizenship requires the public service to inform Canadians that are impacted by Section 8 of the 1977 Citizenship Act, which states “Where a person who was born outside Canada after February 14, 1977 is a Canadian Citizen for the reason that at the time of birth, one of his parents was a citizen by virtue of paragraph 3(1)(b) or (e), that person ceases to be a citizen on attaining the age of twenty-eight years unless that person (a) makes application to retain citizenship; and (b) registers as a citizen and either resides in Canada for a period of at least one year immediately preceding the date of his application or establishes a substantial connection with Canada.”
A PIA was previously initiated, completed and forwarded to the OPC. During the reporting period, the OPC provided recommendations on the PIA and the ATIP Office responded to them. At the end of the reporting period, the ATIP Office was still awaiting the OPC’s comments on its response.
The Government of Canada’s Academic Relations Program’s international scholarships are managed by the Department of Foreign Affairs and International Trade. The program’s objective is to promote Canadian values and identity around the world in order to strengthen Canada’s international relations. Through its international scholarships activities which include scholarships for Canadians by foreign governments (Canada-China Scholars Exchange Program, Commonwealth Scholarship Plan, Foreign Government Awards, Organization of American States (OAS) Fellowships Programs) and scholarships for non-Canadians by the Government of Canada (Canada China Scholars’ Exchange Program, Commonwealth Scholarship Plan, Government of Canada Awards), DFAIT creates friends of Canada who could hold positions of authority in their respective countries reinforcing Canada’s international ties and influence. In developing countries, these scholarships are designed to contribute to the development of human capital. The Commonwealth Scholarships, which were among the first international scholarships to be established, were initiated in 1959 when Commonwealth countries, led by Canada, set up a scholarship plan to strengthen the links between them and to encourage higher education. Canada is the largest contributor of Commonwealth scholarships after the United Kingdom.
The PPIA was submitted to the OPC in November 2006. The OPC recommended that a full PIA be conducted. The full PIA was initiated during the reporting period. As soon as the PIA is completed, the Executive Summary will be posted on DFAIT’s Internet Website at Publications - Access to Information and Privacy.
No new MOU / Information Sharing Agreements were signed during the reporting period, however, Passport Canada (PPTC) was working closely with the Department of Justice (DoJ) to revise the existing information sharing agreement between PPTC, the DoJ and the Royal Canadian Mounted Police (RCMP) regarding the suspension or denial of a passport and the termination of a suspension or denial. The agreement requires revisions as the information will no longer be shared with the RCMP.
During that same period, PPTC also implemented the Known Parent Project. The pilot project was tested in the Kitchener Regional Passport Office. PPTC was looking to identify an efficient and secure way to use existing records to confirm the identity of both the applying parent and the other parent whose signature is requested on a child’s application. The initiative increased the integrity of children’s passports, but also assisted in preventing possible child abduction. Additionally, PPTC improved customer service by consulting the database instead of inconveniencing clients by requiring them to provide additional documentation to confirm their identity. When PPTC was unable to determine the possible "match" of a signature in their database, further verifications were conducted to confirm the identity of the known parent.
With the injection of new ATIP funding in June 2010, the ATIP Office not only created ten (10) new full-time equivalents but also launched a Backlog Project in July 2010 in order to clear the bulk of the late files by summer 2011. The Backlog Project has been a tremendous success as, at the time of drafting this report, it had closed 360 of the 405 late ATIP files which represented 216,373 pages of the 275,056 pages to be processed. It was expected that the remaining 45 files (58,683 pages) some of which have outstanding external consultations would be completed by early fall 2011.
During 2010-2011, the ATIP Office created a dedicated Policy & Governance Team whose primary responsibilities include providing ATIP policy advice as well as develop and deliver ATIP training both internal to the ATIP Office as well as to departmental employees.
The Policy and Governance Team is also responsible for updating (keeping evergreen) the ATIP Analysts’ Guidelines relating to the processing of ATIP requests, answering general questions from internal clients and providing advice, assistance and guidance with regards to privacy, the requirement and development of new Privacy Impact Assessments (PIA), Privacy Notice Statements (PNS), Disclaimers, Consent forms and/or revisions to existing ones, as well as providing assistance in the development of TBS' Statistical Reports and the preparation of Annual Reports to Parliament for both the Access to Information Act and the Privacy Act.
The Team is also responsible for updating DFAIT's Chapter in TBS' Info Source Publication, registering Personal Information Banks with TBS and delivering Info Source training, awareness and/or question and answer sessions. Of importance to note is that the work in this policy area increased by at least 50 percent from the last reporting period as a direct result of:
Info Source Full Sweep: For the first time, the ATIP Office conducted a full sweep of the information holdings of all program areas in DFAIT. The coordination of this activity was an immense undertaking and involved the development of an extensive training package, delivery of multiple training sessions, one-one-one meetings with Offices of Primary Interest (OPI), as well as the review and update of the Department’s Info Source chapter. Approximately 80% of the OPIs responded to the full sweep.
New Internet/Intranet Policy: A new process was initiated whereby all new or updated forms published for the departmental Internet and Intranet required the ATIP Office’s approval. The work “mushroomed” as when assessing a form other privacy implications were discovered resulting in the need for a Class of Records, Class of Personal Information, Personal Information Bank (PIB), Privacy Notice Statement (PNS) and/or Privacy Impact Assessment (PIA). It should be noted that this area will increase even further when a similar process is implemented for all PDF forms.
During 2010-2011, the ATIP Office continued to ensure that all ATIP Analysts, regardless of their years of experience, received the necessary training and tools to do their job effectively via training sessions developed to meet the ATIP Office’s training needs and via a dedicated mentor/coach (a.k.a. Team Leader). The responsibilities of the Team Leaders are to ensure that there is a continuous and positive learning environment for employees’ proper development as ATIP specialists. Furthermore, learning plans have continued to be developed in consultation with each employee within the ATIP Office in order to effectively identify their training needs and to ensure that the necessary actions are taken to ensure that these needs are met.
The ATIP Office also continued to benefit from its ATIP Professional Development Program which is allowing DFAIT to “grow its own” ATIP Analysts due to the lack of experienced ATIP Analysts within the federal ATIP Community. This program has been very successful in addressing recruitment, retention and succession planning issues.
The creation of the new Policy & Governance Team has allowed the ATIP Office to address the training needs of the Department and of the ATIP Office on a full-time basis and to educate new employees as soon as they start working at DFAIT as well as ensuring the Department complies with all other aspects and regulations of the Access to Information Act and Privacy Act.
DFAIT’s Intranet ATIP website is always kept up-to-date and is accessible to those that may have questions regarding the ATIP process at DFAIT. The ATIP Office has also added many more reference tools such as customized Privacy Impact Questionnaires and all ATIP Tasking Instructions.
The ATIP Office implemented a structured and departmental-wide ATIP awareness program to ensure that officials across the Department understand their roles and responsibilities vis-à-vis ATIP. DFAIT has also expanded on the type of forums within which ATIP training is delivered, such as during staff meetings of subject-matter experts of Offices of Primary Interest (OPIs) and during DFAIT 101 courses, a course designed for employees that are new to the Department. ATIP sessions are also delivered during the various training sessions provided to employees leaving Canada in order to better prepare them to work at a mission. The trainer within the ATIP office also holds sessions with subject matter experts, during which records are reviewed in order to educate these employees on the exercise of discretion when making recommendations for severance.
New types of training sessions have also been developed using new technologies in order to ensure that the ATIP Office is able to capture a wider audience and to ensure that employees at mission also received the necessary training. For instance Access to Information Act and Privacy Act training sessions are being given to employees at missions (Locally Engaged Staff, Trade, Political and Consular Officers, as well as Administrative Assistants) using either videoconferencing or teleconferencing equipment.
Also, an online interactive ATIP tutorial has been developed in collaboration with the Canadian Foreign Service Institute. The tutorial consists of an awareness module; however, additional modules will be added in the near future. This is an important tool as it allows employees to receive training without additional resources being allotted to such efforts. DFAIT has also shared this tool with other Departments in hopes of assisting the federal ATIP community.
ATIP training sessions have also been provided in conjunction with Information Management officials as a test to evaluate the pros and cons of holding collaborative sessions, given the close relationship between ATIP and Information Management. Further discussions will be held in order to develop a more structured plan in order to provide such sessions in the future.
A new training presentation on section 15 of the Act (injury to international affairs) is currently in development which will be presented to the federal ATIP community via the Treasury Board Secretariat community meetings and training sessions. This presentation will educate other Departments on the responsibilities of DFAIT vis-à-vis both Acts when it comes to records that have international implications, and will therefore give other federal Departments a better idea as to when DFAIT should be consulted. This will help alleviate the high volume of consultations received by DFAIT and will help other federal departments in identifying what type of information and/or records should be sent to DFAIT as consultation.
The ATIP Office also refined the training program for ATIP Liaison Officers and subject-matter experts within Offices of Primary Interest (OPIs) across the Department. These training programs were advertised with all other training programs available via the Canadian Foreign Service Institute, and departmental messages were sent to all employees on a regular basis to advise of the opportunities for training. Employees were then able to register for these courses via an automated online service, which has improved the ATIP Office’s ability to deliver training.
In all, one hundred and thirty seven (137) separate ATIP Awareness training sessions were delivered during the reporting period by the ATIP offices at both DFAIT and Passport Canada, comprising of approximately one thousand three hundred and thirty seven (1337) employees, including:
Of all these participants that evaluated the training sessions delivered by DFAIT’s ATIP Office to Liaison Officers and their back-ups as well as sessions delivered to subject-matter experts within Offices of Primary Interest (OPIs), 89% of participants were very satisfied with the overall quality of the training, 90% of participants were very satisfied with the clarity of the information and 91% of participants felt that the trainer presented the information in a clear manner. Finally, 87% of all participants that evaluated the training sessions delivered felt that there was enough time allotted for these sessions to adequately address the material being presented.
During the reporting period, the ATIP Office also extensively revamped its Info Source training deck and delivered Info Source Training and Awareness sessions to Liaison Officers (LOs) and their back-ups. Follow up Q&A sessions were also scheduled, in addition to one-on-one sessions with senior staff members of the Offices of Prime Interest (OPIs). Fourteen (14) Info Source training sessions were held and attended by approximately 75 Liaison Officers. Of the 46 who returned an evaluation sheet from the training sessions, 43% felt the overall quality of the training was "excellent", 54% felt it was "good to very good" and .02% felt it was "unsatisfactory".
DFAIT’s ATIP Office continuously strives to refine its training tools and is very open to comments from employees participating in the various training session delivered. There are many plans in place to refine and enhance the effectiveness of current programs as well as to develop new ones.
Since the new streamlined processes were introduced in 2008 no significant changes were made to internal Access to Information Act processes or policies in 2010-2011. However, much attention has been placed to educate departmental officials on their ATIP roles and responsibilities to ensure compliance and efficiencies.
The Policy and Governance team did, however, make some revisions to its existing privacy-related policy instruments and initiated the drafting of new instruments which are better aligned with new and/or revised TBS’ ATIP-related policies. The policy instruments referred to herein include the PIA Protocol, PIA Checklist, Code of Fair Information Practices, Privacy Notice Statement Guidance Document, Disclaimer Guidance Document, etc. Some of these instruments have been completed, others require additional revisions and additional ones will also be initiated and completed as soon as possible.
The following are improvements that have been made over the last reporting year 2010-2011 as well as ongoing initiatives to improve the overall ATIP function at DFAIT:
These achievements were reflected in the "Acceptable" rating of the Management Accountability Framework (MAF) Round VIII assessment, the highest score reached by DFAIT since MAF was introduced. Also, the department received a "Strong" rating for ATIP Governance and Capacity.