Annual Report on the Administration of the Access to Information Act and the Privacy Act for the 2017 to 2018 fiscal year

From Employment and Social Development Canada

On this page

Alternate formats

  • Large print, braille, MP3 (audio), e-text and DAISY formats are available on demand by ordering online or calling 1 800 O-Canada (1-800-622-6232). If you use a teletypewriter (TTY), call 1-800-926-9105.

Executive summary

The mission of Employment and Social Development Canada (ESDC), including the Labour Program and Service Canada, is to build a stronger and more inclusive Canada, to support Canadians to live productive and rewarding lives and to improve Canadians’ quality of life. Many of the federal government’s largest and most well-known programs and services are provided by the Department in fulfillment of its broad mandate.

As a result, ESDC is a major user of personal information and other data in order to deliver key programs and services to Canadians as well as to deliver programs and services on behalf of other federal institutions. Moreover, ESDC operates within one of the most complex privacy regimes in government, within which it carries out the vast scale and scope of the Department’s collection, use, retention and disclosure activities. Given the magnitude of ESDC’s responsibilities, the protection of Canadians’ privacy rights and the safeguarding of personal information is a key priority for the Department.

As a federal institution, ESDC is subject to the Access to Information Act and the Privacy Act. Both Acts require the Department to submit an annual report to Parliament on their administration at the conclusion of every fiscal year. This consolidated report describes ESDC’s major strategic and operational highlights for both access to information and privacy during the reporting period.

Modernization and transformation were dominant themes in 2017-18. The fiscal year was characterized by legislative and policy reform processes for both access to information and privacy. Change is underway in ESDC as well — the Department launched its Service Transformation Plan with the goal of leaping forward in the way programs and services are delivered in order to meet the current and evolving needs of Canadians.

To complement this work, the Department moved to strengthen the management of privacy in ESDC by:

  • Supporting Privacy Act reform activities and undertaking extensive consultations within the Department to identify opportunities that could be addressed in the Act to improve programs and services for Canadians; and
  • Initiated a review of ESDC’s privacy governance architecture to ensure that the Department is positioned to respond proactively to advances in technology, the use of data, and the evolving nature of the risks to personal information.

With respect to access to information, activities focussed on legislative reform and the evolving complexity of access to information requests and processing functions. Initiatives to advance access to information included:

  • Engaging the Department to raise awareness about Access to Information Act reform to ensure that ESDC is prepared to comply with the anticipated amendments;
  • Supporting the Open Government initiative and exploring opportunities to proactively release material frequently requested under access requests; and
  • Modernizing access to information procedures across the Department towards improving analysis, reporting and proactive practices for searches and processing.

ESDC continues to experience some of the largest volumes of access to information and privacy requests among federal institutions. In the Treasury Board Secretariat’s 2016-17 ranking of Government of Canada institutions, the Department ranked sixth with respect to the volumes of access to information requests received, and third for the number of privacy requests (2017-18 rankings are not available at this time). During 2017-18, the total number of requests under both Acts increased by 2.2% from the previous fiscal year. The total number of pages processed under the Access to Information Act more than doubled to almost one million. Formal Privacy Act requests increased by 6% this past reporting period in comparison with 2016-17, with almost 800,000 pages processed. Even with this large workload, the Department’s initiatives to modernize and strengthen its business processes resulted in an 83% compliance rate for Access to Information Act requests (compared to 77% percent in 2016-17), while maintaining a 99% compliance rate for Privacy Act requests.

ESDC anticipates that the trend of large and increasing volumes of requests will continue in future years, in part because of the proposed proactive disclosure requirements for access to information. Ensuring that ESDC’s accesses to information and privacy request processes are efficient and effective will be important for the Department to continue to respond to requests in a timely manner.

These achievements, and detailed results described in this report, are a snapshot of the degree of responsibility, stewardship and effort that ESDC’s employees demonstrated every day to fulfill the Department’s legal responsibilities as well as to protect the information and privacy rights of Canadians.

1. Introduction

1.1 Presentation of the Report

Section 72 in both the Access to Information and Privacy Acts requires the head of a federal institution to submit an annual report to Parliament on the administration of each Act following the end of every fiscal year. The Department of Employment and Social Development (ESDC) is pleased to present its consolidated annual report on the administration of the Access to Information Act and the Privacy Act for the 2017-18 fiscal year to Parliament.

This year, the Department has developed a single report in order to provide greater contextualization of ESDC’s Access to Information Act and Privacy Act activities than could otherwise be reflected by separate submissions. The amalgamated format of this report provides a better representation of the hard work and accomplishments of ESDC’s dedicated professionals who administer both Acts.

1.2 About Employment and Social Development Canada

Employment and Social Development Canada (ESDC), which includes the Labour Program, and Service Canada, provides many of the federal government’s most well known programs and services. Because of the broad scope and national scale of its mandate, it is one of the largest and most decentralized federal departments, with over 21,000 employees across the country. Each day, ESDC interacts with thousands of Canadians by delivering services that play important roles in their lives. Canadians expect high-quality, easy-to-access, and secure services that are responsive to their needs, whether they are interacting online, through call centres, or in person.

ESDC’s programs and services affect Canadians throughout the course of their lives. For example, the Department provides pension income to seniors, supports unemployed workers, helps students finance their post-secondary education and assists parents who are raising young children. ESDC delivers many of the Government of Canada’s cornerstone programs and services, such as Employment Insurance, Old Age Security, the Canada Pension Plan, and the Canada Student Loans Program. Overall, the Department is responsible for delivering over $125 billion in benefits directly to individuals and organizations, which represent 95 percent of the Department's expenditures.

The Labour Program contributes to social and economic well-being by fostering safe, healthy, fair and inclusive work environments, and cooperative workplace relations in workplaces falling under federal jurisdiction. The Labour Program also supplies labour relations mediation services, enforces minimum working conditions, promotes decent work and fosters respect for international labour standards.

The Department’s service delivery arm, Service Canada, provides Canadians with a single point of access to ESDC programs and benefits, as well as other Government of Canada programs and services. It operates a network of 590 in-person points of service across the country comprising of 320 Service Canada Centres, 238 scheduled outreach sites and 32 stand-alone Passport offices. In addition to in-person services, Service Canada also serves the needs of Canadians online at Canada.ca, through the My Service Canada Account, and by telephone through “1-800 O-Canada” and its network of call centres.

While the primary focus of Service Canada’s regional service delivery network is the day-to-day operations of serving Canadians, it is uniquely placed to pursue collaborative efforts with local partners and other orders of government. It manages numerous formal arrangements with provincial and territorial governments, which undertake the delivery of substantial programs on behalf of ESDC.

1.3 Our Ministers

The activities of ESDC are governed by federal legislation and reflected in the mandates of its three Ministers:

  • The Honourable Jean-Yves Duclos, Minister of Families, Children and Social Development;
  • The Honourable Patty Hajdu, Minister of Employment, Workforce Development and Labour; and
  • The Honourable Kristy Duncan, Minister of Science and Minister of Sport and Persons with Disabilities.

The Honourable Jean-Yves Duclos is the Minister responsible for the purposes of the Access to Information Act, the Privacy Act, and the Department’s enabling legislation — the Department of Employment and Social Development Act (DESDA).

1.4 About the Access to Information Act and the Privacy Act

The Access to Information Act provides Canadian citizens and permanent residents with a right of access to information in records under the control of a government institution, subject to limited and specific exemptions and exclusions, and in accordance with the principle that government information should be available to the public.

The Privacy Act protects the privacy of Canadian citizens, permanent residents and individuals present in Canada with respect to personal information about themselves held by a government institution that is subject to the Act, and provides them with a right of access to that information. The Privacy Act sets out provisions for the collection, use, retention and disclosure of personal information by government institutions.

1.5 Personal information provisions in the Department of Employment and Social Development Act

In addition to the Privacy Act, the management of personal information by ESDC is governed by additional legislative obligations set out in the Department’s enabling Act. The Department of Employment and Social Development Act provides rules that apply to personal information that is obtained by ESDC. These provisions set out the conditions for:

  • disclosing personal information;
  • making available information contained in the social insurance register;
  • using personal information for internal policy analysis, research and evaluation purposes; and
  • disclosing personal information for research or statistical analysis.

The Department of Employment and Social Development Act also provides an offence provision for the inappropriate use and disclosure of personal information under the control of ESDC.

2. Organizational Structure

2.1 Corporate Secretary and Chief Privacy Officer

The Corporate Secretariat is responsible for the management of access to information and privacy operations, the development of privacy policy, and the provision of privacy advice and guidance in ESDC. The Branch’s effectiveness in these functions is founded on a comprehensive understanding of the Department’s business requirements by dedicated and experienced employees who are able to adapt to changing demands and seek innovative solutions to meet emerging challenges.

The Branch is headed by the Corporate Secretary who reports to the Associate Deputy Minister and is responsible for the administration of the Access to Information Act. The Corporate Secretary is also the Department’s Chief Privacy Officer (CPO). The CPO is the Department’s functional authority on all privacy matters, which includes the provision of authoritative advice and functional direction to all ESDC Branches and Regions. The CPO is responsible for the establishment of comprehensive privacy management frameworks, programs, privacy review processes, and risk-based approaches to the management of personal information. The Directors of the Privacy Management Division and the Access to Information and Privacy Operations Division report to the Corporate Secretary and provide support in the administration of both the Privacy Act and the Access to Information Act within ESDC.

Figure 1: Organization of the Access to Information and Privacy Functions in ESDC
description follows
Text description of Figure 1

This organizational chart displays a hierarchy beginning with the Corporate Secretary and Chief Privacy Officer of ESDC at the top. From this level, a dotted line leads to the bottom to the Regional Access to Information and Privacy Managers. Directly below the Corporate Secretary and Chief Privacy Officer are two levels: The Privacy Management Division and the Access to Information and Privacy Operations Division.

Directly below the Privacy Management Division are three units: the Policy and Risk Team, Compliance and Advisory Services and the Strategy and Planning Team. Directly below the Access to Information and Privacy Operations Division are also three units: the Operations Unit, the Incident Management and Legislative Disclosures Unit and the Strategic Issues Management Team.

2.2 Access to Information and Privacy Operations Division

The Access to Information and Privacy Operations Division (ATIP Ops) carries out the Department’s legislated requirements under the Access to Information Act, the Privacy Act and parts of the Department of Employment and Social Development Act. It leads and advises on the processing of all ESDC requests under the Access to Information Act, performs line-by-line reviews of records requested under the Access to Information Act and the Privacy Act, and delivers training and awareness sessions to Departmental employees on the administration of the Acts. The Director of ATIP Ops is the Department’s designated ATIP Coordinator. Approximately 16 ATIP Ops employees were dedicated to processing access to information requests in 2017-18.

The day-to-day administration of the Access to Information Act is a collaborative endeavor between ATIP Ops and the Department’s network of branch and regional Liaison Officers who support this work by undertaking searches, collecting records and making recommendations. The Liaison Officers play an intermediary role between ATIP analysts and subject matter experts located across ESDC’s programs. The regions also play an important role by processing the majority of privacy requests received at ESDC.

In addition, ATIP Ops provides responses to legal instruments, public interest disclosures and privacy complaints not related to the processing of Privacy Act requests. It is also responsible for determining when a privacy breach has occurred in the event of a security incident involving personal information. Finally, the Division provides leadership on both the Department’s preparations to implement the proposed Access to Information Act amendments and ESDC’s Open Information activities.

In addition to processing requests under the Access to Information Act, ATIP Ops also contributed to other Departmental-wide activities for which ATIP Ops advice and expertise is sought. For instance, ATIP Ops staff frequently reviews Proactive Disclosure (e.g., contracts, position reclassification, travel and hospitality expenses), informal requests (e.g., audits and administrative investigations) and Open Government publications (e.g., datasets) to identify sensitivities such as personal information and cabinet confidences. While these figures are not accounted for within this report’s statistical information, such collaborative arrangements are an important part of strengthening transparency and accountability.

2.3 Privacy Management Division

The Privacy Management Division (PMD) is the Departmental focal point for the management of ESDC’s privacy program. PMD supports the horizontal coordination and implementation of Departmental privacy policies and initiatives. It also manages the Department’s privacy risk management function — including the Privacy Impact Assessment (PIA) process — the development of information sharing agreements involving personal information, and the provision of privacy compliance advice for ESDC’s programs and services. In addition, PMD is also responsible for providing strategic and analytical privacy advice to ESDC’s senior leaders. The Department’s privacy awareness campaigns and personal information management training is also led by the Division. During the 2017-18 fiscal year, PMD had an average complement of 20 full time equivalents.

3. The Privacy Management Framework and Privacy Governance in ESDC

3.1 Privacy Management Framework

Given the importance of safeguarding personal information at ESDC, the Department has adopted, and continues to implement, a risk-based and proactive approach to privacy management that promotes the integration of privacy into program design and project planning. This approach emphasizes the importance of building privacy directly into the architecture of programs, systems, technologies and business processes. ESDC’s Privacy Management Framework consists of five key elements, as described in the following table.

Table 1: ESDC’s Privacy Management Framework
Element Definition
Governance and Accountability Roles and responsibilities for privacy management are clearly defined to meet legal requirements, regulations, policies, standards and public expectations.
Stewardship of Personal Information Appropriate privacy protections are implemented to manage personal information through its life cycle.
Assurance of Compliance Formal processes and practices are established to ensure adherence to privacy specifications, policies, standards and laws.
Effective Risk Management Structured and coordinated risk assessments are conducted to limit the probability and impact of negative events and maximize opportunities through risk identification, assessment and prioritization.
Culture, Training and Awareness The protection of personal information is a core organizational value and is fundamental to maintaining the public’s trust. Formal privacy training and awareness activities promote a privacy-aware organization that values the protection and stewardship of personal information.

3.2 Departmental Policy on Privacy Management

The purpose of Departmental Policy on Privacy Management (DPPM) is to sustain a robust privacy regime for the protection and judicious use of personal information within ESDC. The policy defines the roles and responsibilities for privacy, further stating that all employees are responsible for safeguarding and protecting personal information under their custody and control. The DPPM also specifies functional responsibilities and accountabilities for senior management. These include the CPO, the Departmental Security Officer, and the Departmental IT Security Coordinator.

The expected results from the application of the DPPM include the sound management and safeguarding of personal information within the Department, robust practices for the identification, assessment and management of risks to personal information, and the establishment of clear accountabilities, governance structures and mechanisms to protect and manage personal information in ESDC.

3.3 Privacy Governance at ESDC

In addition to the authorities and mandate of the Chief Privacy Officer, ATIP Ops and PMD, ESDC uses a committee structure to support privacy governance, risk oversight, and decision-making in the Department. ESDC’s primary governance committee for privacy and the safeguarding of personal information is the director general-level Privacy and Information Security Committee (PISC). Co-chaired by the Chief Privacy Officer and ESDC’s Departmental Security Officer, PISC is mandated to review matters related to privacy and the protection of personal information. The Committee supports the horizontal coordination and prioritization of issues, plans, and strategies related to the management and protection of personal information. PISC is supported by the Databank Review Working Group, which reviews the use of personal information for non-administrative purposes, namely policy analysis, research and evaluation activities.

PISC reports to the Assistant Deputy Minister-level Corporate Management Committee (CMC), which is responsible for overseeing the Department’s management agenda, including the operationalization of the ESDC’s security measures. Chaired by the Associate Deputy Minister, CMC is composed of Branch and Region heads as well as the Department’s senior leaders of key functional activities.

4. Delegations

Section 73 of both the Access to Information Act and the Privacy Act empower the head of an institution to delegate any of the powers, duties or functions assigned to him or her by these Acts to employees of that institution. Delegation orders set out the powers, duties and functions for the administration for each Act that have been delegated by the head of the institution and to whom delegation has been assigned. The approved delegation instruments are reproduced in Annex A.

5. Initiatives and Procedures

5.1 Access to Information Activities and Initiatives

ESDC undertook a number of access to information activities over the reporting period, most notable of which was the development of a strategy to prepare ESDC for the anticipated legislative and policy changes resulting from Access to Information Act reform. There were also important initiatives undertaken to support the Open Government agenda and to improve access to information request processing to meet increasing volumes.

Access to Information Act Reform: Implementation Readiness

The proposed legislative reform of the Access to Information Act would consist of several changes to the daily administration of the Act, and would entrench into law provisions to disclose frequently requested information proactively. To meet the anticipated obligations, ESDC created an intradepartmental working group to ensure Departmental readiness to comply with the proposed amendments. The working group reviewed business processes with a view to eliminate barriers in support of the daily administration of the Act, ensured awareness across Branches and Regions about upcoming reform and shared best practices for compliance with the new requirements. ATIP Ops also proactively engaged ESDC Branches and Regions to raise awareness across the Department about the implications of Access to Information Act reform, and continues to provide strategic support to the Treasury Board Secretariat on Access to Information Act reform.

Open Government

Open Government is a federal initiative to increase openness, transparency and accountability through greater public access to government data and information. This includes providing access to data, information and digital records in a manner that makes them easy to locate and reuse. With support from ESDC’s Innovation, Information and Technology Branch, ATIP Ops led the Department’s Open Information component of the Open Government initiative. Together with key partners and stakeholders, ATIP Ops explored linkages across access to information, proactive disclosure and Open Information to leverage opportunities. For example, through the intradepartmental working group referenced above, ESDC has reviewed processes and identified solutions towards simplifying the proactive disclosure of frequently requested information.

Process Modernization

With an emphasis on modernization and innovation, the same intradepartmental working group that was tasked with Access to Information Act reform and the Open Government initiative, was leveraged to provide an integrated approach to identify challenges and develop solutions for ATIP processes. ESDC started implementing these improvements based on the working group’s recommendations and identified best practices. For example, ATIP Ops is now proactively tasking Branches on a monthly basis for lists of briefing material prepared for ESDC’s Ministers and senior leaders and is seeing improvements in the timeliness of responses. Improvements have also been made to reporting and monitoring processes to help the Department’s Branches and Regions meet legislated deadlines.

5.2 Privacy Activities and Initiatives

In 2017-18, ESDC continued to advance a proactive, risk-based approach to privacy management and to support the development of a culture of “stewardship” within the Department for personal information under ESDC’s control. The reporting year was highlighted by strategic activities designed to position ESDC to support service delivery innovation and meet the challenges of a constantly evolving privacy environment that is driven by rapid technological change. Importantly, an underlying objective of these initiatives is to strengthen the identification and assessment of privacy-related risks as well as to improve processes to oversee that mitigations are in place.

The following are highlights of key ESDC privacy activities and accomplishments during 2017-18:

Privacy Act Reform

ESDC has been working closely with officials from the Department of Justice on its Privacy Act reform initiative given its significance to ESDC in both its day-to-day activities and its transformation agenda. It invited Justice Officials to speak at key ESDC governance committees and to participate in ESDC’s service transformation workshops along with other federal institutions with service delivery mandates. More importantly, the Department undertook an extensive internal consultation to identify opportunities that could be addressed in an updated Privacy Act that would help improve the Department’s programs and services for Canadians.

Privacy Governance Review

In late 2017-18, ESDC initiated a review of its privacy governance architecture to ensure that the Department is able to respond to the evolving nature of, and risks to, the use of personal information resulting from the advances in technology and the increased use of data. ESDC’s privacy governance mechanisms also have to be positioned to support the Department’s service transformation initiative. The review’s scope includes the committee structure and approval authorities. It is expected to be completed in 2018-19.

Privacy Impact Assessments

In accordance with the Treasury Board’s Directive on Privacy Impact Assessments, ESDC is required to conduct a PIA before establishing any new or substantially modified program or activity involving the administrative use of personal information. Among a PIA’s purposes, the identification and assessment of risks to privacy and the articulation of a risk mitigation plan are among the most important.

In 2017-18, ESDC completed 11 PIAs. Copies of approved PIA reports were provided to the Treasury Board Secretariat, and to the Office of the Privacy Commissioner. Summaries of these PIAs can be found in Annex B. ESDC is preparing to post these summaries on its website.

Provision of Privacy Advice and Guidance

In addition to Privacy Impact Assessments, PMD provided privacy advice and undertook privacy compliance reviews for Departmental programs and initiatives. The Division responded to 334 requests for privacy policy advice and compliance reviews on various products and material such as information sharing agreements, consent forms, privacy notice statements, contracts, statements of work, forms, and surveys and questionnaires. The Division also provided privacy policy advice for many Treasury Board submissions and Memoranda to Cabinet.

Information Sharing Agreements Involving Personal Information

An Information Sharing Agreement (ISA) is a written arrangement between parties that outlines the terms and conditions under which personal information is shared between them. Part 4 of the Department of Employment and Social Development Act sets out the provisions for the sharing of personal information under limited and specific circumstances. During the 2017-18 fiscal year, PMD provided advice and guidance to program areas on 129 ISAs and assisted in the completion of an additional 62 agreements.

Update to Information about Programs and Information Holdings

ESDC maintains an inventory of its personal information holdings as well as relevant details about personal information under its control (formerly known as Info Source). This compilation assists individuals to exercise their rights under the Privacy Act as well as the Access to Information Act.

In 2017-18, ESDC completed a comprehensive review and updated the Department’s information on its programs and information holdings, which included an assessment of the content and revisions to the descriptions where required. The Department will publish the update in 2018-19. In this update, 32 Personal Information Bank descriptions will be amended, nine new ones will be added and 39 sub-programs and class of records will be revised.

6. Performance Reporting

The key 2017-18 performance data for the Access to Information Act and the Privacy Act is presented in the summary tables below. The detailed Statistical Reports for both Acts are found in Annex C.

6.1 Requests and Consultations: Total Volume

In terms of workload, in 2017-18 ESDC experienced an increase (2.2%) overall in terms of the total number of access to information and privacy requests and requests for consultations compared to the previous fiscal year.

Figure 2: Access to Information Act (ATIA), Privacy Act Requests and Consultations: Total Volume Received
description follows
Text description of Figure 2
Fiscal Year Requests received under the Access to Information Act Requests Received under the Privacy Act Requests for Consultations received under the Access to Information Act Requests Received under the Privacy Act Total Requests Received  
2014 to 2015 1,160 7,998 157 11 9,326
2015 to 2016 1,572 8,353 163 25 10,113
2016 to 2017 2,268 8,353 185 8 10,814
2017 to 2018 1,942 8,852 220 35 11,049

In 2017-18, although access to information requests decreased slightly, privacy requests increased and have done so steadily since 2014-15 representing a significant portion of the ATIP workload for the Department.

Table 2: Summary of Requests under the Access to Information Act
Activity 2014-15 2015-16 2016-17 2017-18
Formal requests received under the Access to Information Act 1,160 1,572 2,268 1,942
Requests completed during the reporting period 1,055 1,439 2,276 1,899
Number of pages processed 139,549 257,249 438,368 970,992
Number of requests completed within legislated timeframes (including extensions) 799 1,178 1,748 1,567
Number of requests completed beyond legislated timeframes 256 261 528 332
Proportion of requests that were responded to within legislated timeframes 76% 82% 77% 83%
Complaints to the Information Commissioner 29 42 23 40
Table 3: Summary of Requests under the Privacy Act
Activity 2014-15 2015-16 2016-17 2017-18
Formal requests received under the Privacy Act 7,998 8,353 8,353 8,852
Requests completed during the reporting period 7,781 8,240 8,510 8,817
Number of requests completed within legislated timeframes (including extensions) 7,539 8,033 8,439 8,728
Number of requests completed beyond legislated timeframes 242 207 71 89
Proportion of requests that were responded to within legislated timeframes 97% 98% 99% 99%
Public interest disclosures 211 230 300 329
Material privacy breachesFootnote 1 3 18 141 128
Complaints to the Privacy Commissioner 18 12Footnote 2 22 15

6.2 Total Requests Received and Completed

Access to Information Act

In 2017-18, ESDC received 1,942 requests under the Access to Information Act, a 14% decrease from the previous reporting year when the Department received 2,268 requests. This is the first time in recent years that ESDC did not experience a significant increase in the number of requests received. This decrease can, in part, be attributed to a new business process whereby certain access requests that should have been submitted as privacy requests were transferred to the regions for processing as privacy requests. Between December 1, 2017 and March 31, 2018, 119 access requests converted to privacy requests were transferred from National Headquarters to the regions.

Figure 3: Requests received and completed, Access to Information Act
description follows
Description of figure 3
Year Received Completed
2014 to 2015 1,160 1,055
2015 to 2016 1,572 1,439
2016 to 2017 2,268 2,276
2017 to 2018 1,942 1,899

Privacy Act

In 2017-18, ESDC received 8,852 requests under the Privacy Act, a 6% increase from the previous reporting year, when the Department received 8,353 requests. The Department has experienced an 11% increase over the past four years. In addition, the number of requests completed by ESDC increased by 4% from 8,510 requests completed in the 2016-17 fiscal year to 8,817 requests in the 2017-18 fiscal year.

Within ESDC, privacy requests typically originate from clients seeking a copy of records (e.g., relating to their Canada Pension Plan file) as well as from federal employees seeking to obtain a copy of their personal information.

Figure 4: Requests received and completed, Privacy Act
description follows
Description of figure 4
Year Received Completed
2014 to 2015 7,998 7,781
2015 to 2016 8,353 8,240
2016 to 2017 8,353 8,510
2017 to 2018 8,852 8,817

6.3 Requests by Calendar Days taken to Complete

Access to Information Act

In 2017-18, ESDC continued to improve its processing performance for requests made under the Access to Information Act and completed a majority of requests within the first 30 days. A total of 1,081 requests (57%), were completed within the first 30 days compared to 53% in 2016-17.

Figure 5: Access to Information Act requests by calendar days taken to complete
description follows
Description of figure 5
Year 30 Calendar Days 31-60 Calendar Days 61 or more Calendar  Days
2014 to 2015 447 312 296
2015 to 2016 787 352 300
2016 to 2017 1,200 516 560
2017 to 2018 1,081 371 447

Privacy Act

In 2017-18, ESDC continued to improve its processing performance for requests made under the Privacy Act as well as completed a substantial majority of requests within the first 30 days. A total of 8,595 (99%) requests were completed within the first 30 days.

Figure 6: Privacy Act requests by calendar days taken to complete
description follows
Description of figure 6
Year 30 Calendar Days 31-60 Calendar Days 61 or more Calendar  Days
2014 to 2015 6,983 663 135
2015 to 2016 7,169 999 72
2016 to 2017 8,237 252 24
2017 to 2018 8,595 179 43

6.4 Timeframes

Access to Information Act

In 2017-18, the Department met legislated timelines for 1,567 requests made under the Access to Information Act. Despite the fluctuation of resources over the course of the reporting year and number of pages processed, the majority of requests continued to be completed within legislated timeframes with a compliance rate of 83%. This represents an increase of six percentage points compared to the Department’s 2016-17 compliance rate (77%) and suggests that the Department’s business process redesign, increased monitoring and capacity-building activities started in the previous fiscal year are bearing fruit.

Institutions may apply for an extension beyond the original 30-day statutory timeframe in cases where meeting the statutory date is not feasible due to the volume of pages to be processed; where consultation is required that could not reasonably be conducted within the initial 30 days or; where notice is given to a third party. In 2017-18, ESDC requested 456 extensions.

ESDC was unable to meet legislated timelines for 332 requests during the reporting year which is an improvement from the previous year when the Department was unable to meet legislated timelines for 528 requests.

Figure 7: Number of requests processed within and beyond legislated timeframes, Access to Information Act
description follows
Description of figure 7
Year Within Beyond
2014 to 2015 76% 24%
2015 to 2016 82% 18%
2016 to 2017 77% 23%
2017 to 2018 83% 17%

Privacy Act

In 2017-18, ESDC met legislated timelines for 8,728 requests, which represents a compliance rate of 99%, a performance similar to the previous reporting year. ESDC was unable to meet legislated timelines for 89 requests during the reporting year.

Institutions may apply for an extension beyond the original 30-day statutory timeframe in cases where meeting the statutory date is not feasible due to the volume of pages to be processed; where consultation is required that could not reasonably be conducted within the initial 30 days or; for translation purposes or to convert a record to another format. In 2017-18, ESDC requested 76 extensions.

Figure 8: Number of requests processed within and beyond legislated timeframes, Privacy Act
description follows
Description of figure 8
Year Within Beyond
2014 to 2015 97% 3%
2015 to 2016 98% 2%
2016 to 2017 99% 1%
2017 to 2018 99% 1%

6.5 Timeframe Monitoring

Access to Information Act

Except for certain circumstances that allow for extensions, the Access to Information Act contains a statutory timeline of 30 calendar days (about 20 working days) to provide responses to requests. ESDC’s ATIP Ops has a long-standing history of keeping senior management informed throughout the process when responding to Access to Information Act requests. Given the legislated timeframes and ESDC’s commitment to respecting both the letter and spirit of the Access to Information Act, the Department established the following process and responsibilities:

Table 4: Employment and Social Development Canada's Timeframe Monitoring
Goal-based strategies in order to respect ESDC’s process and commitments
Roles and Responsibilities Description
Retrieval of Relevant Records and Formulation of Recommendations Once a request is received, it is tasked to the relevant branches and/or regions, the Offices of Primary Interest (OPIs). The OPIs have eight working days to retrieve all responsive records and present them, along with any recommendations, to ATIP Ops.
Line-by-line Review of the Responsive Records ATIP Ops has eight working days to complete a thorough line-by-line review of the records and to invoke any applicable exemptions and/or exclusions.
Advance Release Notice Key stakeholders receive a notification that the release package has been posted electronically on a secure internal web site at least four working days prior to the scheduled release date. This mechanism allows all implicated parties to review the information prior to release.

In support of timeframe monitoring, ATIP Ops generates a weekly “look ahead” report that is shared with the Minister’s Office, Deputy Minister’s Office, and ADMs (e.g., ADMs for legal services and communications) that provides an overview of upcoming releases. As well, a quarterly report that captures key ATIP processing performance indicators is shared with all DMs and ADMs within the Department. Additionally, ATIP Ops began sharing individual access to information performance reports with each branch and region, a process change which began in summer 2017. These improvements position branches and regions to be more proactive in the monitoring of tasked access to information requests.

Privacy Act

ESDC’s regional offices manage the majority of the privacy request workload and prepare weekly reports concerning new requests, workload and status for the tracking of on-time performance for privacy requests. Regional offices also produce performance reports on a monthly, quarterly and yearly basis. These reports provide regional management (Managers and Team Leaders) with the performance status for their specific region.

6.6 Pages Processed and Disclosed

Access to Information Act

In 2017-18, the Department experienced a significant increase from the previous fiscal year in terms of the total number of pages of documents processed and disclosed for requests under the Access to Information Act (see graph below). This is in line with the trend observed since 2014-15. Of the 970,000 pages processed this fiscal year, 774,731 pages were released in response to one request involving data sets. Although this type of request does not require extensive line-by-line review prior to disclosure, it still requires sufficient internal capacity and resources to process requests involving data sets.

Figure 9: Number of pages processed and number of pages disclosed, Access to Information Act
description follows
Description of figure 9
Year Processed Disclosed
2014 to 2015 139,549 121,801
2015 to 2016 257,249 216,929
2016 to 2017 438,368 410,089
2017 to 2018 970,992 943,669

Privacy Act

On the privacy side, the total number of pages of documents processed for requests slightly decreased, while the total number of pages disclosed in the 2017-18 fiscal year slightly increased. During the reporting period, 798,436 pages were processed for exemptions and exclusions which represented a decrease of 3% from the previous fiscal year when 818,954 pages were processed. Out of the total number of pages processed, 771,256 pages were disclosed which is a small increase from the previous year when 769,173 pages were disclosed.

Figure 10: Number of pages processed and disclosed, Privacy Act
description follows
Description of figure 10
Year Processed Disclosed
2014 to 2015 633,787 603,090
2015 to 2016 789,762 740,582
2016 to 2017 818,954 769,173
2017 to 2018 798,436 771,256

6.7 Sources of Requests under the Access to Information Act

In 2017-18, the most common source of requests under the Access to Information Act was from the media (649), followed by the general public (611) and business/private sector (357). This trend continued from the previous fiscal year where the media was the main source of requesters. Lists of briefing notes and the actual briefing note documentation have been the most common type of material requested.

During the reporting period, 8% (162) of requesters declined to identify themselves, which represents a decrease of 12 percentage points from 2016-17 when 20% (445) of requesters declined to identify themselves.

Table 5: Sources: Number of Requests and Percentage of Total Requests
Source 2014-15 2015-2016 2016-2017 2017-2018
Media 156 (13%) 257 (16%) 670 (30%) 649 (33%)
Academia 14 (1%) 19 (1%) 22 (1%) 39 (2%)
Business/Private Sector 436 (38%) 395 (25%) 438 (19%) 357 (18%)
Organization 220 (19%) 105 (7%) 113 (5%) 124 (6%)
Public 286 (25%) 492 (31%) 580 (26%) 611 (31%)
Decline to Identify 48 (4%) 304 (19%) 445 (20%) 162 (8%)

Exemptions and Exclusions

ESDC is one of the largest holders of personal information in the Government of Canada which affects the frequency in with which certain exemptions and exclusions are applied under the Access to Information and Privacy Acts.

Access to Information Act

Exemptions

While the Access to Information Act gives a right of access to records held by government institutions, information within these records may be withheld by applying limited and specific exemptions.

Due to the nature of ESDC’s mandate, most of the information under the Department’s control contains personal information about individuals and must be withheld under the mandatory exemptions set out in section 19 (Personal information) unless certain conditions are met. Although section 21 (Advice) was not the most frequently applied exemption for the 2017-18 fiscal year, it continued to represent a significant percentage of the total (applied in 362 instances). This can be attributed to the number of requests for briefing notes.

The following table (Table 6) outlines the most frequently invoked exemptions during the past four fiscal years.

Table 6: Number of Requests and Percentage of Total Exemptions
Section 2014-15 2015-2016 2016-2017 2017-2018
s. 19 - Personal information 347 (31%) 405 (29%) 501 (23%) 385 (27%)
s. 16 - Law enforcement and investigations 214 (19%) 193 (14%) 269 (13%) 149 (10%)
s. 20 - Third party information 174 (15%) 170 (12%) 229 (11%) 152 (11%)
s. 21 - Advice and recommendations 202 (18%) 247 (18%) 658 (31%) 362 (25%)
s. 24 - Statutory prohibitions against disclosure 74 (7%) 170 (12%) 186 (9%) 149 (10%)

Exclusions

The Access to Information Act allows for the exclusion of certain types of information, specifically records that are already available to the public (section 68) and confidences of the Queen’s Privy Council for Canada (section 69), which require consultation with the Department of Justice. In 2017-18, ESDC excluded records based on section 69 for 137 requests.

Privacy Act

Exemptions

While the Privacy Act gives a right of access to records held by government institutions, information within these records may be withheld by applying limited and specific exemptions.

Due to the nature of ESDC’s mandate and its personal information holdings, the exemption under the Privacy Act that was applied most frequently is section 26, which protects personal information about another individual as defined by section 3 of the Act. This exemption occurred in 5,898 instances of completed requests during the 2017-18 reporting year.

Exclusions

The Privacy Act allows for the exclusion of certain types of information such as records that are already available to the public (section 69) and confidences of the Queen’s Privy Council for Canada (section 70). For 2017-18, ESDC did not exclude any records for requests under the Privacy Act.

6.8 Consultations received from other Government of Canada Institutions and Other Organizations

Access to Information Act

In 2017-18, ESDC received 220 external consultation requests, which originated from other Government of Canada institutions and other organizations and required a review of an additional 11,567 pages. This is a significant increase from the previous fiscal year during which ESDC received 173 requests for external consultations and reviewed an additional 5,164 pages.

The Department was able to close 210 requests for consultations of which 124 (59%) were completed within 30 days. More than half (145 or 69%) resulted in a recommendation to disclose the records in their entirety and 45 recommended that the consulting institution or organization disclose in part.

Privacy Act

ESDC received 35 external consultation requests in 2017-18, which originated from Government of Canada institutions and other organizations, requiring an additional review of 5,355 pages. This is a significant increase from the previous reporting year when ESDC received only eight requests for external consultations and reviewed an additional 132 pages.

The Department was able to close 34 requests for consultations of which 29 (85%) were completed within 30 days. In addition, 23 (68%) of the consultations resulted in a recommendation to disclose the records entirely and 11 (32%) recommended that the consulting institution or organization disclose in part.

6.9 Requests for the Correction of Personal Information under the Privacy Act

Under the Privacy Act, individuals have a right to request the correction of any erroneous personal information pertaining to them that is retained by a government institution, provided that the individual can adequately substantiate the request. ESDC accepted three requests for correction of personal information in 2017-18.

7. Complaints, Investigations and Court Actions

7.1 Access to Information Act

During the 2017-18 reporting period, the Department was notified by the Office of the Information Commissioner of 40 access complaints. The Department received findings on 27 complaints. There were no court actions during the reporting period. Please see Table 7 for more information / analysis on the nature of complaints and findings.

7.2 Privacy Act

During the 2017-18 reporting period, the Department was notified by the Office of the Privacy Commissioner of 29 privacy complaints. The Department received findings on 43 complaints. There were no court actions during the reporting period. Please see Table 7 for more information and analysis on the nature of complaints / findings.

Table 7: Complaints, Investigations and Court Actions, 2017-18
Access to Information Act Privacy Act
Complaints
Complaints received 40 29

Denied access

8 6

Unreasonable time extension

7 0

Processing delays

9 4

Improperly applied exemptions

9 0

Use and disclosure

NA 2

Complaints resolved or ongoing through “early resolution”

7 17
Investigations
Findings received 27 43

Well-founded

8 8

Not well-founded

0 7

Complaints resolved during investigation

0 1

Complaints resolved informally

13 21

Discontinued

6 6
Court Actions
Number of court actions 0 0

8. Internal Audits

8.1 Access to Information-related Audits

Audit of the Access to Information Process

In 2016, ESDC undertook an internal audit on the administration of access to information to determine whether processes are operating as intended and in compliance with the Access to Information Act. While the audit concluded that the ESDC access to information function complies with the Act, opportunities were identified to improve oversight, increase timeliness of responses, address resourcing challenges, augment data integrity and to move forward with initiatives to modernize the access to information function. ATIP Ops committed to implementing the audit’s recommendations, and over the last two years has actively pursued activities to continue to increase compliance and respond to access to information requests more efficiently.

During 2017-18, ATIP Ops focused on increasing capacity, addressing backlogs, engaging with senior management and continuing access to information trend and data analysis reporting to support operations. It worked closely with the broader Government of Canada ATIP community to identify long-term solutions for access to information analyst recruitment, training and retention of skilled resources.

On a priority basis, ATIP Ops followed up on the internal audit recommendations throughout the reporting period and successfully implemented all audit recommendations by the end of fiscal year 2017-18, and therefore, managed to increase its access to information compliance rate. Going forward, the Division will continue to pursue modernization activities to strengthen the Department's access to information function.

8.2 Privacy-related Audits

Through its audit plan, ESDC continued to address the management of risks to privacy and the safeguarding of personal information with targeted examinations. During 2017-18, PMD was involved in the following audits, elements of which will be ongoing at the start of the 2018-19 fiscal year:

Audit of Risk Management Practices

PMD was consulted and asked to provide feedback to ESDC’s Internal Audit Services Branch regarding the risk management processes used by the Corporate Secretariat and the Department. The objective of the audit was to provide assurance to senior management that ESDC’s risk management framework and practices were adequate, functioned as intended and supported informed decision-making. The audit was still ongoing at the end of the 2017-18 reporting period.

Audit of the Management and Implementation of Select Privacy Impact Assessments (PIAs)

The objective of the audit was to determine whether the PIA approach resulted in the implementation of privacy practices that complied with legal and policy requirements. The audit was conducted using a number of methodologies including document reviews and analyses, interviews with management and staff from PMD, ESDC’s branches and Ontario and Québec Regions, as well as judgmental and risk-based sampling and review of 15 PIAs.

Since the audit was not concluded at the end of 2017-18, the results of the examination will be described in the 2018-19 Annual Report.

9. Public Interest Disclosures

In accordance with section 8(2) of the Privacy Act, Part 4 of the Department of Employment and Social Development Act takes precedence over the Privacy Act concerning to the use and disclosure of personal information. ESDC’s disclosures in the public interest are not made under section 8(2)(m) of the Privacy Act, but under section 37(1) of the Department of Employment and Social Development Act. This section states that personal information may be disclosed “…if the Minister is of the opinion that the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure or that disclosure would clearly benefit the individual to whom the information relates.” As with public interest disclosures under the Privacy Act, these disclosures were reported to the Office of the Privacy Commissioner (OPC).

In 2017-18, the Department approved the disclosure of personal information in the public interest in 329 instances. The Department processed 288 public interest disclosures in the regions, which involved individuals who were threatening to harm themselves or others. In instances where there is an imminent threat to the safety and security of individuals, regional employees have the delegated authority to make the disclosures. Given the urgency of these situations, the OPC is informed after the disclosure is made.

ATIP Ops approved the disclosure of personal information in an additional 41 cases. Of the 41 cases, the OPC was informed prior to the disclosure in 29 instances (verbally with a follow up letter, or by letter only), and by letter after the disclosure in 12 occasions.

Table 8: Public Interest Disclosures
Reason for Disclosure Number of Disclosures
Regional disclosures 288
NHQ disclosures

Homicide investigation

3

Locate an individual/next of kin

6

Fraud/suspected elder abuse

4*

Violence/threat of violence/bomb threat/vandalism

13

Missing person

6

Suicide threat/self-harm/wellness check

5

Other

4
Subtotal 41
TOTAL 329

*In one instance, disclosure was authorized and the Department had notified the OPC in advance by letter. The information was not disclosed.

10. Material Privacy Breaches

A privacy breach refers to the improper or unauthorized collection, use, disclosure, retention or disposal of personal information. According to the Treasury Board Secretariat, “a material privacy breach has the highest risk impact and is defined as involving sensitive personal information; and could reasonably be expected to cause serious injury or harm to the individual and/or involves a large number of affected individuals”.

Because of the scope and breadth of ESDC’s mandate, the Department has one of the largest personal information holdings in the Government of Canada. For some ESDC programs, detailed and often sensitive personal information is needed to determine program eligibility or to receive benefits and services. Personal information is handled by a large number of employees to deliver services across the country by using ESDC’s numerous IT systems and databases. Moreover, the personal information held by the Department is sought by, and disclosed to, a large number of partners and stakeholders for many purposes, including the delivery of their programs, the determination of the eligibility for federal and provincial programs and benefits, the authentication of individuals, identity management, research and statistics, integrity operations, performance management, and legal proceedings. In short, the magnitude and complexity of ESDC’s personal information management responsibilities are considerable, and are characterized by millions of transactions that involve personal information every year.

In 2017-18, there were 128 material breaches representing a 9% decrease compared to 141 breaches in 2016-17 (See Table 9 below). These breaches were the result of operational processes such as information lost in transit in the postal system.

Over the last three years, additional time and resources have been invested to foster a privacy-aware organization through formal privacy training and awareness activities. The Department continues to explore ways to reduce the number of breaches. For example, in 2018-19, the Canada Student Loans Program will implement an e-delivery model for its Master Student Financial Assistance Agreement (MSFAA) which will result in enhanced self-service capabilities for full-time students. In the first phase of enhancements, identity verification, as well as document signing and submission will be possible to perform electronically. This will eliminate the need to send paper documentation by mail, thereby, significantly reducing the risk of misdirected documents.

Additionally, the Department will also work closely with its Passport Operations partners — Immigration, Refugees and Citizenship Canada, Global Affairs Canada and Canada Post — to clarify accountabilities for the reporting of passport breaches, as recommended in the Privacy Commissioner’s 2016-2017 Annual Report to Parliament on the Personal Information Protection and Electronic Documents Act and the Privacy Act.

Table 9: Material Privacy Breaches
No. of Material Breaches Summary and nature of Information breached Communication and notification strategies Actions undertaken in response
99 Individual program benefit applications were lost. Affected individuals were contacted by letter and/or phone to inform them of the breach.
  • Modernization activities are underway to provide a more secure way to submit documentation.
  • Individuals were asked to re-submit their applications and in some cases the cost of new documents, pictures and postage were reimbursed.
  • As per standard procedures, passports were cancelled and new passports issued at no charge.
  • Internal corrective measures were taken, including reminding employees of the importance of protecting personal information and the procedures for mailing.
29 Personal information (some included supporting documents) incorrectly shared with the wrong individuals, third parties. Personal letters were sent to affected individuals informing them of the breach.
  • Discussions with officers regarding proper handling procedures and safeguards when required.
  • Reminded of the importance and sensitivity of dealing with personal information.
  • Reminded of the security requirements when sending/carrying personal information.
  • Changes/modifications of procedures.
Total Number of Material Breaches: 128

11. Training and Awareness Activities

11.1 Privacy and Access to Information Training

ESDC has a comprehensive and mandatory online training strategy to educate, increase knowledge of, and raise awareness about the stewardship of information, which includes the management and safeguarding of personal information as a key component. As part of the Department’s commitment to maintain the security of its systems and to protect the personal information of its clients and colleagues, all ESDC employees are required to maintain valid certification in Stewardship of Information and Workplace Behaviours (SIWB). Launched in 2014, and updated in 2016, SIWB addresses access to information, information management, security, and values and ethics in addition to the management of personal information.

SIWB certification is valid for two years and must be maintained by all Departmental employees. In total, 24,288 employees (which include students, casuals, terms and indeterminate staff) were assigned to complete either the certification or re-certification, of which 20,613 employees (85%) successfully succeeded by the end of the 2017-18 fiscal year. ESDC will follow-up with the remaining employees in 2018-19.

In addition, the online training module, Privacy and Access to Information – It’s Everybody’s Business, has trained 9,113 employees since 2014-15, including 3,651 employees during the reporting period.

In addition to online training and certification, ESDC undertook a number of in-person or WebEx training sessions and activities to educate and increase knowledge of access to information and privacy for employees in the Department. Since 2014-15, the Department delivered 179 in-person sessions to 4,681 employees. In 2017-18, ESDC delivered 35 in-person sessions to 1,467 employees.

Figure 11: Online training sessions: Employees trained by fiscal year
description follows
Description of figure 11
Year Stewardship of Information and Effective Workplace Behaviours Privacy and Access to Information – It’s Everybody’s Business
2014 to 2015 13,800 1,356
2015 to 2016 1,678 1,742
2016 to 2017 20,613 3,651
Figure 12: In-person training sessions: Employees trained by fiscal year
description follows
Description of figure 12
Year Training Sessions Employees Trained
2014 to 2015 37 1,120
2015 to 2016 48 1,131
2016 to 2017 59 963
2017 to 2018 35 1,467

11.2 Access to Information Awareness

During 2017-18, 10 training sessions were held in the National Capital Region, consisting of 240 participants, while another eight sessions were held in the Regions, totalling 307 participants. ATIP Ops is working to improve its capacity to offer training sessions with the intention of increasing the number of sessions held in 2018-19. ATIP Ops has also engaged with individual Branches and Regions within ESDC (e.g., providing presentations to senior executives) to raise awareness on Access to Information Act reform and its implications for the Department’s proactive disclosure and access to information activities.

11.3 Privacy Awareness

Throughout 2017-18, the Department continued to promote practical, easy to understand, and readily available privacy-related information and guidance to employees to reinforce the application of appropriate privacy and personal information safeguarding practices. This included organizing various privacy-themed information events such as Privacy Awareness Month during May 2017, a Data Privacy Day in January 2018, and a series of specialized knowledge talks. During Privacy Awareness Month, information kiosks were set up and staffed, and hundreds of information pamphlets and brochures, which were developed by the Department and the Office of the Privacy Commissioner, were distributed to ESDC staff.

PMD also developed and introduced a streamlined privacy checklist tool to assess the degree of privacy engagement necessary for a given initiative. It is used during the early design stage, and often as part of the Memorandum to Cabinet and Treasury Board submission development processes. The use of the tool resulted in early engagements by PMD with the Department’s Branches which promoted meaningful discussions about, and a greater understanding of, an initiative’s privacy implications.

12. Moving Forward

According to the Treasury Board Secretariat’s 2016-17 Access to Information and Privacy Statistical Report, ESDC ranked sixth in 2016-17 out of all federal institutions in terms of number of access requests and pages disclosed and third with respect to privacy requests and pages disclosed. ESDC anticipates that the trend of a heavy demand for records under the control of ESDC, whether in the form of access requests or privacy requests, will continue in future years. With significant request volumes, pages released, Access to Information Act reform and new proactive disclosure requirements, having efficient business processes is more crucial than ever before if ESDC is to meet its goal of timely responses to Canadians who ask for access to government information or their own personal data.

ATIP Ops will also continue to support the Department’s Access to Information Act implementation readiness activities and help identify solutions to comply with the proposed proactive disclosure requirements. The Division will continue to pursue business process improvements in collaboration with Branches and Regions. ATIP Ops will also continue to use access to information trend analysis and will seek to expand Open Information publishing possibilities as well as prepare an access to information workforce that can meet future demands.

In terms of personal information management priorities, ESDC will continue to support current privacy legislative and policy reforms, implement changes related to the Department’s privacy governance review and actively support service transformation activities during the new fiscal year.

Annex A: Delegation Orders

Delegation order - Employment and Social Development Canada

The Minister of Employment and Social Development, pursuant to section 11 of the Department of Employment and Social Development Act, hereby designates the persons, officers or employees holding the positions with Employment and Social Development set out in the schedules attached hereto, or the persons, officers or employees occupying on an acting basis those positions, to exercise the powers or perform the duties or functions of the Minister or to exercise or perform the powers, duties or function of the head of the institution, as specified in the attached schedules.

  • Access to Information Act
  • Privacy Act

Original signed June 22, 2017 by the Honourable Jean-Yves Duclos, Minister of Employment and Social Development

Access to Information Act and Regulations: Delegation of Authority, Department of Employment and Social Development

Access to Information Act
Description Section Delegated Authority
Responsibility of government institutions 4(2.1)
  • Deputy Minister, Employment and Social Development Canada (ESDC)
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, Access to Information and Privacy (ATIP) Operations
  • Manager, Request Processing Unit, ATIP Operations
  • Team Leader, Request Processing Unit, ATIP Operations
  • ATIP Analyst, Request Processing Unit, ATIP Operations
  • Public Rights Advisor, Request Processing Unit, ATIP Operations
  • ATIP Program Officer, Request Processing Unit, ATIP Operations
  • Junior Analyst, Request Processing Unit, ATIP Operations
Notice where access requested 7(a)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Giving access to record 7(b)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Transfer of request to another government inst. 8(1)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
  • Team Leader, Request Processing Unit, ATIP Operations
Extension of time limits 9
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
  • Team Leader, Request Processing Unit, ATIP Operations
Payment of additional fees 11(2)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Payment of fees for EDP record 11(3)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Deposit 11(4)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Notice of fee payment 11(5)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Waiver or refund of fees 11(6)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Language of access 12(2)(b)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
  • Team Leader, Request Processing Unit, ATIP Operations
Access to alternate format 12(3)(b)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
  • Team Leader, Request Processing Unit, ATIP Operations
Refuse access – Obtained in confidence 13
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Refuse access – Federal-provincial affairs 14
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Refuse access – International affairs and defence 15
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Refuse access – Law enforcement and investigations 16
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Refuse access – Public Servants Disclosure Protection Act 16.5
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Refuse access – Safety of individuals 17
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Refuse access – Economic interests of Canada 18
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Refuse access – Economic interest of the Canada Post Corporation, Export Development Canada, the Public Sector Pension Investment Board and VIA Rail Canada Inc. 18.1
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Refuse access – Personal information 19
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Refuse access – Third party information 20
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Refuse access – Operations of Government 21
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Refuse access – Testing procedures, tests, audits 22
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Refuse access – Audit working papers and draft audit reports 22.1
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Refuse access – Solicitor-client privilege 23
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Refuse access – Statutory prohibitions 24
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Severability 25
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Information to be published 26
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Third party notification 26 27(1)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
  • Team Leader, Request Processing Unit, ATIP Operations
Third party notification – Extension of time limit 27(4)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
  • Team Leader, Request Processing Unit, ATIP Operations
Third party notification – Notice of decision 28(1)(b)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Third party notification – Waive representations in writing 28(2)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
Third party notification – Disclosure of record 28(4)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Where the Information Commissioner recommends disclosure 29(1)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Advising Information Commissioner of third party involvement 33
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Right to make representations 35(2)(b)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Access to be given to complainant 37(4)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Notice to third party (application to Federal Court) 37(4) 43(1)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
Notice to applicant (application to Federal Court by third party) 44(2)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
Special rules for hearings 52(2)(b)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
Ex parte representations (Federal Court) 52(3)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
Facilities for inspection of manuals 71(1)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
Annual report to Parliament 72
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
Access to Information Regulations
Description Section Delegated Authority
Transfer of request 6(1)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
  • Team Leader, Request Processing Unit, ATIP Operations
Search and preparation of fees 7(2)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Production and programming fees 7(3)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Providing access to records 8
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations
Limitations in respect of format 8.1
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary
  • Director, ATIP Operations
  • Manager, Request Processing Unit, ATIP Operations

Privacy Act and Regulations: Delegation of Authority, Department of Employment and Social Development

Privacy Act
Description Section Delegated Authority
Retention of a record of requests and disclosed records to investigative bodies under section 8(2)(e) of the Privacy Act. 8(4)
  • Deputy Minister, Employment and Social Development Canada (ESDC)
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Manager, ATIP Incident Management & Legislative Disclosures, ATIPOPS, NHQ
Retention of records of uses of personal information 9(1)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, Privacy Management
Notification of the Privacy Commissioner of any new consistent uses of personal information and ensure use is included in next statement of consistent uses set forth in the Index 9(4)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, Privacy Management, NHQ
Include personal information in personal information banks 10
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, Privacy Management, NHQ
Respond to request for access within 30 days and give written notice and, if access to be given, give access. 14
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • ATIP Officers (Regional ATIP)
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Extension of the 30 day time limit to respond to a privacy request. 15
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • ATIP Officers (Regional ATIP)
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Decision on whether to translate a response to a privacy request in one of the two official languages. 17(2)(b)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • ATIP Officers (Regional ATIP)
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Decision on whether to convert personal information to an alternate format 17(3)(b)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • ATIP Officers (Regional ATIP)
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Decision to refuse to disclose personal information contained in an exempt bank. 18(2)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIP Operations, NHQ
Decision to refuse access to personal information that was obtained in confidence from the government of a foreign state or institution, an international organization of states or an institution thereof, the government of a province or institution thereof, a municipal or regional government established by or pursuant to an Act of the legislature of a province or an institution of such a government, or the council, as defined in the Westbank First Nation Self-Government Agreement given effect by the Westbank First Nation Self-Government Act or the council of a participating in First Nation as defined in the First Nations Jurisdiction over Education in British Columbia Act 19(1)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Authority to disclose personal information referred to in 19(1) if the government, organization or institution described in 19(1) consents to the disclosure or makes the information public. 19(2)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • ATIP Officers (Regional ATIP)
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Refuse to disclose personal information that may be injurious to the conduct of federal-provincial affairs 20
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIP Operations, NHQ
  • Team Leaders, NHQ
Refuse to disclose personal information that may be injurious to international affairs or the defence of Canada or one of its allies. 21
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister and Chief Operating Officer for Service Canada
  • Associate Deputy Minister
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIP Operations, NHQ
  • Team Leaders, NHQ
Refuse to disclose personal information prepared by an investigative body, information injurious to the enforcement of a law, or information injurious to the security of penal institutions 22
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • ATIP Officers (Regional ATIP)
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Refuse to disclose personal information created for the Public Servants Disclosure Protection Act. 22.3
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
Refuse to disclose personal information prepared by an investigative body for security clearance. 23
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Refuse to disclose personal information that was collected by the Canadian Penitentiary Service, the National Parole Service or the National Parole Board while the individual was under sentence if the conditions in the section are met 24
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Refuse to disclose personal information which could threaten the safety of individuals 25
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
Refuse to disclose personal information about another individual and shall refuse to disclose such information where disclosure is prohibited under section 8 26
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS. NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • ATIP Officers (Regional ATIP)
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Refuse to disclose personal information that is subject to solicitor-client privilege. 27
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Refuse to disclose personal information relating to the individual’s physical or mental health where the disclosure is contrary to the best interests of the individual 28
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Receive notice of investigation by the Privacy Commissioner 31
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
Right to make representations to the Privacy Commissioner during an investigation 33(2)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Director, Privacy Management, NHQ
  • Manager ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • ATIP Officers (Regional ATIP)
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Receive Privacy Commissioner’s report of findings of an investigation and give notice of action taken 35(1)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • ATIP Officers (Regional ATIP)
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Provision of addition personal information to a complainant after receiving a 35(1)(b) notice. 35(4)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisors
  • ATIP Officers (Regional ATIP)
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Receive Privacy Commissioner’s report of findings of investigation of exempt bank 36(3)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Director, Privacy Management, NHQ
Receive report of Privacy Commissioner’s findings after compliance investigation 37(3)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS, NHQ
  • Director, Privacy Management, NHQ
Request that a court hearing, undertaken with respect to certain sections of the Act, be held in the National Capital Region. 51(2)(b)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
Request and be given right to make representations in section 51 hearings 51(3)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
Prepare annual report to Parliament 72(1)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Director, Privacy Management
Privacy Act Regulations
Description Section Delegated Authority
Allow examination of the documents (Reading Room) 9
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS. NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisor
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Notification of Correction 11(2)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS. NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisor
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Correction refused, notation placed on file 11(4)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS. NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisor
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Disclosure to a medical practitioner or psychologist 13(1)
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS. NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisor
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)
Disclosure in the presence of a medical practitioner or psychologist 14
  • Deputy Minister, ESDC
  • Deputy Minister, Labour
  • Senior Associate Deputy Minister of ESDC and Chief Operating Officer for Service Canada
  • Associate Deputy Minister, ESDC
  • Corporate Secretary and Chief Privacy Officer
  • Director, ATIPOPS, NHQ
  • Manager, ATIP Processing, ATIPOPS. NHQ
  • Team Leaders, NHQ
  • Service Manager (Regional ATIP)
  • Team Leaders (Regional ATIP)
  • Regional ATIP Advisor
  • Business Expertise Regional Consultant (QC ATIP)
  • Senior Consultant (QC ATIP)
  • Senior Business Expertise Consultant (QC ATIP)

Annex B: Summaries of Completed Privacy Impact Assessments

Automatic Enrolment for the Guaranteed Income Supplement

The Old Age Security/Guaranteed Income Supplement Service Improvement Strategy (OAS/GIS SIS) is a phased approach to alleviate the requirement for paper applications with the implementation of the Proactive Enrolment Initiative. ESDC developed the OAS/GIS SIS in 2012 to address demographic and program pressures facing the implementation of OAS. A PIA was completed to assess ESDC’s collection, use, retention and disposal of personal information throughout the administration of the Proactive Enrolment Initiative, which is the third phase of the project. Because of the Office of the Privacy Commissioner’s (OPC) interest in the initiative, an ongoing consultation process was established to allow the OPC to provide ESDC with its comments and recommendations during the development stage.

Canada Apprenticeship Loans Phase III: Repayment

The Canada Apprentice Loans Program provides loans to assist registered apprentices with the cost of technical training. It is administered by the Canada Student Loan Program and delivered by its service provider. The PIA focused on ESDC’s collection, use, disclosure, retention and disposition of loan recipients’ personal information. It also reviewed the privacy implications of the loan repayment process.

Call Recording and Screen Capture functionality for the 1 800 O-Canada and Customized Information Services Quality Assurance Program

The 1 800 O-Canada toll-free telephone service provides the public with general information on all Government of Canada programs, services and initiatives, and acts as a first point of contact to access quick, up-to-date government information. A new call recording and screen capture functionality to enhance the quality assurance monitoring process and program was introduced. A PIA assessed the privacy impacts and potential risks associated with the collection of personal information via screen capture/call recording as well as the handling, storage, access to, and disposal of this information throughout its lifecycle.

Direct Deposit and Address Information Sharing Initiative Iteration I, Canada Pension Plan Direct Deposit

The Tell-Us-Once – Direct Deposit and Address Information Sharing Initiative (DAISI) is a joint effort between ESDC and the Canada Revenue Agency (CRA) that allows Canadians to update their information once, and have it automatically shared between the two departments. Iteration I gives Canadians the option to share their direct deposit banking information, between the Canada Pension Plan administered by ESDC and other pension programs administered by CRA. The PIA focussed on ESDC’s collection, use, retention and disclosure of information.

eNotification Project in My Service Canada Account

A new eNotification service is a feature of My Service Canada Account – Employment Insurance (MSCA-EI) which offers clients improved messaging and notification services (Alert Me). Clients who consent to the Alert Me feature receive timely emails notifying them when changes occur to their EI claim. The PIA was focussed on ESDC’s collection, use, disclosure, retention and disposition of clients’ personal information on a voluntary consent basis.

First Nations Job Fund

The First Nations Job Fund (FNJF) provided personalized job training to Income Assistance clients who were referred from Indigenous and Northern Affairs Canada. The FNJF was delivered through the Aboriginal Skills and Employment Training Strategy network of Agreement Holders and sunset on March 31, 2017. The PIA examined the handling of personal information for the administration of the FNJF.

Memorandum of Understanding (MOU) concerning the disclosure of administrative data files from ESDC to Statistics Canada

ESDC had a Memorandum of Understanding (MOU) with Statistics Canada dating from 1989 for the disclosure of personal information for research and statistical purposes. A new and updated MOU was developed to incorporate additional program data, reflect legislative changes and current information technology, privacy, and security standards. The PIA focussed on ESDC’s compliance with privacy and security policies, as well as IT standards, for the management and disclosure of personal information under the MOU.

Old Age Security, Northwest Territories: Information Sharing Agreement between ESDC and Northwest Territories Department of Education, Culture and Employment

The Information Sharing Agreement (ISA) between ESDC and the Northwest Territories Department of Education, Culture and Employment (ECE) replaces the Letter of Agreement (LoA) for the administration of the Territories’ Income Security Programs. ESDC provides personal information to ECE for administering the Senior Citizen Supplementary Benefit, a monthly monetary benefit to help low-income seniors pay for living expenses. The PIA examined the identification and categorization of the risks presented by ESDC’s disclosure of personal information to the government of the Northwest Territories’ Income Security programs.

Old Age Security, Yukon: Exchange of Personal Information between ESDC and Yukon Department of Health and Social Services for the administration of the Yukon Senior Income Supplement

The Yukon Seniors Income Supplement (YSIS) provides an income supplement to low income seniors who are in receipt of the Old Age Security (OAS) and Guaranteed Income Supplement (GIS) from the federal government. The Yukon supplement is also provided to spouses between the ages of 60 and 64 years who receive the Allowance or Allowance for the Survivor. The purpose of the disclosure of information between ESDC and Yukon is to provide Yukon seniors with seamless access to benefits while ensuring the information is disclosed and protected in line with the territory’s Access to Information and Protection of Privacy Act and the Department of Employment and Social Development Act. The completed PIA focussed on ESDC’s disclosure of personal information to the Yukon government.

Workforce Development Agreements

The Workforce Development Agreements (WDAs) are bilateral agreements between the Government of Canada (GoC) and the provinces and territories commencing in 2017-18. The purpose of these agreements is to support the federal government’s objective to ensure that unemployed and underemployed Canadians have access to the training and assistance that they need to develop their skills and pursue opportunities for a better future. The PIA reviewed ESDC’s collection, use, retention and disposal of personal information, such as Social Insurance Numbers, for the administration of the WDAs.

Youth Employment Strategy

The Youth Employment Strategy (YES) is the Government of Canada’s commitment to help young people aged 15 to 30, particularly those facing barriers to employment, get the information and gain the skills, work experience and abilities they need to make a successful transition into the labour market. It is a horizontal initiative involving over ten federal departments and agencies and is comprised of three program streams offered by Service Canada. The PIA focussed on ESDC’s collection, use, retention and disposal of personal information for the administration of YES.

Annex C: Statistical Reports

Statistical Report on the Access to Information Act

Name of institution: Employment and Social Development Canada

Reporting period: 2017-04-01 to 2018-03-31

Part 1: Requests Under the Access to Information Act

1.1 Number of Requests
Details Number of Requests
Received during reporting period 1,942
Outstanding from previous reporting period 371
Total 2,313
Closed during reporting period 1,899
Carried over to next reporting period 414
1.2 Sources of Requests
Source Number of Requests
Media 649
Academia 39
Business (private sector) 357
Organization 124
Public 611
Decline to Identify 162
Total 1,942
1.3 Informal Requests
Completion Time
1 to 15 Days 16 to 30 Days 31 to 60 Days 61 to 120 Days 121 to 180 Days 181 to 365 Days More Than 365 Days Total
81 84 232 220 185 45 0 847

Part 2: Requests Closed During the Reporting Period

2.1 Disposition and completion time
Disposition of Requests Completion Time
1 to 15 Days 16 to 30 Days 31 to 60 Days 61 to 120 Days 121 to 180 Days 181 to 365 Days More Than 365 Days Total
All disclosed 34 274 148 54 8 3 0 521
Disclosed in part 18 264 159 167 97 51 13 769
All exempted 0 3 4 1 1 0 0 9
All excluded 0 0 0 12 1 0 0 13
No records exist 26 106 43 7 0 1 0 183
Request Transferred 58 2 1 0 0 0 0 61
Request abandoned 266 29 16 4 8 11 8 342
Neither confirmed nor denied 1 0 0 0 0 0 0 1
Total 403 678 371 245 115 66 21 1,899
2.2 Exemptions
Section Number of requests
13(1)(a) 3
13(1)(b) 0
13(1)(c) 10
13(1)(d) 0
13(1)(e) 0
14 75
14(a) 3
14(b) 2
15(1) 13
15(1) - International affairs 13
15(1) - Defence of Canada 13
15(1) - Subversive activities 0
16(1)(a)(i) 0
16(1)(a)(ii) 0
16(1)(a)(iii) 0
16(1)(b) 2
16(1)(c) 31
16(1)(d) 1
16(2) 114
16(2)(a) 0
16(2)(b) 0
16(2)(c) 1
16(3) 0
16.1(1)(a) 0
16.1(1)(b) 0
16.1(1)(c) 0
16.1(1)(d) 0
16.2(1) 0
16.3 0
16.4(1)(a) 0
16.4(1)(b) 0
16.5 0
17 6
18(a) 0
18(b) 3
18(c) 0
18(d) 9
18.1(1)(a) 2
18.1(1)(b) 2
18.1(1)(c) 2
18.1(1)(d) 2
19(1) 385
20(1)(a) 2
20(1)(b) 74
20(1)(b.1) 0
20(1)(c) 71
20(1)(d) 5
20.1 0
20.2 0
20.4 0
21(1)(a) 161
21(1)(b) 182
21(1)(c) 13
21(1)(d) 6
22 12
22.1(1) 12
23 44
24(1) 149
26 4
2.3 Exclusions
Section Number of requests
68(a) 1
68(b) 0
68(c) 0
68.1 0
68.2(a) 0
68.2(b) 0
69(1) 0
69(1)(a) 3
69(1)(b) 0
69(1)(c) 1
69(1)(d) 2
69(1)(e) 28
69(1)(f) 1
69(1)(g) re (a) 55
69(1)(g) re (b) 0
69(1)(g) re (c) 23
69(1)(g) re (d) 9
69(1)(g) re (e) 6
69(1)(g) re (f) 9
69.1(1) 0
2.4 Format of information released
Disposition Paper Electronic Other formats
All disclosed 469 51 1
Disclosed in part 615 153 1
Total 1,084 204 2

2.5 Complexity

2.5.1 Relevant pages processed and disclosed
Disposition of requests Number of pages processed Number of pages disclosed Number of requests
All disclosed 820,766 820,351 521
Disclosed in part 142,292 118,473 769
All exempted 46 0 9
All excluded 171 0 13
Request abandoned 7,717 4,845 342
Neither confirmed nor denied 0 0 1
Total 970,992 943,669 1,655
2.5.2 Relevant pages processed and disclosed by size of requests
Disposition Less than 100
pages processed
101-500
pages processed
501-1000
pages processed
1001-5000
pages processed
More than 5000
pages processed
Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed
All disclosed 489 5,650 19 3,969 2 1,260 10 34,741 1 774,731
Disclosed in part 566 15,425 165 32,521 26 15,423 11 9,918 1 45,186
All exempted 9 0 0 0 0 0 0 0 0 0
All excluded 13 0 0 0 0 0 0 0 0 0
Request abandoned 329 110 8 838 3 1,823 2 2,074 0 0
Neither confirmed nor denied 1 0 0 0 0 0 0 0 0 0
Total 1,407 21,185 192 37,328 31 18,506 23 46,733 2 819,917
2.5.3 Other complexities
Disposition Consultation required Assessment of fees Legal advice sought Other Total
All disclosed 64 0 0 0 64
Disclosed in part 256 1 0 0 257
All exempted 3 0 0 0 3
All excluded 11 0 0 0 11
Request abandoned 17 0 0 0 17
Neither confirmed nor denied 0 0 0 0 0
Total 351 1 0 0 352

2.6 Deemed refusals

2.6.1 Reasons for not meeting statutory deadline

  • Number of requests closed past the statutory deadline = 332
  • Principal reason
    • Workload = 138
    • External consultation = 52
    • Internal consultation = 26
    • Other = 116
2.6.2 Number of days past deadline
Number of days past deadline Number of requests past deadline where no extension was taken Number of requests past deadline where an extension was taken Total
1 to 15 days 57 19 76
16 to 30 days 29 28 57
31 to 60 days 28 32 60
61 to 120 days 42 26 68
121 to 180 days 16 15 31
181 to 365 days 11 17 28
More than 365 days 4 8 12
Total 187 145 332
2.7 Requests for translation
Translation requests Accepted Refused Total
English to French 0 0 0
French to English 0 0 0
Total 0 0 0

Part 3: Extensions

3.1 Reasons for extensions and disposition of requests
Disposition of requests where an extension was taken 9(1)(a)
Interference with operations
9(1)(b)
Consultation
9(1)(c)
Third-party notice
Section 69 Other
All disclosed 4 0 66 1
Disclosed in part 49 28 238 16
All exempted 0 0 1 1
All excluded 0 9 4 0
No records exist 2 0 4 0
Request abandoned 12 1 18 2
Total 67 38 331 20
3.2 Length of extensions
Length of extensions 9(1)(a)
Interference with operations
9(1)(b)
Consultation
9(1)(c)
Third-party notice
Section 69 Other
30 days or less 38 0 79 1
31 to 60 days 13 29 67 9
61 to 120 days 7 9 184 8
121 to 180 days 7 0 1 2
181 to 365 days 2 0 0 0
365 days or more 0 0 0 0
Total 67 38 331 20

Part 4: Fees

Fee type Fee collected Fee waived or refunded
Number of
requests
Amount Number of
requests
Amount
Application 1,422 $7,110 477 $2,385
Search 1 $70 0 $0
Production 0 $0 0 $0
Programming 0 $0 0 $0
Preparation 0 $0 0 $0
Alternative format 0 $0 0 $0
Reproduction 0 $0 0 $0
Total 14,23 $7,180 477 $2,385

Part 5: Consultations received from other institutions and organizations

5.1 Consultations received from other Government of Canada institutions and other organizations
Consultations Other Government of Canada institutions Number of pages to review Other organizations Number of pages to review
Received during the reporting period 197 7,253 23 655
Outstanding from the previous reporting period 16 3,659 0 0
Total 213 10,912 23 655
Closed during the reporting period 189 10,357 21 632
Pending at the end of the reporting period 24 555 2 23
5.2 Recommendations and completion time for consultations received from other Government of Canada institutions
Recommendation Number of days required to complete consultation requests
1 to 15 Days 16 to 30 Days 31 to 60 Days 61 to 120 Days 121 to 180 Days 181 to 365 Days More than 365 days Total
All disclosed 20 69 34 7 0 0 0 130
Disclose in part 1 12 16 9 1 2 0 41
All exempted 2 1 0 0 0 0 0 3
All excluded 0 0 0 0 0 0 0 0
Consult other institution 0 0 1 0 0 0 0 1
Other 6 3 3 2 0 0 0 14
Total 29 85 54 18 1 2 0 189
5.3 Recommendations and completion time for consultations received from other organizations
Recommendation Number of days required to complete consultation requests
1 to 15 Days 16 to 30 Days 31 to 60 Days 61 to 120 Days 121 to 180 Days 181 to 365 Days More than 365 days Total
All disclosed 3 5 7 0 0 0 0 15
Disclosed in part 0 1 3 0 0 0 0 4
All exempted 0 0 0 0 0 0 0 0
All excluded 0 0 0 0 0 0 0 0
Consult other institution 0 0 0 0 0 0 0 0
Other 1 0 0 1 0 0 0 2
Total 4 6 10 1 0 0 0 21

Part 6: Completion time of consultations on cabinet confidences

6.1 Requests with legal services
Number of days Less than 100 pages processed 101-500 pages processed 501-1000
pages processed
1001-5000
pages processed
More than 5000
pages processed
Number of
requests
Pages disclosed Number of
requests
Pages disclosed Number of
requests
Pages disclosed Number of
requests
Pages disclosed Number of
requests
Pages disclosed
1 to 15 2 26 0 0 0 0 0 0 0 0
16 to 30 25 294 1 40 0 0 0 0 0 0
31 to 60 49 906 1 45 0 0 0 0 0 0
61 to 120 17 299 0 0 0 0 0 0 0 0
121 to 180 0 0 0 0 0 0 0 0 0 0
181 to 365 0 0 0 0 0 0 0 0 0 0
More than 365 0 0 0 0 0 0 0 0 0 0
Total 93 1,525 2 85 0 0 0 0 0 0
6.2 Requests with Privy Council Office
Number of days Less than 100 pages processed 101‒500 pages processed 501-1000
pages processed
1001-5000
pages processed
More than 5000
pages processed
Number of
requests
Pages disclosed Number of
requests
Pages disclosed Number of
requests
Pages disclosed Number of
requests
Pages disclosed Number of
requests
Pages disclosed
1 to 15 0 0 0 0 0 0 0 0 0 0
16 to 30 0 0 0 0 0 0 0 0 0 0
31 to 60 0 0 0 0 0 0 0 0 0 0
61 to 120 0 0 0 0 0 0 0 0 0 0
121 to 180 0 0 0 0 0 0 0 0 0 0
181 to 365 0 0 0 0 0 0 0 0 0 0
More than 365 0 0 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0 0 0

Part 7: Complaints and investigations

  • Section 32 = 40
  • Section 35 = 58
  • Section 37 = 27
  • Total = 125

Part 8: Court action

  • Section 41 = 0
  • Section 42 = 0
  • Section 44 = 0
  • Total = 0

Part 9: Resources related to the Access to Information Act

9.1 Costs
Expenditures Person years dedicated to access to information activities
Salaries $1,261,464
Overtime $858
Goods and Services $160,348
Professional services contracts $143,931
Other $16,417
Total $1,422,670
9.2 Human resources
Resources Person years dedicated to access to information activities
Full-time employees 14.74
Part-time and casual employees 0.06
Regional staff 0.00
Consultants and agency personnel 1.20
Students 0.80
Total 16.80

Statistical Report on the Privacy Act

Name of institution: Employment and Social Development Canada

Reporting period: 2017-04-01 to 2018-03-31

Part 1: Requests under the Privacy Act

Details Number of requests
Received during reporting period 8,852
Outstanding from previous reporting period 437
Total 9,289
Closed during reporting period 8,817
Carried over to next reporting period 472

Part 2: Requests closed during the reporting period

2.1 Disposition and completion time
Disposition of requests Completion time
1 to 15 days 16 to 30 days 31 to 60 days 61 to 120 days 121 to 180 days 181 to 365 days More than 365 days Total
All disclosed 295 500 13 5 0 1 3 817
Disclosed in part 2,332 4,287 152 19 7 5 0 6,802
All exempted 1 1 1 0 0 0 0 3
All excluded 1 0 0 0 0 0 0 1
No records exist 924 104 4 1 0 0 0 1,033
Request abandoned 109 41 9 1 0 1 0 161
Neither confirmed nor denied 0 0 0 0 0 0 0 0
Total 3,662 4,933 179 26 7 7 3 8,817
2.2 Exemptions
Section Number of requests
18(2) 0
19(1)(a) 0
19(1)(b) 0
19(1)(c) 1
19(1)(d) 0
19(1)(e) 1
19(1)(f) 1
20 0
21 0
22(1)(a)(i) 1
22(1)(a)(ii) 2
22(1)(a)(iii) 0
22(1)(b) 28
22(1)(c) 65
22(2) 0
22.1 5
22.2 0
22.3 0
23(a) 0
23(b) 0
24(a) 0
24(b) 0
25 6
26 5,898
27 81
28 0
2.3 Exclusions
Section Number of requests
69(1)(a) 0
69(1)(b) 0
69.1 0
70(1) 0
70(1)(a) 0
70(1)(b) 0
70(1)(c) 0
70(1)(d) 0
70(1)(e) 0
70(1)(f) 0
70.1 0
2.4 Format of information released
Disposition Paper Electronic Other formats
All disclosed 717 92 8
Disclosed in part 5,868 908 26
Total 6,585 1,000 34
2.5 Complexity
2.5.1 Relevant pages processed and disclosed
Disposition of requests Number of pages processed Number of pages disclosed Number of requests
All disclosed 19,899 13,141 817
Disclosed in part 777,178 757,078 6,802
All exempted 50 0 3
All excluded 0 0 1
Request abandoned 1,309 1037 161
Neither confirmed nor denied 0 0 0
Total 798,436 771,256 7,784
2.5.2 Relevant pages processed and disclosed by size of requests
Disposition Less than 100 pages processed 101 to 500 pages processed 501 to 1000 pages processed 1001 to 5000 pages processed More than 5000 pages processed
Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages Disclosed Number of requests Pages disclosed
All disclosed 769 9,289 47 3,844 0 0 1 8 0 0
Disclosed in part 4,374 187,209 2212 400,657 157 96,979 58 72,223 1 10
All exempted 3 0 0 0 0 0 0 0 0
All excluded 1 0 0 0 0 0 0 0 0 0
Request abandoned 158 192 2 133 1 712 0 0 0 0
Neither confirmed nor denied 0 0 0 0 0 0 0 0 0 0
Total 5,305 196,690 2,261 404,634 158 97,691 59 72,231 1 10
2.5.3 Other complexities
Disposition Consultation required Legal advice sought Interwoven information Other Total
All disclosed 1 0 9 86 96
Disclosed in part 28 2 216 286 532
All exempted 0 0 0 0 0
All excluded 0 0 0 0 0
Request abandoned 1 0 1 0 2
Neither confirmed nor denied 0 0 0 0 0
Total 30 2 226 372 630
2.6 Deemed refusals
2.6.1 Reasons for not meeting statutory deadline
Number of requests closed past the statutory deadline Principal reason
Workload External consultation Internal consultation Other
89 62 4 2 21
2.6.2 Number of days past deadline
Number of days past deadline Number of requests past deadline where no extension was taken Number of requests past deadline where an extension was taken Total
1 to 15 days 39 2 41
16 to 30 days 9 1 10
31 to 60 days 10 3 13
61 to 120 days 11 4 15
121  to 180 days 2 3 5
181 to 365 days 2 0 2
More than 365 days 3 0 3
Total 76 13 89
2.7 Requests for translation
Translation requests Accepted Refused Total
English to French 0 0 0
French to English 4 0 4
Total 4 0 4

Part 3: Disclosures under Subsection 8(2) and 8(5)*

Paragraph 8(2)(e) Paragraph 8(2)(m) Subsection 8(5) Total
0 0 0 0

* Disclosures that would otherwise be made under these sections of the Privacy Act are carried out under the authorities provided in Part 4 of the Department of Employment and Social Insurance Act. Further details on this can be found in the report under Section 9: Public Interest Disclosures.

Part 4: Requests for correction of personal information and notations

Disposition for correction requests received Number
Notations attached 5
Requests for correction accepted 3
Total 8

Part 5: Extensions

5.1 Reasons for extensions and dispositions of requests
Disposition of requests where an extension was taken 15(a)(i) Interference with operations 15(a)(ii) Consultation 15(b) Translation or conversion
Section 70 Other
All disclosed 2 0 1 0
Disclosed in part 66 0 5 5
All exempted 0 0 0 0
All excluded 0 0 0 0
No records exist 1 0 0 0
Request abandoned 0 0 1 0
Total 69 0 7 0
5.2 Length of extensions
Length of extensions 15(a)(i) Interference with operations 15(a)(ii) Consultation 15(b) Translation purposes
Section 70 Other
1 to 15 days 1 0 0 0
16 to 30 days 68 0 7 0
Total 69 0 7 0

Part 6: Consultations received from other institutions and organizations

6.1 Consultations received from other Government of Canada institutions and other organizations
Consultations Other Government of Canada institutions Number of pages to review Other organizations Number of pages to review
Received during the reporting period 32 5,169 3 186
Outstanding from the previous reporting period 0 0 0 0
Total 32 5,169 3 186
Closed during the reporting period 31 5,143 3 186
Pending at the end of the reporting period 1 26 0 0
6.2 Recommendations and completion time for consultations received from other Government of Canada institutions
Recommendation Number of days required to complete consultation requests
1 to 15 days 16 to 30 days 31 to 60 days 61 to 120 days 121 to 180 days 181 to 365 days More than 365 days Total
All disclosed 15 4 1 1 0 0 0 21
Disclosed in part 1 7 1 1 0 0 0 10
All exempted 0 0 0 0 0 0 0 0
All excluded 0 0 0 0 0 0 0 0
Consult other institution 0 0 0 0 0 0 0 0
Other 0 0 0 0 0 0 0 0
Total 16 11 2 2 0 0 0 31
6.3 Recommendations and completion time for consultations received from other organizations
Recommendation Number of days required to complete consultation requests
1 to 15 days 16 to 30 days 31 to 60 days 61 to 120 days 121 to 180 days 181 to 365 days More than 365 days Total
All disclosed 0 2 0 0 0 0 0 2
Disclosed in part 0 0 1 0 0 0 0 1
All exempted 0 0 0 0 0 0 0 0
All excluded 0 0 0 0 0 0 0 0
Consult other institution 0 0 0 0 0 0 0 0
Other 0 0 0 0 0 0 0 0
Total 0 2 1 0 0 0 0 3

Part 7: Completion time of consultations on cabinet confidences

7.1 Requests with legal services
Number of days Fewer than 100 pages processed 101 to 500 pages processed 501 to 1000 pages processed 1001 to 5000 pages processed More than 5000 pages processed
Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed
1 to 15 0 0 0 0 0 0 0 0 0 0
16 to 30 0 0 0 0 0 0 0 0 0 0
31 to 60 0 0 0 0 0 0 0 0 0 0
61 to 120 0 0 0 0 0 0 0 0 0 0
121 to 180 0 0 0 0 0 0 0 0 0 0
181 to 365 0 0 0 0 0 0 0 0 0 0
More than 365 0 0 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0 0 0
7.2 Requests with Privy Council Office
Number of days Fewer than 100 pages processed 101 to 500 pages processed 501 to 1000 pages processed 1001 to 5000 pages processed More than 5000 pages processed
Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed
1 to 15 0 0 0 0 0 0 0 0 0 0
16 to 30 0 0 0 0 0 0 0 0 0 0
31 to 60 0 0 0 0 0 0 0 0 0 0
61 to 120 0 0 0 0 0 0 0 0 0 0
121 to 180 0 0 0 0 0 0 0 0 0 0
181 to 365 0 0 0 0 0 0 0 0 0 0
More than 365 0 0 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0 0 0

Part 8: Complaints and investigations notices received

Section Section 31 Section 33 Section 35 Court action Total
Number 29 34 43 0 106

Part 9: Privacy Impact Assessments (PIAs)

  • Number of PIA(s) completed = 11

Part 10: Resources related to the Privacy Act

10.1 Costs
Expenditures Amount
Salaries $5,146,216
Overtime $29,339
Goods and Service $159,612
Professional services contracts $37,451
Other $122,161
Total $5,335,167
10.2 Human resources
Resources Person years dedicated to privacy activities
Full-time employees 31.25
Part-time and casual employees 0.00
Regional staff 42.60
Consultants and agency personnel 0.00
Students 0.39
Total 74.24

Page details

Date modified: