PACP Committee Report

In accordance with the Auditor General Act, the Auditor General of Canada tables her reports in the House of Commons several times per year. In order to preserve the privilege of Parliamentarians to receive the information before it is made available to the general public, the Office of the Auditor General holds an in camera session with Parliamentarians and a media lockup on the tabling date. However, on numerous occasions information about select audits has been leaked to the media prior to these briefings and prior to the tabling of the reports in Parliament.

The Committee is extremely concerned about these repeated breaches of parliamentary privilege, and held two meetings on the issue: one on May 15, 2006 to discuss a leak about the audit on the Firearms Program^[1] and another meeting on February 5, 2007 to discuss a leak about the audit on the relocations contract.^[2] At the May 15, 2006 meeting, the Committee heard from Sheila Fraser, Auditor General of Canada, and Jean Ste-Marie, Assistant Auditor General and Legal Advisor. On February 5, 2007, the Committee met with Ms. Fraser; Ronnie Campbell, Assistant Auditor General; Brian Aiken, Chief Audit Executive at the Royal Canadian Mounted Police; Daphne Meredith, Associate Deputy Minister of Public Works and Government Services Canada; Alister Smith, Assistant Secretary, Treasury Board of Canada Secretariat; and Colleen Volk, Assistant Deputy Minister, of Public Service Human Resources Management Agency of Canada.

Leaks to the media about audits by the Office of the Auditor General are neither new, nor, unfortunately, rare. The Auditor General told the Committee that since 2001, information about 10 performance audits have been leaked to journalists before they were tabled in the House of Commons, which, in the opinion of the Committee, is 10 too many. This represents approximately seven percent of the 147 performance audits presented to the House in this period.

The Auditor General told the Committee that she believes the leaks are not coming from her office (OAG). She said that the OAG undertakes a number of internal security measures to protect the integrity of the information in its reports. The OAG ensures that all its staff members are familiar with and observe the security requirements set out in its Security Policy and Guidelines. The OAG also ensures that the personnel employed by the printer handling its reports have all the appropriate security clearances and enforce a rigorous control of printed copies of reports.

However, the OAG does have some unavoidable security risks with respect to the information in draft reports. In order to verify the accuracy and completeness of facts presented in its audits as well as to give departments and agencies an opportunity to prepare responses to recommendations, the OAG consults with the organizations audited about the contents of the reports and provides them with draft copies. When doing so, the OAG sends a letter outlining several safeguards: that the report be treated with appropriate discretion until it is tabled in the House of Commons, that the report should not be copied, and that all copies should be returned to the OAG or destroyed. Each copy is numbered to facilitate tracking and retrieval.

The Auditor General also noted that in the days leading up to the tabling of reports, a briefing is provided to ministers responsible for the departments and agencies audited, as they will be responding publicly to the reports.

After the latest leak, the Auditor General outlined further steps her office has taken to ensure that departments and agencies are following appropriate procedures to protect the confidentiality of the OAG’s reports. The Auditor General told the Committee that, “During each audit, we will be writing to senior officials to remind them of their responsibility to follow appropriate procedures to protect the confidentiality of our reports. And we will not release draft chapters to departments until we have received written acknowledgement of these responsibilities.^[3]

An official from the Treasury Board Secretariat, Alister Smith, told the Committee that the government had undertaken two internal reviews about the leaks. After the leak in May, the Auditor General asked departments to conduct reviews of their document controls. After the leak in November, the President of the Treasury Board also requested a review. Mr. Smith said that departments are confident that they have in place appropriate controls and processes to ensure the confidentiality of draft reports. These controls include a central point to manage documents, measures to control the transmission of these documents, and procedures to store documents, as well as to recall them.

Despite these assurances, problems continue. Prior to the tabling of the Auditor General’s 2007 Status Report on February 13, 2007, a newspaper reported on a memorandum to a minister that references conclusions from an audit.^[4] While it appears that this memo was obtained through an Access to Information request, rather than a leak, the Committee is very disturbed that a department would release this information. It would appear that lessons from earlier leaks have not been learned.

The Committee is extremely concerned about the constant repetition of leaks and is not satisfied with the response to date. The mistaken release of information on the Auditor General’s 2007 Status Report mentioned earlier indicates that departments need to take this issue more seriously. More needs to be done.

After the leak in May 2006, the Auditor General considered the possibility of a police investigation, but told the Committee that, in her opinion, “there has been no breach of a law that would require us to report this incident to the RCMP. Rather, there has been a breach of the Government Security Policy.^[5] Under this policy, deputy heads are responsible for its implementation, and “departments are required to apply sanctions in response to security incidents when in the opinion of the deputy head there has been misconduct or negligence.^[6] However, like most government policies, it is not clear the extent to which this policy is rigorously enforced and if sanctions are applied.

More importantly, the Government Security Policy does not outline specific procedures for handling draft reports of the Auditor General. The Committee was provided with the security requirements recently adopted by Public Works and Government Services Canada for handling OAG documents. The Committee believes that all departments and agencies should take similar precautions. The Committee recommends that:

Recommendation

The Treasury Board of Canada, in consultation with the Auditor General of Canada, adopts a strong policy regarding security requirements for handling draft audit reports of the Auditor General, including, but not limited to, sanctions such as ethics training, suspension and or dismissal for failing to comply fully with the document controls.

Strong policies and document controls will help, but they may not be enough. The Committee is willing to consider taking more significant actions if leaks continue.  

While it is not absolutely clear where these leaks are coming from, the Committee wonders who would stand to gain most from such leaks. In order to act as a deterrent to those who might consider making a leak, the Committee commits itself to holding a more thorough inquiry into future leaks. The Committee would closely question all those who saw the draft report or were briefed on its findings, such as departmental officials, ministers and all political staff who were aware of the contents of the report. One reason people make leaks is the belief that they can get away with it without paying a penalty or incurring negative consequences. While the Committee may have difficulty in identifying those responsible, the Committee expects that the threat of serious sanctions will deter those who might leak the contents of Auditor General reports to the media.

As noted earlier, the Auditor General currently provides departments with draft copies of her reports in order to confirm facts and obtain responses to recommendations. Another possible step to avoid leaks is for the Committee to recommend that the Auditor General only confirms the facts of her reports with departments prior to tabling, and then departments would respond to the conclusions and recommendations of reports after they have been tabled in Parliament. The Committee recognizes that such a step would be inconvenient to both the Office and the Auditor General and departments, but sometimes drastic measures need to be taken in order to resolve an unacceptable situation.

In the same vein, the Committee may consider recommending that the Auditor General not provide briefings to ministers and their staff prior to tabling. Ministers would then have to defer responding to questions on the findings of such reports to a later date.

Regardless of the particular path chosen, the Committee is quite displeased by these leaks and is committed to undertaking stronger actions in the future.

The Committee views very seriously leaks of reports of the Auditor General to the media prior to their tabling in the House of Commons. Premature disclosure of information in reports of the Auditor General represents a disregard of the statutory right of the House of Commons to receive the Auditor General’s reports and is a breach of parliamentary privilege. As Speakers and the House of Commons have affirmed on numerous occasions, the Chamber has the pre-eminent right to have reports and other documents tabled and made available first to its Members before they are released to the general public, especially when those reports come from an Officer of Parliament who reports to the House through the Speaker. Among other reasons, this reflects the pre-eminent role which the House plays and must play in the legislative affairs of the nation, and as the representative role of the people of Canada holding the government to account.  The premature and unauthorized disclosure of Auditor General reports before they have been formally tabled in the House can interfere with and impede the work of the House of Commons, and constitutes a contempt of Parliament. If problems persist in this area, further action will have to be taken by the Committee and possibly the House of Commons to preserve the integrity of our parliamentary system.