Ladies and gentlemen, good morning and welcome to this meeting of the Standing Committee on Access to Information, Privacy and Ethics.
Today, we are happy to welcome Stefanie Beck, Assistant Deputy Minister, Corporate Services, Department of Citizenship and Immigration, as well as Michael Olsen, Director General, Corporate Services Sector, Department of Citizenship and Immigration.
We are also hearing from two representatives of the Department of National Defence: Larry Surtees, Corporate Secretary; and Kimberly Empey, Director, Access to Information and Privacy Directorate.
Thank you very much for joining us today to tell us about the Access to information Act and answer our questions.
Without further ado, we will start things off with the representatives of the Department of Citizenship and Immigration for 10 minutes. Afterwards, we will hear from the representatives of the Department of National Defence for another 10 minutes. Following that, we will have a question period with the committee members.
Go ahead, Ms. Beck.
Thank you very much, Mr. Chair. We are also very pleased to be joining you this morning.
My name is Stephanie Beck. As the chair has said, I'm the assistant deputy minister of corporate services, so among other things, ATIP is in my portfolio. My director general responsible for corporate affairs at IRCC is here beside me.
Thank you for the opportunity to speak with the committee today about the Access to Information Act and how it is applied, specifically at IRCC. I want to emphasize that there are aspects of IRCC's access to information model that are unique to IRCC and would not necessarily be applicable in other government departments.
I should note that as your study relates only to the Access to Information Act, I will not be commenting today about the work our department does in relation to the Privacy Act, although it is very significant, too.
I will start by discussing the impact of the current legislation on IRCC before moving into a discussion about our department's performance and costs with regard to ATI requests; then I will address some of the operational impacts of the recommendations put forward by the Information Commissioner in her recent report.
The ATIP division administers the Access to Information Act at IRCC and is led by a director who acts as the ATIP coordinator for the whole department. The division is divided into three units, each led by a manager. These units are operations; complex cases and issues; and the privacy, policy, and governance unit.
In addition to approximately 70 staff working within the division itself, IRCC maintains a network of access to information and privacy, or ATIP, liaison officers across the branches and regions of the department. They provide assistance in request processing by performing searches, collecting records and providing a response to ATIP requests on behalf of branches and regions.
Moreover, program officials throughout the department retrieve relevant records, and provide recommendations on disclosure of those records to the ATIP liaison officers.
In 2014-2015, our most recent reporting year, IRCC received more access to information requests than any other federal institution. IRCC accounts for roughly half of all access to information requests received by the federal government. I believe that is why we are appearing before you today.
During 2014-15, we received a record-breaking 34,066 requests, an increase of 16% from the previous year, and we are on track to receive an even higher number in 2015-16. The numbers so far are showing a 22% increase year over year.
Despite this increase in volume, we maintained a compliance rate of 87.81%. Less than 1% of all results completed during the reporting period resulted in complaints to the office of the Information Commissioner.
Roughly 95% of ATI requests are processed by our operations unit of the ATIP division and relate to immigration, citizenship, or passport case files. We are able to maintain a high rate of compliance in this area because the ATI analysts in the operations unit have access to the database that houses the case file records.
This set-up for the vast majority of our requests is unique in government and not necessarily transferable to other institutions. In order to facilitate the review of those records and the application of the law, we have given analysts direct access, so that they can respond to requests without needing to obtain recommendations on disclosure from departmental program officials. This greatly reduces the time it takes analysts to process request.
As well, because these records are housed electronically, analysts can work through a secure network, giving them the flexibility to do their work while safeguarding the client information. They do not have to rely on paper copies.
Our department also sees a surge in requests when there is a change in programs or a new one launched, as we have recently seen with the Syrian refugee operation.
We have been able to achieve a high compliance rate despite an ever-increasing number of requests by undertaking a number of initiatives to improve internal processes and client service.
Our senior officials are strong believers in the act and encourage a culture in the department of access to information, and of course, privacy. For instance, we run a number of proactive training activities, including in-person and online training, workshops, both mandatory and voluntary training courses, and awareness sessions. These are held across Canada in both online format and in classroom.
We are continuously looking for ways to improve client service delivery and find efficient ways to carry out this important work. I believe you are aware of our ATIP online access process that is held in our department. We currently manage over 30 clients who use the ATIP online process.
The duty to assist is taken very seriously at IRCC, and the ATIP division notifies requesters of possible delays in service. We hope that by acting proactively we can minimize the number of complaints.
In terms of costs associated with enforcing the acts, in 2015 and 2016, the delivery of the ATIP program in IRCC totalled $4.231 million. I can give you exact numbers if you want, but the breakdown is $3.856 million dedicated to salary and $375,000 for operations. These costs are solely the funding for the ATIP division itself to conduct the work it completes every year. They do not take into consideration the costs associated with departmental ATIP liaison officers or the departmental officials searching for and producing documents, nor the cost associated with conducting consultations both internal to the department and externally.
In terms of the recommendations put forward by the Information Commissioner, I will just highlight a few that we feel would have an operational impact on our work.
First, recommendation 2.4 proposes that institutions be allowed to refuse to process requests that are frivolous, vexatious or an abuse of the right of access.
The operational impact for our department would be the ability for our resources to focus on meeting the legislated timelines on serious requests versus spending time processing frivolous or vexatious requests.
Recommendation 4.15 would require that institutions seek the consent of the individual to whom the personal information relates wherever it is reasonable to do so. IRCC holds the personal information of literally millions of individuals, both Canadians and foreign nationals from all over the world. We have this because of the passport data that we retain, the citizenship information that we have, and of course the immigrations files, be they for temporary residents or permanent residents in Canada.
When IRCC processes an access to information request, documents collected in response to our request frequently contain personal information of individuals other than the requester. That personal information is regularly protected from disclosure. In fact, Mr. Chair, last year, IRCC protected personal information from disclosure in 14,579 access to information requests. This reflects 43% of completed requests. Therefore, the recommendation to seek consent would have operational impact on IRCC's ability to meet a vast majority of legislated timelines.
Next, recommendation 2.3 suggests extending the right of access to all persons. Currently, 70% of our requesters use a representative or third party to submit requests because they themselves are not present in Canada.
For IRCC, if individuals were to be able to submit a request without having to go through a Canadian representative, the operational impact would lie in the potential resource implications, as it could lead to a large influx of requests. A huge increase of this nature could impact our ability to meet legislated compliance deadlines.
I want to thank you again for the opportunity to provide IRCC's input into your study and for welcoming us here today.
We are ready to answer any questions.
Good morning and thank you very much, Mr. Chair and members of the committee, for the invitation to describe the framework that National Defence has put in place to comply with the Access to Information Act. It is always an honour to meet with distinguished members and colleagues before the committee and to answer your questions. This morning, I am joined by the director of access to information and privacy, Ms. Kimberly Empey.
Mr. Chair, before describing the access to information framework at Defence, I believe it would be helpful to provide a bit of context. The Department of National Defence and the Canadian Armed Forces are together the largest federal government organization. Together they form the defence team, which comprises over 100,000 employees, including 66,000 regular force members, 23,000 reserve force members and 22,000 civilian employees. Defence operates at bases and stations throughout Canada and has the largest land holdings of any organization in the Government of Canada. The Canadian Armed Forces conduct operations throughout the world. The department is involved in billions of dollars of acquisitions activities annually, including large, multi-year, major capital projects. In summary, Defence is a very large and complex organization.
Mr. Chair, I would now like to share a few statistics from Defence fiscal year 2014-15 annual report to Parliament on the Access to Information Act. Total volume of files for the year was 2,635, which was slightly lower than in fiscal year 2013-14, and this was the first decrease in four years. Of these, 2,029 were closed during the year, with 49% closed within 30 days, and an additional 17% closed within 60 days.
For this reporting period, Defence employed 38 full-time employees and three part-time employees as well as two consultants to do the access to information business, and we spent just over $3 million to manage that business.
Mr. Chair, to manage the requests it receives under the Access to Information Act, Defence has put in place a four-step framework, anchored in internal policies, instructions, and training, that identifies the procedures and processes for handling requests for information under the act.
First, requests are received and assessed by a tasking group that often works with the applicant to clearly define the request and then identify the internal organization responsible for the records in question.
Second, these organizations provide the records to specially trained staff in the directorate of access to information and privacy, who further assess the request with respect to administrative requirements, such as the need for further consultation or an extension. They validate proposed exclusions and seek legal advice where required.
In the third step, two days are given to allow the department to assess the requirements and form a communication plan to support the release of the information.
Finally, the requested records are sent to the applicant and a summary of the completed request is posted online so that other members of the public may request the same information.
For simple requests, this process is completed in 30 days. As you can see, while we absolutely respect the public's right to information and we take our responsibilities seriously and endeavour to provide information with the minimum delay possible, the size, complexity, and mandate of the Defence organization sometimes introduce complications not seen in other organizations. In fact, given the nature of our organization, I believe we perform reasonably well.
Mr. Chair, this ends my opening remarks, and I would be pleased to respond to any of the questions that the committee may have.
If you don't mind, I'll address it.
What we do is based on historical volumes of work and the complexity mix that we have. At National Defence, the first point is that most of our data is paper-based, so we have to go out and research, then get the data brought in. It needs to be scanned in so that we can then do our work. One of our challenges at Defence is that it's predominantly paper-based.
With respect to the complexity, we are also taking a look at our international agreements and third party agreements. We have to take a look at all of the exemptions that are provided for under the act to make sure that we are in fact in compliance with the act.
Based on our complexity mix and on the volumes and the indication of where the volumes are going, we will estimate how many people we need. It's basically based on that, a guess from which we work the costs forward; it depends on what has happened in the past and our attempt to project the future. There is a little bit of art involved in it.
The metrics we use are how many files an individual at a specific competency level can complete. We have those, and that's what we bear in mind. Then, if we have really complex files or ones that require a lot of investigation, or if we require input from third parties or other countries, we will often give some of them to consultants. The consultants can walk them through, and we are able to focus our staff on doing the less complex files, which they can do in a shorter period of time. We are basing it on metrics and our performance.
You will have noticed in the statistics and what we say in our annual report is that If we notice that our backlog is increasing, we will surge in a given year to drive the backlog down to a more reasonable number of files. We've just completed a year in which we have surged since December to drive our backlog down so that we can start the year at a more reasonable rate.
Overall, we accept far more applications than we refuse, so right away, you're only seeing a small percentage of those applicants, for either permanent immigration or temporary immigration. When that's all you see, that skews the perspective, and it seems that we spend our days saying no. We actually don't.
The other processes that we try to put into place are to beef up our call centre so that somebody is answering the telephone when the clients call and they can get information directly from a voice, instead of in an ATIP request when you do it online and you don't actually speak to anybody. Actually, we also have, as I think you know, a special phone line for members of Parliament to help with this, so that constituency offices can call in directly or email directly.
We've actually spent a lot of time over the last few months looking at how we can funnel all of the calls or emails, all of the client service approach, into one part of the department, so that we will have cohesion and consistency across the approach, by phone, or by email, or through ATIP, and as well so that people are getting the same responses, because we also find that there's some “answer-shopping”. If I try phoning, do an ATIP, and then if I get a lawyer, maybe I can get a different answer. Ideally, again, to come back to it, the more we can put out there up front, the more time it will save all of us later.
But some people just won't be happy, right? They got denied a visa.