Annual Report to Parliament 2020-2021 on the Administration of the Privacy Act
Table of contents
- Introduction
- Organizational structure
- Delegation Order
- Performance 2020-2021
- Training and awareness
- Policies, guidelines, procedures and initiatives
- Summary of key issues and actions taken on complaints or audits
- Monitoring compliance
- Material privacy breaches
- Privacy Impact Assessments
- Public interest disclosures
- Appendix A - Delegation Order
- Appendix B – Statistical Report on the Privacy Act
- Appendix C - Supplemental Statistical Report on the Privacy Act
Introduction
The Royal Canadian Mounted Police (RCMP) is committed to being open, transparent, and accountable for the services we provide while safeguarding the personal information collected as part of the process. As such, we take our responsibilities under the Access to Information Act (ATIA) and Privacy Act (PA) seriously, and will continue to strive to meet Canadians' expectations, while protecting the public and the integrity of the investigations we undertake on their behalf.
The PA provides individuals with the right to access information about themselves held by the government, subject to specific and limited exceptions. The Act also protects individuals' privacy by preventing others from having access to their personal information, and gives individuals substantial control over the collection, retention, use and disclosure of their personal information.
The RCMP's annual report for 2020-2021 details the manner in which the RCMP discharged its responsibilities in relation to the Act during the reporting period. The report is prepared and tabled in Parliament in accordance with section 72(1) of the PA.
The RCMP is undergoing a major effort to modernize its Access to Information and Privacy (ATIP) program to ensure that the RCMP's ATIP program achieves the high standard expected by Canadians. Privacy is a central focus of this effort, with the RCMP looking to not only expand the number of resources devoted to responding to privacy requests to improve compliance rates, but to help ingrain privacy considerations as a key consideration within the culture of the RCMP.
As this effort advances, the RCMP will be posting detailed information on its website outlining the ATIP modernization strategy and key initiatives that are being undertaken. We encourage all Canadians to visit our website as it is updated to keep track of our progress.
Organizational structure
RCMP
For nearly 150 years, the RCMP has been Canada's national police service. As a federal, provincial, and municipal policing body, the RCMP is unique in the world. The RCMP provides federal policing services to all Canadians and policing services under contract to the three territories, eight provinces, and more than 180 municipalities, including more than 750 detachments across Canadian communities, 600 Indigenous communities and three international airports.
The RCMP's mandate is multi-faceted and includes preventing and investigating crime; maintaining peace and order; enforcing laws; contributing to national security; ensuring the safety of state officials, visiting dignitaries and foreign missions; and providing vital operational support services to other police and law enforcement agencies within Canada and abroad.
The organization is sub-divided into 16 divisions (ten provinces, three territories, National Division, Depot and National Headquarters in Ottawa), each of which is under the direction of a Commanding Officer or Director General. National Headquarters includes nine business lines and is structured as follows: Federal Policing; Contract and Indigenous Policing; Specialized Policing Services; Corporate Management and Comptrollership; Human Resources; Internal Audit and Evaluation; Legal Services; Professional Responsibility Sector; and, Strategic Policy and External Relations.
Access to Information and Privacy (ATIP) Branch
The RCMP established the ATIP Branch in 1983, as the central contact point for matters arising from both the ATIA and PA.
The ATIP Branch falls within the RCMP's Strategic Policy and External Relations Directorate. The Director of the ATIP Branch acts on behalf of the head of the institution as the Departmental Access to Information and Privacy Coordinator for the RCMP. The ATIP Coordinator ensures compliance with both the spirit and the intent of the ATIA and PA, as well as all associated regulations and guidelines.
As described below, the ATIP Branch is divided into two areas:
Policy Team
This team monitors and develops internal policies, procedures and guidelines for the collection, retention, disposition, use and disclosure of all personal and non-personal information for RCMP-wide applications. These dedicated professionals provide policy advice and expertise to the RCMP on access to information and privacy related issues, including supporting the drafting and development of Privacy Impact Assessments (PIAs). It also offers support to ATIP analysts and the RCMP ATIP Coordinator, provides guidance to RCMP business lines and divisions across Canada with respect to the PA, the ATIA and related Treasury Board Secretariat (TBS) policies, directives and guidelines. In addition, the team reviews and creates internal policies that reflect TBS policies and directives as well as expectations of the Office of the Privacy Commissioner (OPC) in order to meet its obligations in relation to Info Source: Sources of Federal Government and Employee Information and PIAs within the RCMP.
Disclosure Team (Operations)
This team processes all formal requests under the ATIA and PA. This includes: working with requesters to discuss scope and clarity of their submissions; opening requests; and, tasking and receiving/importing records to and from Liaison Officers (LOs) within the RCMP's various business lines and divisions across the country. The team also reviews records and provides disclosed pages to requesters, process informal access to information requests, review, and respond to complaints received through both the Offices of the Information and Privacy Commissioners.
When tasking requests, the ATIP Branch works closely with LOs and record holders, known as Office of Primary Interest (OPI). Some responsibilities of the LOs and OPI include:
- Liaison Officers (LOs)
- LOs are responsible for forwarding all ATIP requests to the appropriate personnel (OPI) within their business lines or divisions. Other responsibilities include: tracking submissions to ensure responsive records are sent by OPI to the ATIP Branch; ensuring records are on time; and, documenting and communicating internal RCMP ATIP processes to all who facilitate the processing of requests.
- Office of Primary Interest (OPI)
- As the record holders, some of the OPI's responsibilities include: providing electronic copies of the responsive records; reviewing records for duplication; ensuring that the information falls within the scope of the request; notifying the ATIP Branch if records are voluminous; and, advising the Branch or LO if an extension is required.
Delegation Order
The Departmental Access to Information and Privacy Coordinator has full authority to administer the legislation and apply exemptions and releases. A copy of the signed Delegation Order is included in Appendix A.
Performance 2020-2021
This section provides an overview of the RCMP's performance with respect to information requested under the PA for the 2020-2021 reporting year. The completed statistical report is found in Appendix B.
Impact of the COVID-19 pandemic and mitigation measures
Due to the COVID-19 pandemic, the RCMP experienced added challenges during the 2020-2021 reporting period. As a result of the pandemic, the RCMP had to shift employees to work remotely. Consequently, some employees were not able to perform the full breadth of their duties, including being unable to retrieve physical records from the office or access highly sensitive material remotely. Personnel in divisions across the country were also restricted from accessing physical work locations, which delayed their retrieval and review of requested material. To address this, the ATIP branch implemented temporary measures to ensure Canadians continued to receive information, such as reprioritizing requests to better meet timelines and electronically releasing smaller sized consultations and responses to requests. Nevertheless, the COVID-19 pandemic did have a demonstrable impact on the RCMP's overall compliance rates.
Compliance
The ATIP Branch saw a slight decrease in compliance for the number of closed requests within the legislated timeframes under the PA. In the 2020-2021 fiscal year, compliance decreased to 32.8% from 38.6% in the 2019-2020 fiscal year. The decrease is largely due to COVID-19 pandemic restrictions and technology limitations, which further impeded the RCMP in its ability to meet its compliance obligations.
Requests received and closed
As noted in the statistical report in Appendix B, the RCMP received a total of 4,212 new requests under the PA in 2020-2021. In addition, there were 2,641 requests outstanding from the previous reporting period for a total of 6,853 requests. Of these, 3,614 requests were completed and 3,239 carried over to the 2021-2022 fiscal year.
Generally, privacy requests cover a variety of topics, including information on police operational files such as motor vehicle accidents and employment files.
As demonstrated below, there has been an increase in the number of requests received compared to the previous reporting period. The number of requests received increased by 15% compared to the previous fiscal year and decreased by less than 2% compared to the 2018-2019 fiscal year.
The graph also demonstrates that the number of requests closed this reporting period decreased by 20% compared to the previous fiscal year, and was 25% lower than the 2018-2019 fiscal year.
Workload - Text version
Number of requests received | 2018-2019 | 2019-2020 | 2020-2021 |
---|---|---|---|
Received | 4,289 | 3,661 | 4,212 |
Outstanding | 4,009 | 3,490 | 2,641 |
Completed | 4,808 | 4,510 | 3,614 |
Carried over | 3,490 | 2,641 | 3,239 |
Number of requests processed with over 5,000 pages
Over the past three fiscal years, the RCMP has seen an overall influx in the number of requests processed with over 5,000 relevant pages disclosed compared to previous reporting periods. During this reporting period, the ATIP Branch processed 11 requests with more than 5,000 pages disclosed. In the previous fiscal year, there were 20 requests with such high page numbers, and only eight in the 2018-2019 fiscal year. For the current reporting period of 2020-2021, there has been a decrease of 45% in the number of such requests compared to the 2019-2020 fiscal year, and an increase of 38% compared to the 2018-2019 fiscal year. The decrease in this current reporting period is due, in part, to the COVID-19 pandemic restrictions; however, it does still indicate an overall trend of increased requests. This represents an ongoing challenge for the RCMP's ATIP program to ensure it has the necessary personnel and technology required to keep pace with these trends.
Number of requests processed with over 5,000 pages processed - Text version
Fiscal year | Number of requests | Total pages disclosed |
---|---|---|
2018-2019 | 8 | 17,633 |
2019-2020 | 20 | 43,369 |
2020-2021 | 11 | 21,424 |
Completion time and extensions
The ATIP Branch completed 20% (727) of its requests in 30 days or less. During the reporting period, 14% (504) of the requests were completed within 31-60 days, 11% (406) were completed in 61-120 days, and 55% (1,977) were completed in more than 121 days.
Extensions of over 30 days were sought on 3,614 files. This can be attributed, in part, to the number of requests with a large volume of pages, but more specifically to the ongoing challenges faced by the ATIP program that were exasperated by COVID-19.
Completion rate of closed requests - Text version
Fiscal year | 0 to 30 days | 31 to 60 days | 61 to 120 days | over 121 days | Total |
---|---|---|---|---|---|
2018-2019 | 1,184 | 846 | 422 | 2,356 | 4,808 |
2019-2020 | 1,043 | 744 | 586 | 2,137 | 4,510 |
2020-2021 | 727 | 504 | 406 | 1,977 | 3,614 |
Disposition of completed requests
Of the 3,614 requests completed in the 2020-2021 fiscal year, the dispositions of completed requests were as follows:
- 2,045 (57%) were disclosed in part
- 812 (22%) were abandoned by requesters
- 326 (9%) had no records located
- 298 (8%) were fully disclosed
- 121 (3.5%) had all material exempted
- 12 (0.5%) were neither confirmed nor denied
- 0 (0%) had all material excluded
Disposition of completed requests - Text version
Disposition of requests | Total |
---|---|
All disclosed | 298 |
Disclosed in part | 2,045 |
All exempted | 121 |
All excluded | 0 |
No records exist | 326 |
Request abandoned | 812 |
Neither confirmed nor denied | 12 |
Total | 3,614 |
Consultations with other institutions
The number of consultations received and completed over the last three reporting periods has remained relatively consistent. During the current reporting period, the RCMP completed 108 consultations, totaling 3,716 pages reviewed. Of the 108 completed consultations, 43 were received from other Government of Canada institutions and 65 were received from other organizations.
All consultations received and completed - Text version
Fiscal year | Received | Completed |
---|---|---|
2018-2019 | 157 | 150 |
2019-2020 | 144 | 143 |
2020-2021 | 108 | 96 |
Training and awareness
Training RCMP employees is a priority for the ATIP Branch. Employees are encouraged and supported to enroll in various courses as a means to gain knowledge and improve their skills. For the 2020-2021 reporting year, the ATIP Branch held regular information sharing sessions where employees discussed files and shared best practices, and informal briefings were held to advise ATIP staff of the implementation of new procedures to respond to the COVID-19 pandemic. As new technological tools were introduced to support remote collaboration during the pandemic, the RCMP was able to leverage them to provide a number of training sessions to employees. In-house training and orientation was also provided to new ATIP Intake personnel and virtual training was provided to ATIP LOs in several divisions and business lines across the country, including to the Canadian Criminal Real Time Identification Services, Protective Policing, H Division (Nova Scotia) and J Division (New Brunswick).
Throughout the reporting period, the ATIP Branch, in conjunction with the RCMP's Learning and Development unit continued to develop an ATIP introductory course. This training will provide RCMP employees with increased knowledge in order to more effectively comply with ATIP legislation and RCMP policies. As part of broader modernization efforts, the RCMP is examining how to expand this training delivery for all personnel, leveraging the new technological tools introduced as part of COVID-19. In fact, expanding training delivery forms a key part of the Branch's human resources strategy for ATIP modernization, succession planning and employee retention. Further, the RCMP is examining the development of new training modules that focus specifically on privacy, including enhanced guidance on the development of PIAs.
Policies, guidelines, procedures and initiatives
The ATIP Branch continued to review its processes to improve operational effectiveness. During the reporting period of 2020-2021, the ATIP Branch accomplished the following:
- reviewed employee work arrangements due to the COVID-19 pandemic restrictions and established new telework agreements as well as a reintegration protocol to allow more flexibility for its employees
- updated the Disclosure and Intake team's standard operating procedures, which was part of the ATIP Branch's efforts to formalize its internal processes
- enhanced internal processes for facilitating the transfer of files within the RCMP, including the creation of national shared drives
- modified guidelines to address its on-time and backlog files, enabling processing efficiencies
- provided new equipment to enable employees to telework efficiently during the COVID-19 pandemic restrictions, including securing cellular phones for ATIP employees
- established an internal working group comprised of various stakeholders within the RCMP to augment guidelines, standard operating procedures and awareness communiques to facilitate RCMP ATIP modernization
- continued to lead the interdepartmental working group for the development of business continuity plans specifically for ATIP programs, which led to greater information sharing among the participating departments
- collaborated in monthly conferences with the OPC, resulting in streamlined processes
- created and filled a System Administrator position for data integrity and quality assurance
- rolled-out new technology including MS Teams and electronic data exchange with record holders and requesters to enhance service delivery
Additionally, the ATIP Policy Unit completed the following:
- reviewed its policy on paragraph 8(2)(e) – Privacy Act Request to other federal institutions and initiated a review of its Exempt Bank policy in collaboration with interested stakeholders
- developed Standard Operating Procedures on disclosures in accordance with subsections 8(2)(e) and (m) of the PA and on privacy compliance complaints, which include a handbook describing the ATIP Branch and OPI's responsibilities regarding complaints. These also offer guidance on formulating representations to the OPC
- developed, in accordance with TBS guidelines, the Policy on Privacy Protection, as well as a protocol for collecting, using or disclosing personal information for non-administrative purposes, including research, statistical, audit and evaluation purposes
- established regular meetings with the OPC concerning PIAs and Privacy Compliance Complaints
- participated in multiple working groups to discuss initiatives such as Race Based Data Collection and several high profile privacy breaches
- in response to an internal audit of the ATIP Program, a gap analysis of all ATIP Policies was initiated to identify the need for revisions to existing policies or the creation of new policies which is slated to be finalized by the end of 2021
Summary of key issues and actions taken on complaints or audits
Complaints and investigations
During this reporting period, the RCMP continued to work collaboratively with the OPC to streamline processes in addressing complaint files.
Comprised of seven employees, including consultants, the ATIP Branch's complaints team, which is dedicated to responding to complaints, continued to enable the RCMP to respond more efficiently to complaints received through the Offices of the Information and Privacy Commissioners.
Section 8 of the Statistical Report Appendix B also provides data on the complaints received and closed. Specifically, for the 2020-2021 reporting period, the RCMP received and provided the following under the PA:
- Section 31
- The RCMP received 187 Section 31 notices, which represents less than 4% of all requests closed during the reporting period. The majority of the privacy complaints received relate to delays and in deemed refusal, which can be attributed to the ongoing RCMP backlog and to the complex and/or voluminous nature of requests. Under this section, the OPC formally notifies the institution of their intent to investigate a complaint received.
- Section 33
- No formal representations were made under Section 33. Under this section, the OPC requests representations from both the complainant and the institution pursuant to an ongoing complaint investigation.
- Section 35
- No formal representations were made under Section 35. Under this section, the OPC issues a findings report, which may include recommendations, for founded complaints upon the conclusion of the investigation.
Court action
Four court proceedings were actioned with respect to privacy requests processed and three were concluded during the reporting period.
Monitoring compliance
The ATIP Branch monitors compliance through weekly statistical reports, which include compliance rate, the number of files completed on time and those that are delayed, as well as complaints. A System Administrator position was created along with a Performance Dashboard to further identify trends and assist the Branch in strategically developing efficiencies. The Branch's Management team reviews the weekly reports to manage workload and to determine any upcoming issues where processes could be improved. The reports are provided to the Chief Strategic Policy and External Relations Officer and the RCMP's Chief Administrative Officer.
The ATIP Branch is currently working to bolster its data reporting function by onboarding new technology. This new technology will enable the Branch to be more strategic and transparent, by automatically capturing pertinent data to assist the Branch with its planning and public reporting, and ensuring that senior management has a complete understanding of the ATIP program's workload as well as to identify areas where efficiencies may be found.
Material privacy breaches
As Canada's national police force, the RCMP is trusted to handle and protect the personal information of Canadians with professionalism and integrity. The RCMP places the utmost importance on this responsibility. To safeguard the personal information in its care, the RCMP has strict policies and procedures in place to prevent unauthorized access and disclosure across the organization. However, even with these rigorous procedures in place, privacy breaches still occur, often as a result of human error. With every privacy breach, the RCMP takes steps to improve its processes to ensure that similar incidents do not occur again.
When a privacy breach is detected, the RCMP ATIP Branch follows the TBS guidelines to determine the privacy risks and reports all breaches, deemed material as per TBS guidelines, to the OPC and TBS.
During fiscal year 2020-2021, the RCMP reported a total of 10 material privacy breaches to the OPC and TBS. Specifically:
- A note containing personal information, created by an RCMP member, was left at the scene of an incident. A member of the public subsequently found the note and posted it to Facebook. The post was removed several hours later. The affected individuals were notified and advised of their right to complain to the OPC.
- A conduct decision was posted online containing information that could possibly lead to the identification of a confidential informant. The affected individual was notified and advised of their right to complain to the OPC. The decision was removed from the website and the RCMP's Conduct Unit will review conduct decisions prior to publishing them online.
- The personnel and service files of an employee were mistakenly mailed to an RCMP Detachment instead of the RCMP Headquarters Records Department. The affected individual was notified and advised of their right to complain to the OPC. The Division has reminded all employees to ensure they adhere to proper records transmittal processes, and proper use and acknowledgement of transmittal documentation. The lost files were later located within the RCMP Detachment and the affected individual was notified.
- An employee security file was lost between the Records Office and the Departmental Security office. The affected individual was notified and advised of their right to complain to the OPC. The Records Office has committed to conducting more regular follow-ups of outgoing transmittals to ensure there is an accurate paper trail of where the file is, at all times. The lost file was later located and the affected individual was notified.
- The RCMP learned that a hacker group called Distributed Denial of Secrets had published over 260 gigabytes of law enforcement data it had stolen from the websites of 200+ law enforcement agencies across North America, including the RCMP. A Joint Management Taskforce comprised of Departmental Security, National Security, National Cyber Crime Unit, Federal Policing and Access to Information and Privacy (ATIP) Branch was formed to determine the impacts of this breach on the RCMP. The RCMP ATIP Branch is currently notifying affected individuals.
- An ATIP Branch employee sent a copy of an Access to Information request release package, which contained personal information, to three individuals who had requested informal access. All parties who inadvertently received the personal information were asked to return the records. The affected individual was notified and advised of their right to complain to the OPC. The ATIP Branch has provided the employee with additional training, including the need to review release packages for personal information prior to releasing.
- The RCMP in Saskatchewan issued a Crime Watch Advisory, requesting the assistance of the public to identify two individuals (male and female) associated with the theft of fuel. The wrong picture was included in the advisory, which identified another individual. The same day, an apology was issued on Crime Watch and the correct photo of the suspect was issued. The affected individual was notified and advised of their right to complain to the OPC. The officers involved in this incident were provided verbal direction concerning best practices for future investigations of this kind. Furthermore, Saskatchewan RCMP policy regarding Crime Watch advisories was updated and a communiqué was sent to all District Commanders and Program Officers to remind their employees of the applicable policy.
- The Occupational Health Services Unit sent a form containing personal, medical information of an employee to other employee outside of the Health Services Unit who did not have a need to know. The affected individual was notified and advised of their right to complain to the OPC. All employees who received the form have deleted the information. Moreover, all staff of the Occupational Health Services Unit were reminded of the importance of maintaining the confidentiality of employee health information.
- A digital copy of a Code of Conduct witness waiver form, typically only used internally within the RCMP, was sent to a civilian witness. The form included two allegations against a member under investigation. The form was returned to the RCMP and the National Conduct Unit has decided to no longer use this form outside the RCMP. The affected party was notified of the incident and their right to file a complaint with the OPC.
- A USB containing an RCMP Public Complaint file was lost in the mail. The USB was not password-protected nor encrypted. Canada Post Security and Investigative Services has flagged the incident and will notify the RCMP if the USB is located in their holdings. The RCMP is currently in the process of communicating with all the affected individuals to advise them of the incident and their right to file a complaint with the OPC. The employee involved was reminded of their security obligations when mailing protected information.
Privacy Impact Assessments
During the reporting period, the RCMP completed one Privacy Impact Assessment (PIA) and submitted the following to the OPC:
Cybercrime Coordination Unit (NC3)
The NC3 is a National Police Service stewarded within the RCMP. The NC3 will coordinate and de-conflict intelligence for cybercrime investigations across all levels of policing and enable efficient law enforcement activities of national and international police partners as they relate to cybercrime, including apprehending and disrupting cybercriminals. Ultimately, the NC3 is intended to reduce the threat, impact and victimization of cybercrime in Canada and contribute to achieving the Government of Canada's long-term vision of safety and security in the digital age.
Based on the present assessment, privacy risks arising from the activities of the NC3 are considered to be moderate. However, if recommendations from this PIA were fully adopted, the risks would be reduced to an acceptable or low level.
The NC3 will develop and implement a management action plan to address the recommendations and mitigate the risks. The protection of privacy is a pillar of NC3's operations. Every effort will be made within NC3's operating procedures and policies to ensure that operational benefits are proportionate to privacy impacts and to help achieve a balance between an individual's right to privacy and the need for collecting personal information to inform law enforcement operations, activities and priorities. Information collected by the NC3 will be used for authorized purposes only and secured in a manner commensurate with its sensitivity.
The RCMP will implement policies, protocols and controls to ensure the protection and proper handling of personal information collected by the NC3. A comprehensive analysis of the RCMP's obligations under the PA with respect to the operation and administration of NC3's core activities was completed as part of this PIA.
Public interest disclosures
During the 2020-2021 fiscal year, 42 disclosures were made pursuant to paragraph 8(2)(m) of the PA, which allows for disclosure when either the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure, or the disclosure would clearly benefit the individual to whom the information relates. The disclosures related to either the duty status of charged RCMP employees or the release of dangerous offenders into communities across Canada. Due to the nature of these disclosures, the majority of the notifications were made to the OPC after the disclosure.
Appendix A - Delegation Order
Access to Information Act and Privacy Act Delegation Order
The Minister of Public Safety and Emergency Preparedness, pursuant to section 73 of the Access to Information Act and of the Privacy Act, hereby designates the persons holding the position set out in the schedule hereto, or the persons occupying on an acting basis those positions, to exercise the powers and functions of the Minister as the head of a government institution, that is, the Royal Canadian Mounted Police, under the section of the Act set out in the Schedule opposite each position. This designation replaces and nullifies all such designations previously signed and dated by the Minister.
Position | Privacy Act and Regulations | Access to Information Act and Regulations |
---|---|---|
Commissioner of the RCMP | Full Authority | Full Authority |
Chief, Strategic Policy and Planning Officer | ||
Departmental Access to Information and Privacy Coordinator | ||
Commanding Officers | Authority for 8(2)(j) and 8(2)(m) | Not available |
Officer in Charge, Policy, Processing and External Relations | Full Authority except 8(2)(j) and 8(2)(m) | 7, 8(1), 9, 11(2) to 11(6) (inclusive), 12(2) and all mandatory exemptions (13(1), 16(3), 19(1), 20(1) and 24(1)) and 6(1) and 8 of the Regulations |
Manager, Processing and Triage | ||
Manager, Quality Control | ||
Non-Commissioned Officers and public servants in charge of ATIP unit | ||
Non-Commissioned Officers and public servants in charge of ATIP Branch (analysts) | 14 and 15 for all records; 17(2)(b), 19 to 28 (inclusive) for all employee records as designated in InfoSource; For all other records requiring mandatory exemptions in their entirety (19(1), 22(2) and 26) of the Act; 9 and 11(2) of the Regulations | 7, 8(1) and 12(2)(b) and all records exempted in their entirety by mandatory exemptions (13(1), 16(3), 19(1), 20(1) and 24(1)) of the Act; 6(1) and 8 of the Regulations |
Signed, at the City of Ottawa, this 4 day of December, 2015
The Honourable Ralph Goodale, P.C., M.P.
Minister of Public Safety and Emergency Preparedness
Appendix B – Statistical Report on the Privacy Act
- Name of institution
- Royal Canadian Mounted Police
- Reporting period
- April 1, 2020 to March 31, 2021
Section 1: Requests under the Privacy Act
Type | Number of Requests |
---|---|
Received during reporting period | 4,212 |
Outstanding from previous reporting period | 2,641 |
Total | 6,853 |
Closed during reporting period | 3,614 |
Carried over to next reporting period | 3,239 |
Section 2: Requests Closed During the Reporting Period
Disposition of requests | Completion time | |||||||
---|---|---|---|---|---|---|---|---|
1 to 15 days | 16 to 30 days | 31 to 60 days | 61 to 120 days | 121 to 180 days | 181 to 365 days | More than 365 days | Total | |
All disclosed | 5 | 12 | 49 | 76 | 49 | 72 | 35 | 298 |
Disclosed in part | 45 | 120 | 269 | 221 | 179 | 399 | 812 | 2,045 |
All exempted | 6 | 21 | 32 | 18 | 14 | 19 | 11 | 121 |
All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
No records exist | 64 | 20 | 47 | 50 | 31 | 72 | 42 | 326 |
Request abandoned | 383 | 50 | 104 | 40 | 45 | 36 | 154 | 812 |
Neither confirmed nor denied | 0 | 1 | 3 | 1 | 1 | 4 | 2 | 12 |
Total | 503 | 224 | 504 | 406 | 319 | 602 | 1,056 | 3,614 |
Section | Number of Requests |
---|---|
18(2) | 0 |
19(1)(a) | 13 |
19(1)(b) | 3 |
19(1)(c) | 372 |
19(1)(d) | 114 |
19(1)(e) | 0 |
19(1)(f) | 1 |
20 | 0 |
21 | 2 |
22(1)(a)(i) | 863 |
22(1)(a)(ii) | 356 |
22(1)(a)(iii) | 14 |
22(1)(b) | 450 |
22(1)(c) | 10 |
22(2) | 0 |
22.1 | 0 |
22.2 | 0 |
22.3 | 0 |
22.4 | 0 |
23(a) | 3 |
23(b) | 0 |
24(a) | 0 |
24(b) | 0 |
25 | 3 |
26 | 1,530 |
27 | 137 |
27.1 | 0 |
28 | 3 |
Section | Number of Requests |
---|---|
69(1)(a) | 0 |
69(1)(b) | 0 |
69.1 | 0 |
70(1) | 0 |
70(1)(a) | 0 |
70(1)(b) | 0 |
70(1)(c) | 0 |
70(1)(d) | 0 |
70(1)(e) | 0 |
70(1)(f) | 0 |
70.1 | 0 |
Paper | Electronic | Other |
---|---|---|
552 | 1,791 | 0 |
2.5 Complexity
Number of pages processed | Number of pages disclosed | Number of requests |
---|---|---|
567,813 | 227,874 | 3,288 |
Disposition | Less than 100 pages processed | 101-500 pages processed | 501-1000 pages processed | 1001-5000 pages processed | More than 5000 pages processed | |||||
---|---|---|---|---|---|---|---|---|---|---|
Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | |
All disclosed | 288 | 1,488 | 8 | 1,758 | 2 | 529 | 0 | 0 | 0 | 0 |
Disclosed in part | 1,273 | 25,761 | 543 | 60,180 | 126 | 41,752 | 92 | 74,982 | 11 | 21,424 |
All exempted | 95 | 0 | 22 | 0 | 4 | 0 | 0 | 0 | 0 | 0 |
All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Request abandoned | 792 | 0 | 13 | 0 | 5 | 0 | 2 | 0 | 0 | 0 |
Neither confirmed nor denied | 12 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 2,460 | 27,249 | 586 | 61,938 | 137 | 42,281 | 94 | 74,982 | 11 | 21,424 |
Disposition | Consultation required | Legal Advice Sought | Interwoven | Other | Total |
---|---|---|---|---|---|
All disclosed | 0 | 0 | 0 | 4 | 4 |
Disclosed in part | 25 | 0 | 55 | 95 | 175 |
All exempted | 0 | 0 | 0 | 8 | 8 |
All excluded | 0 | 0 | 0 | 0 | 0 |
Request abandoned | 1 | 0 | 0 | 29 | 30 |
Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 |
Total | 26 | 0 | 55 | 136 | 217 |
2.6. Closed requests
Type | Requests closed within legislated timelines |
---|---|
Number of requests closed within legislated timelines | 1,184 |
Percentage of requests closed within legislated timelines (%) | 32.8 |
2.7 Deemed refusals
Number of requests closed past the legislated timelines | Principal reason | |||
---|---|---|---|---|
Interference with Operations / Workload | External Consultation | Internal Consultation | Other | |
2,430 | 1,720 | 0 | 0 | 710 |
Number of days past legislated timelines | Number of requests past legislated timeline where no extension was taken | Number of requests past legislated timeline where an extension was taken | Other |
---|---|---|---|
1 to 15 days | 42 | 81 | 123 |
16 to 30 days | 13 | 92 | 105 |
31 to 60 days | 21 | 193 | 214 |
61 to 120 days | 39 | 290 | 329 |
121 to 180 days | 18 | 219 | 237 |
181 to 365 days | 15 | 493 | 508 |
More than 365 days | 207 | 707 | 914 |
Total | 355 | 2,075 | 2,430 |
Translation requests | Accepted | Refused | Total |
---|---|---|---|
English to French | 0 | 0 | 0 |
French to English | 0 | 0 | 0 |
Total | 0 | 0 | 0 |
Section 3: Disclosures Under Subsections 8(2) and 8(5)
Paragraph 8(2)(e) | Paragraph 8(2)(m) | Subsection 8(5) | Total |
---|---|---|---|
10 | 41 | 41 | 92 |
Section 4: Requests for Correction of Personal Information and Notations
Disposition for Correction Requests Received | Number |
---|---|
Notations attached | 10 |
Requests for correction accepted | 0 |
Total | 10 |
Section 5: Extensions
Number of requests where an extension was taken | 15(a)(i) Interference with operations | 15 (a)(ii) Consultation | 15(b) Translation purposes or conversion | |||||
---|---|---|---|---|---|---|---|---|
Further review required to determine exemptions | Large volume of pages | Large volume of requests | Documents are difficult to obtain | Cabinet Confidence Section (Section 70) | External | Internal | ||
2,849 | 0 | 0 | 2,849 | 0 | 0 | 0 | 0 | 0 |
Length of extensions | 15(a)(i) Interference with operations | 15 (a)(ii) Consultation | 15(b) Translation purposes or conversion | |||||
---|---|---|---|---|---|---|---|---|
Further review required to determine exemptions | Large volume of pages | Large volume of requests | Documents are difficult to obtain | Cabinet Confidence Section (Section 70) | External | Internal | ||
1 to 15 days | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
16 to 30 days | 0 | 0 | 2,849 | 0 | 0 | 0 | 0 | 0 |
31 days or greater | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 0 | 0 | 2,849 | 0 | 0 | 0 | 0 | 0 |
Section 6: Consultations Received From Other Institutions and Organizations
Consultations | Other Government of Canada institutions | Number of pages to review | Other organizations | Number of pages to review |
---|---|---|---|---|
Received during reporting period | 43 | 2,720 | 65 | 996 |
Outstanding from the previous reporting period | 8 | 60 | 9 | 1,026 |
Total | 51 | 2,780 | 74 | 2,022 |
Closed during the reporting period | 37 | 2,638 | 59 | 1,729 |
Carried over to next reporting period | 14 | 142 | 15 | 293 |
Recommendation | Number of days required to complete consultation requests | |||||||
---|---|---|---|---|---|---|---|---|
1 to 15 days | 16 to 30 days | 31 to 60 days | 61 to 120 days | 121 to 180 days | 181 to 365 days | More than 365 days | Total | |
All disclosed | 11 | 5 | 4 | 4 | 0 | 1 | 0 | 25 |
Disclosed in part | 4 | 5 | 0 | 1 | 0 | 1 | 0 | 11 |
All exempted | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 1 |
All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Consult other institution | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Other | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 15 | 11 | 4 | 5 | 0 | 2 | 0 | 37 |
Recommendation | Number of days required to complete consultation requests | |||||||
---|---|---|---|---|---|---|---|---|
1 to 15 days | 16 to 30 days | 31 to 60 days | 61 to 120 days | 121 to 180 days | 181 to 365 days | More than 365 days | Total | |
All disclosed | 28 | 8 | 4 | 1 | 0 | 1 | 0 | 42 |
Disclosed in part | 7 | 3 | 1 | 2 | 0 | 0 | 0 | 13 |
All exempted | 0 | 1 | 1 | 0 | 0 | 0 | 0 | 2 |
All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Consult other institution | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Other | 0 | 1 | 0 | 0 | 0 | 1 | 0 | 2 |
Total | 35 | 13 | 6 | 3 | 0 | 2 | 0 | 59 |
Section 7: Completion time of consultations on cabinet confidences
Number of days | Less than 100 pages processed | 101-500 pages processed | 501-1000 pages processed | 1001-5000 pages processed | More than 5000 pages processed | |||||
---|---|---|---|---|---|---|---|---|---|---|
Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | |
1 to 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
16 to 30 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
31 to 60 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
61 to 120 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
121 to 180 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
181 to 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
More than 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Number of days | Less than 100 pages processed | 101-500 pages processed | 501-1000 pages processed | 1001-5000 pages processed | More than 5000 pages processed | |||||
---|---|---|---|---|---|---|---|---|---|---|
Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | Number of requests | Pages disclosed | |
1 to 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
16 to 30 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
31 to 60 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
61 to 120 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
121 to 180 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
181 to 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
More than 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Section 8: Complaints and investigations notices received
Section 31 | Section 33 | Section 35 | Court action | Total |
---|---|---|---|---|
187 | 0 | 0 | 4 | 191 |
Section 9: Privacy Impact Assessments (PIA) and Personal Information Banks (PIB)
Number of PIA(s) completed | 1 |
---|
Type | Active | Created | Terminated | Modified |
---|---|---|---|---|
Personal Information Banks | 38 | 0 | 0 | 0 |
Section 10: Material privacy breaches
Number of material privacy breaches reported to TBS | 10 |
---|---|
Number of material privacy breaches reported to OPC | 10 |
Section 11: Resources related to the Privacy Act
Expenditures | Amount |
---|---|
Salaries | $2,326,930 |
Overtime | $69,753 |
Goods and Services
| $660,221 |
Total | $3,056,904 |
Resources | Person years dedicated to Access to Information Activities |
---|---|
Full-time employees | 25.607 |
Part-time and casual employees | 1.501 |
Regional staff | 0 |
Consultants and agency personnel | 3.548 |
Students | 0.261 |
Total | 30.917 |
Appendix C - Supplemental Statistical Report on the Privacy Act
Section 1: Capacity to Receive Requests
Type | Number of weeks |
---|---|
Able to receive requests by mail | 30 |
Able to receive requests by email | 52 |
Able to receive requests through the digital request service | 52 |
Section 2: Capacity to Process Records
Type | No capacity | Partial capacity | Full capacity | Total |
---|---|---|---|---|
Unclassified paper records | 22 | 0 | 30 | 52 |
Protected B paper records | 22 | 0 | 30 | 52 |
Secret and Top Secret paper records | 22 | 30 | 0 | 52 |
Type | No capacity | Partial capacity | Full capacity | Total |
---|---|---|---|---|
Unclassified electronic records | 0 | 0 | 52 | 52 |
Protected B electronic records | 0 | 0 | 52 | 52 |
Secret and Top Secret electronic records | 22 | 30 | 0 | 52 |
- Date modified: