Thank you very much, and thank you for inviting me. I'll have some short comments, and then I'd be happy to take your questions.
Let me begin by saying that I welcome the direction in which the government is moving under Bill C-2. Since I assumed my position, I have governed my Office with the spirit and practice of increasing its transparency and accountability to the Canadian public. I have experienced first-hand the lengthy and difficult struggle of having to restore sound business practices, rebuild staff morale and re-establish public confidence in my Office. I fully support the government's efforts to put into place necessary mechanisms to help avoid such unfortunate situations from happening again.
Bill C-2 brings the first wave of new amendments to the Access to Information and Privacy Acts. However, I believe there is still major work to be done. Like Access to Information reform, Privacy Act reform is an equally important pre-condition for achieving meaningful government accountability and transparency.
I will talk a bit more about the need for Privacy Act reform as an issue of accountability and transparency.
As the Supreme Court of Canada recently stated, the Access to Information Act and the Privacy Act must be read together, and I quote them, as “a seamless code”. When Parliament adopted these companion pieces of legislation some 25 years ago, it clearly intended to increase government accountability in two ways: first, by ensuring that access to information under government control is recognized as a right of citizens; and, second, by strengthening the individual's right to know what personal information the government has about them and how it is used.
Privacy is not synonymous with secrecy, nor should it be seen as an antonym to access. In fact, openness, accountability and access to one's personal information are three of the fundamental, and now internationally recognized, principles of any modern data protection regime. At the request of the former Standing Committee on Access to Information, Privacy and Ethics, my office has prepared a discussion paper on the reform of the Privacy Act, which we will be tabling next week with the committee.
I will go now to comment on the specific provisions of this bill as they relate to the Privacy Act. The focus of my remaining comments then are as follows.
The extended scope of application is something that I'd like to comment on. While I take the view, as my colleague Information Commissioner John Reid does, that a more principled approach is eventually needed to hold all government institutions accountable for their information holdings, the extended coverage proposed by Bill C-2 is still, in my mind, a welcome incremental step. By extending Privacy Act coverage to include more entities, Bill C-2 certainly improves on the status quo.
I am concerned, however, with the proposal that seeks to remove certain commercial crown corporations from our private sector act, which is known as the Personal Information Protection and Electronic Documents Act, PIPEDA, and include them instead in the Privacy Act. I refer the honourable members to clauses 188 and 190 of the legislation. Specifically, I am referring to the Canadian Broadcasting Corporation, the CBC, and Atomic Energy of Canada Limited, both of which are crown agents currently designated by order to be subject to PIPEDA, as well as VIA Rail, which is a federal work, also subject to PIPEDA. The sad reality, honourable members, is that personal information is now far better regulated in the federally regulated private sector than it is in the federal public sector. Changing the rules for these commercial crown corporations would actually lower the standard of privacy protection they are required to meet under PIPEDA, equivalent to their private sector competitors, who are all presently on a level playing field.
Bill C-2 exempts from access personal information obtained or created by our office in the course of an investigation. This provision is parallel to a new section proposed for the Access to Information Act. I support the inclusion of both of these new exemptions in respect of privacy investigations conducted by my office. I believe that these new exemptions, as they apply to privacy investigations, are important to close the back door so that a person who is being denied access to information by a department and brings the complaint to my office cannot indirectly obtain access to it simply by seeking access to my investigation files, which invariably contain a copy of the information in question. Were complainants permitted to do this, they would, in effect, be circumventing the entire complaint resolution process provided for by law.
Moreover, this exemption is entirely consistent with the existing confidentiality provision in the Privacy Act, which aims to protect the ombudsman process in its mission to resolve conflict in an informal manner. The obligation of confidentiality is essential to the ombudsman's approach to encourage the parties to engage fully within a conciliatory process that best functions when the parties reach a mutual state of trust and confidence.
Finally, I would add that, by their very nature, privacy complaints arise out of situations where individuals feel that their personal information rights have been violated. It would only add insult to injury if OPC investigation files, which are created to look at the complainant's allegation, were publicly accessible, further exacerbating their sense of privacy violation.
We support the new exemptions being proposed for the Privacy Act to protect whistleblowers under Bill C-11. OPC had voiced support for protecting the identity of whistleblowers when we appeared on Bill C-11.
Disclosure of wrongdoing is an alert to the existence of departmental wrongdoing. The type of investigation envisaged in this legislation scheme does not generally turn on the identity of the whistleblower, but rather, on the veracity of the alleged facts. It is important not to confuse the necessary assessment of the credibility of witnesses in any investigation, including investigations into alleged wrongdoings, with the legislator's public policy choice to protect the identity of the whistleblower in this specific context. Even where the identity of the whistleblower may be relevant to an investigation, Bill C-11, as amended by C-2, expressly provides that rules of procedural fairness and natural justice continue to apply to the Chief Executive, Integrity Commissioner and Tribunal.
In my view, this insures a proper balance between fairness to the alleged wrongdoer and protection of the whistleblower.
I'll comment briefly on the appointment and removal process for officers of Parliament. I support these amendments to the process for appointing and removing the Privacy Commissioner under section 53 of the Privacy Act, which ensure the necessary level of independence appropriate for an officer of Parliament. Like my colleague the Auditor General, however, I would not favour the public disclosure of the final vote count, which may adversely affect the necessary level of confidence among parliamentarians and the public in the ultimate choice of an officer.
Finally, I bring to your attention what I see as a serious omission in Bill C-2: the absence of a mechanism to investigate access or privacy complaints against the Information and Privacy Commissioners. I would hope that the provisions in Bill C-2 making the two commissioners subject to both Acts will not come into force until an alternative complaint investigation process is properly established to deal with these new types of situations.
In conclusion, I hope I have given you a clear indication of my views on the provisions of Bill C-2 that have privacy implications, as well as the importance, for the same reasons as you are undertaking this reform, of reforming the Privacy Act, which is an indispensable part of assuring government accountability.
I would be happy to take your questions.