Information & Ethics Committee on Oct. 2nd, 2006

Evidence of meeting #8 for Access to Information, Privacy and Ethics in the 39th Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was requester.

A recording is available from Parliament.

On the agenda

Study on issues related to the alleged disclosure of the names of Access to Information applicants

MPs speaking

Also speaking

J. Alan Leadbeater Deputy Information Commissioner, Office of the Information Commissioner of Canada

Wayne Watson Director General, Investigation and Inquiries Branch, Office of the Privacy Commissioner of Canada

Jan Peszat Manager, Investigation and Inquiries Branch, Office of the Privacy Commissioner of Canada

3:30 p.m.

NDP

The Vice-Chair NDP Pat Martin

I will be chairing today, because neither the chair nor the official opposition vice-chair is available, so here I am. Thank you. It's an honour.

We're here today to begin the first meeting of a study the committee has agreed to undertake on the alleged disclosure of the names of access to information applicants. The committee felt that a good place to start would be to get the same base level of information on access to information as pertains to the Information Commissioner's office and to the Privacy Commissioner's office.

Therefore, we have witnesses here: the deputy information commissioner, Alan Leadbeater; his director general, investigations and reviews, Dan Dupuis; and Nadine Gendron, legal counsel for the Information Commissioner. Welcome.

Also, from the Office of the Privacy Commissioner, we have Mr. Wayne Watson, director general, investigation and inquiries branch; and Jan Peszat, manager, investigation and inquiries branch.

I think we should preface this with just one cautionary note. The chair and I have had a conversation about the Privacy Commissioner, represented here by her director general, not being able to answer specific questions about the investigation that is under way. I think we'll be interested in posing questions about the scope and magnitude of what you're allowed to do, perhaps, or if in fact an investigation is under way, but I think I would have to rule out of order any questions that get into the specifics of an investigation that may or may not be under way, so that you're not put in the awkward position of being forced to answer something that might compromise an investigation.

Having said that, I think we'll go in the order that is on the agenda and invite Mr. Leadbeater to give his opening remarks.

October 2nd, 2006 / 3:30 p.m.

J. Alan Leadbeater Deputy Information Commissioner, Office of the Information Commissioner of Canada

Thank you, Mr. Chairman.

I apologize for not having my remarks to distribute. I was notified on Friday of the session. I wrote diligently over the weekend, but I didn't have a chance to have it translated.

I thank you for your patience in letting me read my statement into the record.

I'm not able to offer evidence about the specific disclosure of Mr. Jim Bronskill's identity to operational officials, and a number of government organizations, or to exempt staff in the Prime Minister's Office. Apart from seeing a copy of the e-mail minutes of a meeting in which the disclosure of Mr. Bronskill's identity was made, a copy sent to me by a journalist--not by Mr. Bronskill, who had received a copy of the e-mail in response to an access request--I know no more about this particular incident than do the members of this committee. My office has not received a complaint about the matter, and the matter, as I understand, is under investigation by Mrs. Stoddart, the Privacy Commissioner. The Office of the Information Commissioner welcomes that investigation and looks forward to having the benefit of her findings and recommendations in due course.

On the more general issue of the importance of protecting the identities of access requesters from dissemination within government, I will make a few observations. My starting point must be the unanimous decision of the Supreme Court of Canada, written by Justice Gonthier in 2003 in the case of the Information Commissioner versus the Commissioner of the RCMP and the Privacy Commissioner.

Justice Gonthier, for the court, said this:

s. 4(1) of the Access Act provides that every Canadian citizen and permanent resident “has a right to and shall, on request, be given access to any record under the control of a government institution.” This right is not qualified; the Access Act does not confer on the heads of government institutions the power to take into account the identity of the applicant or the purposes underlying a request. In short, it is not open to the RCMP Commissioner

--and, may I add, to any head of institution--

to refuse disclosure on grounds that disclosing the information...will not promote accountability; the Access Act makes this information equally available to each member of the public because it is thought that the availability of such information as a general matter is necessary to ensure the accountability of the state and to promote the capacity of the citizenry to participate in decision-making processes.

At tab 1 of the information I've handed out to you, I've included a copy of that decision of Justice Gonthier. If you're interested in looking up what I've just quoted, that paragraph is on pages 24 and 25 of the English and pages 26 and 27 of the French version.

Those strong words from the Supreme Court of Canada give us these unambiguous messages.

One, in order to make decisions about whether or not to disclose information requested under the Access to Information Act, it is neither necessary nor appropriate to take into account the identity of the access requester or the motivations of the requester.

The second unambiguous lesson is that the reason identities and motivations ought not be put into the decision-making mix is that the right of access must be afforded without discrimination to all if the purposes of the act are to be realized.

The third message is that the purposes that are at stake go to the very heart of a healthy democracy. They are to ensure the accountability of the government and to promote the capacity of the population to be informed and knowledgeable participants in our democratic institutions.

The current law of Canada restricts the disclosure of requests for identities to the use for which the identity was provided or uses consistent with that purpose.

If you look at tab 2 of the materials, you'll see sections 7 and 8 of the Privacy Act. I'll take you to section 7:

Personal information under the control of a government institution shall not, without the consent of the individual to whom it relates, be used by the institution except

(a) for the purpose for which the information was obtained or compiled by the institution or for use consistent with that purpose;

Section 8 has a similar limit on disclosures of personal information. The name of an individual access requester is personal information. This is enshrined, the need-to-know principle, with respect to the identity of access requesters. The identity of an individual access requester may be used or disclosed without the consent of the individual only for the purpose of processing and answering the request.

For example, the $5 cheque that comes with an access request will be sent to the institution's finance department. In so doing, the finance department will learn the identity of the access requester. That disclosure is permitted. And the request will be assigned to an ATIP analyst, who will send the acknowledgement in reply and who may communicate with the requester to clarify the request, or transmit a fee estimate, or collect a deposit, or to notify of an extension of time and so forth. Disclosure of the requester's identity to the ATIP analyst is necessary to process the request and hence is permitted.

Beyond the ATIP and finance units and perhaps to legal services if there is a need to verify the eligibility of the requester to make a request, generally speaking there is no need for any other government official to be given the requester's identity without the consent of the requester. There is no need, for example, for those searching for the records to know the requester's identity; there is no need for those assessing the likelihood of harm from disclosure to know the requester's identity--that was made clear in the passage I read from the Supreme Court of Canada--there is no need for the public affairs group to know the identity in order to prepare the minister and department for any questions that may arise from the disclosure of the requested records; there is no need for any senior officials in the approval chain, including the minister, the Prime Minister and exempt staffers, to know the identity of access requesters.

What I have described is the legal protection that now exists in the Privacy Act for the identities of individual access requesters. However, there is in statute law no protection for the identities of access requesters who are legal persons rather than individuals. Corporations, NGOs, partnerships, and associations are also frequent users of the Access to Information Act. Businesses make up the largest user group--far more frequent users than individuals such as journalists, MPs, or academics.

That is why in the open government act that was tabled with this committee last fall, it is proposed that the Access to Information Act be amended to include specific protection for the identity of all access requesters. And if you look at tab 3 in the materials I've circulated, and if you look to subsection 4(5) on the second page, the proposal is that:

The identity of a person making a request under subsection (1) may not be disclosed without the consent of the person unless

(a) the disclosure is solely within the government institution to which the request is made; and

(b) the person's identity is only disclosed to the extent that is reasonably necessary to process and answer the request

This provision did not make its way into Bill C-2, the Federal Accountability Act. However, Bill C-2 establishes a duty to assist access requesters without regard to their identity. While this new obligation is positive, it does not restrict the dissemination of requester identities. The Office of the Information Commissioner encourages the government to include the above-quoted open government act provision in any Access to Information Act reform bill it may bring forward.

Improper disclosures of requester identities can no longer be convincingly blamed on ignorance. The Treasury Board has issued guidance on this matter to all departments. And if you look at tab 4 of the materials I've issued to you, at the second page you'll see guidelines on treating the identity of a requester as personal information.

Reports have been made by information commissioners, government training programs remind officials not to disseminate requester identities, and the government's task force on access reform of 2002 reminded public officials of the need to protect the identities of access requesters. The reason for all of this is intuitively known to every public servant, elected official, and exempt staffer. Requester anonymity is necessary to ensure impartiality in the processing of access requests.

We have seen the effects of unnecessary disclosure of requester identity. One is retribution, such as loss of contracts by businesses, loss of access to the Prime Minister's aircraft by journalists, or career retaliation against employees. We have seen threats and bullying--for example, senior officials communicating directly to the access requesters their displeasure at being the targets of access requests. We have seen discriminatory treatment of the access request itself by it being improperly delayed, subjected to inflated fee estimates and 100% deposit demands, refusals of fee waivers, and overly broad application of exemptions to deny access.

In the hand-out, I have included materials that describe a case where disclosure of a requester's identity had some of these adverse effects. If you look at tab 5, that abstract from an annual report of the Information Commissioner had to do with a deputy minister-level official in the Government of Canada who was on secondment to the Tobin government of Newfoundland to help negotiate the Voisey's Bay nickel project. His former department, Fisheries and Oceans, had received access requests about him. You'll see on page 23 that the deputy minister, Mr. Rowat, wrote a letter to the access requester, and the letter said:

It has come to my attention that you and/or your organization are collecting a comprehensive file on my personal and professional activities. Will you please: - notify me in writing if, in fact, you are preparing a file, which in any way concerns me. - If so, advise me of your intended purpose and use of that information. - Provide me with a copy of all current information you have in your files that pertains to me. - All requests or approaches you have in train to collect information on me and my activities, and provide me such information when it is received by you. I am providing a copy of this letter to the Canada Privacy Commissioner.

As you can imagine, the access requester found that to be rather intimidating. The full report, which involved litigation when the official refused to answer the question of who gave him the identity, is set out at that tab.

It has been our experience that this is a very difficult wrongdoing to satisfactorily investigate. It usually happens in oral communications, or by means of easily disposed of post-it notes on ATIP files. It usually happens among officials who are fully aware that their curiosity about identities is improper, hence there is little tendency to come clean under questioning.

ATIP coordinators are in a no-win position. The senior officials who want to know requester identities are those who decide the coordinators' career futures. Yes, there are some individuals with the strength of character to say no to superiors. But let's be realistic, that kind of courage is bound to be the exception, not the rule.

On our prescription, first pass the provisions previously quoted and proposed in the open government act. I refer to tab 3.

Second, pass the provisions proposed in the open government act requiring that decision-making under the Access to Information Act be delegated to the ATIP coordinators. Get it off the tables of the senior officials.

You may be interested to know, for example, that in the Privy Council Office the delegation to answer access requests resides at the assistant secretary level or above. The deputy minister and the minister, along with the ATIP coordinator, should by statute be made legally accountable for respecting the act's rights and obligations. Those suggested provisions are also at tab 3.

Third, when transgressions occur, ensure that there is appropriate discipline and that other public officials are made aware of the discipline.

I know there are two theories about discipline in the public service. The most prevalent is to keep it quiet so it's only known to the individual and the manager. We heard some of that in the testimony of Commissioner Zaccardelli earlier this week, but that has no pedagogical effect within the public service.

Fourth, establish a code of professional ethics for access to information and privacy coordinators, an important element of which is the obligation to protect requester identities.

To assist you in your deliberations, at tab 6 I have included an excerpt from the commissioner's annual report of 1997-98, where we have suggested what the elements of a code of ethics for access coordinators should be, including the requirement of a strict duty to keep confidential the identity of access applicants.

Finally, provide a greater measure of independence from institutional pressure for access to information and privacy coordinators in the same manner as crown counsel are given institutional independence from their departmental clients.

Thank you for giving me the opportunity to make these remarks.

3:45 p.m.

NDP

The Vice-Chair NDP Pat Martin

Thank you very much, Mr. Leadbeater. I'm sure many of my colleagues will have questions for you.

We'll hear from the Office of the Privacy Commissioner first, and then take questions from other MPs.

Mr. Watson.

3:45 p.m.

Wayne Watson Director General, Investigation and Inquiries Branch, Office of the Privacy Commissioner of Canada

As per the committee's request, we are appearing today before you to give you an overview of the Office of the Privacy Commissioner's investigations process, since your committee is studying issues related to the alleged disclosure of the names of the access to information applicants.

It is our understanding that the Access to Information Act is silent on this front. In other words, there is nothing in the Access to Information Act that specifically indicates that the name of a requester cannot be disclosed. Since there is nothing that says you cannot name the requester, on the surface it would seem that it's not likely a contravention of the Access to Information Act. However, the matter could be a violation of the Privacy Act. This is where our office comes in.

Generally speaking, the name of a requester is considered personal information, and we can investigate to determine whether there has been an inappropriate disclosure of that personal information. The fact that the information happened to be disclosed in an ATIP request to us is incidental, though we do understand and appreciate the larger implications, of course. Whenever personal information is disclosed by a federal department or agency in any context, it may be subject to scrutiny under the Privacy Act.

When faced with any alleged breach, we need to investigate before coming to any kind of determination or conclusion, and each case has to be looked at on a case-by-case basis.

Up until recently, we have not investigated a similar matter for some time and, in the history of our Office, there has only been a handful of cases. Some well-founded, others not. It all depends on the circumstances.

At this point in time we are investigating a matter related to the naming of an ATIP requester and I’m sure you can appreciate that, given this, we are not at liberty to discuss the matter further. Section 33 of the Privacy Act states that our investigations shall be conducted in private, while section 63 of the Privacy Act tells us we have a duty of confidentiality with respect to any information we collect in relation to our investigations. That said, we understand that you would find it useful to have a better understanding of our investigation process under the Privacy Act.

Once we receive a complaint, we begin the process with an initial analysis of whether the allegations fall within our mandate -- whether it’s a matter related to the Privacy Act. Under that law, we can look at cases where a Government department may have improperly collected, used or disclosed an individual’s personal information.

Once we've determined that the matter falls within our jurisdiction, we assign an investigator to the case. We then write to the complainant and the government institution in question to outline key issues in the complaint. We begin to gather all the facts. This process includes interviews with anyone who might have relevant information to offer. We also look at any appropriate documents. The commissioner has the power to summon witnesses, administer oaths, and compel the production of evidence if voluntary cooperation is not forthcoming.

Throughout the course of our investigation we collect all the facts of the case and then follow up with a thorough analysis of that information. The analysis may include discussions between investigators and officials from our legal services, research, and policy branches. The investigator then prepares recommendations to the Privacy Commissioner or her delegate. Those recommendations, along with a summary of the facts gathered during the course of the investigation, are passed on to the complainant and the relevant government department or agency. Both parties can make further comments at this point.

Our ultimate goal is to resolve complaints and stop further privacy breaches. We operate under an ombudsman model, encouraging resolution through negotiation and persuasion. Ultimately it is up to the Privacy Commissioner to objectively decide what the appropriate outcome of the case should be.

The Privacy Commissioner sends letters of findings to the parties and outlines any recommendations she may have.

The commissioner can make a few different kinds of findings. For example, “not well-founded” means she does not believe a person's privacy rights under the law have been breached; “well-founded” means a federal institution violated the Privacy Act; “well-founded but resolved” means there was a privacy breach and the government department has agreed to take steps to prevent a reoccurrence.

Unfortunately, beyond making recommendations, the Privacy Commissioner has no further powers to force government departments to ensure that they implement her recommendations. This is a major gap in the Privacy Act, which is now almost 25 years old and, as you know, badly in need of modernizing. Unlike the federal private sector privacy law, the Personal Information Protection and Electronic Documents Act, PIPEDA, we cannot take the matter to the Federal Court, and no real redress is available to the victim. The only court recourse is for denial of access under the Privacy Act.

The commissioner has outlined her proposal for reform of the Privacy Act in the paper submitted to your committee in June. She looks forward to the opportunity to meet with you again for more in-depth discussion of the Privacy Act reform.

Thank you, Mr. Chairman. I hope this has provided a clear picture of our investigation process. We are pleased to answer any questions.

Mr. Chairman, before continuing, seeing that I have been with the Office of the Privacy Commissioner for a mere seven weeks, although at times it feels like a lifetime, I've asked one of my experienced Privacy Act supervisors to accompany me so as to ensure that accurate information is passed on to the committee. If any question surpasses my present knowledge on a subject, I would, with your permission, defer to Ms. Jan Peszat.

Thank you.

3:50 p.m.

NDP

The Vice-Chair NDP Pat Martin

Absolutely, Mr. Watson. Thank you very much. That would be most welcome, if questions of that nature come up.

We will start with Mr. Owen, for seven minutes.

3:50 p.m.

Liberal

Stephen Owen Liberal Vancouver Quadra, BC

Thank you, Mr. Chairman.

Ladies and gentlemen, thank you for being here today and for your presentations.

Both Mr. Leadbeater and Mr. Watson, could you give me an idea of the coordination that may take place between your two offices with respect to the particular issue we're dealing with, and that's the disclosure of names.

I noticed in Mr. Leadbeater's presentation he referred to the Rowat case, which was a clear breach, by your analysis and by the Supreme Court of Canada's analysis. And I think that all of us reading the plain meaning of the Privacy Act would agree. I wonder if that incident and the comments in the Information Commissioner's annual report, there and at other times, has led to any investigations of the sort currently under way by the Privacy Commissioner. I'm trying to understand the interplay over time of the consequences of the Information Commissioner discovering and commenting publicly on the apparent breaches not only of the Privacy Act, with the release of personal information, but also of the Treasury Board guidelines. I would like to get some sense of how that works.

Second, I'd like to get your opinion on the difference between the frequency of practice of disclosing the general nature of--it was referred to in the newspaper this morning as amber lighting--a request for information that is about to be made public, so that officials, whether ministerial-level or senior public officials, can be prepared to answer in public, to provide information to be able to respond to concerns that may have arisen in the public domain.... Compare that practice with the actual practice of disclosing the name of a requester, which is the specific breach of the Privacy Act that's been mentioned. In commenting on the frequency of one or the other, comment also on the rightness or wrongness of the former, of the amber lighting.

I'd be very grateful for your opinion on whether that is an appropriate disclosure in order to have the wheels of government act responsibly and be accountable to the public for information that is in the public domain, or whether in some way that suggests an improper disclosure, where the name of the requester is not given.

Thank you.

3:55 p.m.

Deputy Information Commissioner, Office of the Information Commissioner of Canada

J. Alan Leadbeater

There are quite a few things you've raised there. Maybe I'll deal with the last one first.

We have no objection to government communications functions or ministerial staff knowing what information is going to be released under the access to information so that they can be prepared with house cards and Qs and As and so forth, as long as the process of doing that does not prejudice the requester by either delaying the answer going out or by changing the amount of censoring that's in the document and so forth. That process, I think, can flow without there being any exchange of identities--and some departments do it very well.

So no, as long as timeframes are met under the statute and it is properly applied, we don't have any problem with “sensitive requests” being routed through the communications function of a department.

We do find there is an enormous amount of curiosity, and I don't know if it has to do with question period, the dynamics of question period, about the identities. When I first started in government, ministers seemed to be quite willing to say, “I don't know the answer to that, but I'll find out”. Now there's a desire to know where these questions are going to come from, and how I am going to handle them, and that involves knowing who's going to ask the question. So if there's an access requester who's a member of Parliament who is always trying to get information on the gun registry, then there will be an interest on the part of the government in knowing which MP that is, whether the question can be anticipated from that person.

And there's also a tendency to categorize in such narrow categories that even if the identity is not disclosed, there is still a possibility of prejudicial treatment of the request. So the request will go to the communications function and say, here's what is going to be released, and it is from a media requester--or it is from a member of Parliament requester. And that itself may trigger a process that delays the answer going out . Even depersonalizing will sometimes lead to prejudicial treatment if too many senior levels in the department are involved in the process.

I'm not sure if that gets at the question you were asking or not.

4 p.m.

Liberal

Stephen Owen Liberal Vancouver Quadra, BC

I think that covers it. Thank you.

I will perhaps add to that. Was there a change in practice that you observed after 1999 and the Rowat case and the clarifying in Treasury Board guidelines of how improper it was to disclose requesters' names?

4 p.m.

Deputy Information Commissioner, Office of the Information Commissioner of Canada

J. Alan Leadbeater

Yes. We did see better education, better understanding, but we also found more subterfuge, the use of post-it notes to transmit the identity of the requester. It wouldn't appear on the actual transmittal slips of the file that went forward, but it would be on yellow post-it notes, to be removed later, and so on.

There were two types of reactions. One was in some areas to be much more professional and careful, and in others it was just to be more devious.

4 p.m.

NDP

The Vice-Chair NDP Pat Martin

Thank you. That's your time, Mr. Owen.

Madame Lavallée, will you speaking for the Bloc?

4 p.m.

Bloc

Carole Lavallée Bloc Saint-Bruno—Saint-Hubert, QC

It appears to us that the simple fact of releasing the name of the requester, the actual identity of the individual, would be a violation, if not of the laws themselves, at least of the spirit of the Access to Information Act or the Privacy Act. It seems to me that you have just established that. We may even find this kind of prohibition in other pieces of legislation.

The practice of drafting a sort of list to be distributed to Ministers’ offices -- or more specifically, to political staff -- is a rather unusual one. That list contains the name of people who have made access to information requests during the month, the quarter or the week.

Of course, you have just noted that releasing the name of a requester is prohibited by the legislation. Now you answered Mr. Owen’s question, but as regards the list of requests themselves -- in other words the subject matter of the requests -- should that practice not simply be prohibited?

4 p.m.

Deputy Information Commissioner, Office of the Information Commissioner of Canada

J. Alan Leadbeater

I don't disagree. The point I was making is that if there is a way to have the decisions about disclosure and about preparing ministers for their communications function made entirely devoid of who and what group of individuals may have made the access request--whether they're media...but especially who and what their motivation is, what they are looking for, whether they are doing a story on this or a documentary for that--I think it would lead to a fairer, more impartial application of the Access to Information Act.

The government runs a thing called CAIRS, computerized access to information request system. Every government institution that receives an access request is required to put into the system the subject of the access request, the date received, the department and so forth. The whole purpose of that system is to allow central agencies, the Privy Council Office in particular, to monitor what's coming into the entire system and to coordinate the responses. That is so that one department is not giving out things that another department is.

That system also includes categories for the requester. It does not have the name of the requester, but it has categories, in quite discrete forms. We worry that the system encourages discriminatory treatment. Some will come out--the media requests or the MP requests--and get a lot more hand-wringing, communications, and Qs and As. So they will be later and perhaps less forthcoming.

You have a point. It's not just an identity issue; it's an issue of being preoccupied with what groups as well as what individuals are making access requests.

4:05 p.m.

Bloc

Jean-Yves Laforest Bloc Saint-Maurice—Champlain, QC

Mr. Watson, in your presentation, you stated that under the Access to Information Act, according to your reading of it, nothing would prevent the name of a requester from being released, but that it’s quite a different matter under the Privacy Act.

Doesn’t that clearly point to the fact that one law violates the other? If we’re talking about a situation where the Privacy Act prohibits the release of information and where, at the same time, the Access to Information Act does not create such a barrier, would you not agree that key aspects of these two pieces of legislation are contradictory as regards information and respect for privacy?

In your opinion, should we amend the Access to Information Act to ensure consistency between that law and the Privacy Act?

4:05 p.m.

Director General, Investigation and Inquiries Branch, Office of the Privacy Commissioner of Canada

Wayne Watson

In my opinion, the two acts do not contradict one another. The Access to Information Act is simply silent on that particular matter. It does not say whether or not we have that right.

However, the Privacy Act very clearly stipulates that, not because it’s an access to information request, but simply because no personal information can be released without the consent of the individual involved.

As to whether a specific clause should be added stating that this is a violation of the Act, I personally believe it would be a good idea. At the present time, only our legislation does that.

4:05 p.m.

Bloc

Jean-Yves Laforest Bloc Saint-Maurice—Champlain, QC

Thank you.

4:05 p.m.

NDP

The Vice-Chair NDP Pat Martin

I would like to interject before you get started, Jason. I'm not satisfied that this contradiction has been addressed.

Mr. Watson, you opened up by saying that the Access to Information Act is silent on this issue, yet I read Mr. Leadbeater to say that with respect to personal information what could be more personal than a person's name? Section 19 of the Access to Information Act says that you won't disclose a document that has personal information.

Mr. Leadbeater, do you read the Access to Information Act to have a prohibition about disclosing the applicant's name?

4:05 p.m.

Deputy Information Commissioner, Office of the Information Commissioner of Canada

J. Alan Leadbeater

I don't sense any daylight between us on this one. I think there's nothing particularly in the Access to Information Act, but there is an appropriate provision in the Privacy Act that protects personal information. I think what the investigation should conclude is whether that personal information--the requester's name--was properly disclosed or improperly disclosed; it depends on the circumstances. Maybe there was consent, or maybe it was already publicly known. I'm not sure what.... There may be some justification for it. I think the prohibition is there, but it is in the Privacy Act, and there are no penalties in either act. The prohibition is in the Privacy Act, and there are no penalties in either act.

4:05 p.m.

NDP

The Vice-Chair NDP Pat Martin

Okay. I'm sorry to interfere.

Mr. Kenney is next.

4:05 p.m.

Conservative

Jason Kenney Conservative Calgary Southeast, AB

There was no interference, Mr. Chairman. Thank you, and congratulations on your elevation to the chair.

4:10 p.m.

NDP

Pat Martin NDP Winnipeg Centre, MB

Thank you. Now you're never going to get me out of here. I've settled in.

4:10 p.m.

Some hon. members

Oh, oh!

4:10 p.m.

Conservative

Jason Kenney Conservative Calgary Southeast, AB

You are very well suited to it.

Thank you to all the witnesses for appearing before us, particularly on short notice.

My first question is for the representatives from the Privacy Commissioner's office. First of all, please extend our regards to the commissioner in her absence. We understand she couldn't be here today.

The motion that was adopted by this committee was precipitated by news reports, the original being dated September 20, regarding an alleged distribution of the name of a requester of information with respect to the public security ministry. You obviously know the background of that, although you can't comment on particular cases. I gather that the ministers of public security and the Treasury Board may have called your commissioner to express concern and invite cooperation with her in this matter. Is that the case? Can you confirm whether your commissioner received contact from the ministers of public security and the Treasury Board shortly thereafter?

4:10 p.m.

Director General, Investigation and Inquiries Branch, Office of the Privacy Commissioner of Canada

Wayne Watson

Yes, she has received calls, and advice was requested from her. I don't know about the Minister of Public Safety and Emergency Preparedness Canada, but I know that she has sat down with the Treasury Board. They've had a conversation in which her advice was sought.

4:10 p.m.

Conservative

Jason Kenney Conservative Calgary Southeast, AB

Was that with respect to the matter that was in the media recently, or was it the issue in general as well?

4:10 p.m.

Director General, Investigation and Inquiries Branch, Office of the Privacy Commissioner of Canada

Wayne Watson

Mr. Chair, I don't know exactly what was said, but--