Evidence of meeting #33 for Access to Information, Privacy and Ethics in the 39th Parliament, 2nd Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was personal.
A recording is available from Parliament.
Conservative
Professor Emeritus, The University of Western Ontario, As an Individual
When am I going to stop talking--that's probably the question.
Conservative
Rick Norlock Conservative Northumberland—Quinte West, ON
No, no, not at all. I find you very informative.
Conservative
Rick Norlock Conservative Northumberland—Quinte West, ON
I want to go back to how the Privacy Act would work under your recommendation, the most simplistic way, without growing that bureaucracy that we both do not want to grow.
It seems to me, having come from another government, that what you're saying is we have currently the Privacy Commissioner and her staff, and we really don't need to grow it much more, but what we do need to do is bring in these recommendations and reduce her workload so that she and her staff--through dictates, through the government, and the acceptance of other government departments--can train people already existent in those departments on how they can best ensure that the Privacy Act functions in their department. And if that occurs, if that's your recommendation, then really, other than the good legislation, not much more needs to be done.
Is that a correct way to summarize what we've been talking about?
Professor Emeritus, The University of Western Ontario, As an Individual
That's an excellent explanation of what I'm after.
What happens right now is that government departments say it's up to the Privacy Commissioner to make the Privacy Act work, even if it's lousy. And Treasury Board has not done its work except on the policy side.
In the 1980s Peter Gillis provided a lot of leadership on the administrative policy side to make the Privacy Act work in practice. But the government has to do more to implement the Privacy Act by getting people outside the Privacy Commissioner's office who know what they're doing--chief privacy officers--exactly as you described it. And then there will be less of a burden on the Privacy Commissioner's staff because they will build a sensitivity to privacy, a privacy culture, and privacy champions into the work of all federal institutions.
And everybody has personal information. We haven't talked about privacy rights of employees here. You have 217,000 people in the federal government whose personal information from an employment place is all over the place with all kinds of service providers, with all kinds of disability providers, and the contracts may or may not extend the privacy obligations of the employer, the Government of Canada, to the service providers. That's a whole kettle of fish.
One of the great things in British Columbia was a privacy protection schedule that, out of the U.S. Patriot Act brouhaha, mandated that universities, corporations, crown corporations, government institutions always put this privacy protection schedule into contracts with service providers who could be anything from Sun Microsystems or IBM to Manulife and a whole bunch of them. So there is an incredible amount of work to be done.
And the government institutions have to do much of it themselves as part of due diligence and prudent management of information if they're going to continue to have the confidence of Canadians.
Conservative
David Tilson Conservative Dufferin—Caledon, ON
Mr. Flaherty, thank you very much, sir. You've survived--
Professor Emeritus, The University of Western Ontario, As an Individual
Barely.
Conservative
David Tilson Conservative Dufferin—Caledon, ON
--almost two hours by yourself, and we do appreciate that you've given us a lot of food for thought. Thank you kindly on behalf of the committee.
Unless there is anything else, the meeting is adjourned until Tuesday, May 13, at 3:30.
Thank you, sir.
