Thank you very much, Mr. Chairman. We're happy to begin.
We're of course very grateful, once again, to be able to come before you to report on what we plan to do with the budget, which we hope you will vote for us in this present session.
I'd like to say first that I greatly appreciate the positive, productive relationship that my office has enjoyed with this committee over the years. I particularly appreciate the unwavering support you have shown for our goals, our initiatives, and our evolution. I will address all of these in short order.
First of all, I'll start with the question of human resources, which has often come up before this committee. As you know, Mr. Chair, my office has undergone a great deal of change over the past seven years, since I first appeared before a parliamentary committee.
Thanks to stable and appropriate funding from Parliament, we've been able to attract and retain the full complement of managers and employees needed to carry out our agenda. For example, we have hired and trained more than a dozen investigators to help us tackle a serious backlog of complaint files. We've also bolstered our in-house expertise in the all-important area of technology, with targeted hiring of some very knowledgeable people.
We have reached out to younger people so as to inject a level of energy and vibrancy into our organization. Some of these younger people are with us today. They are the next generation of privacy specialists.
I'd like to quickly go over some of our accomplishments in the last year.
Last week, as you may have noticed in the media, we joined data protection authorities from around the world in expressing deep concerns about Google and other global technology leaders for introducing new applications without due regard for the privacy norms and laws prevailing in our respective countries.
Last July, we published our findings into an investigation into the privacy policies and practices of Facebook, highlighting concerns about the company's transparency with respect to its use of personal information.
On the public sector side, we worked with the integrated security unit of the Vancouver Olympic and Paralympic Games to ensure that privacy rights were respected before, during, and after the Winter Olympic Games.
We also scrutinized the many new security measures affecting international travellers, particularly the full-body scanners now being rolled out at Canadian airports.
We, along with our provincial colleagues, alerted parliamentarians to the privacy concerns in legislation aimed at giving Canadian law enforcement, national security agencies, and others broader powers to acquire digital evidence to support their investigations.
Another topic that has come up frequently in this committee is the question of our backlog. We're very pleased about the recent resolution of a long-standing backlog of complaint investigation files older than a year.
The backlog problem had grown to unacceptable proportions in the past several years. With targeted funds that we received from Parliament in 2006, we were able to hire new investigators and appoint key people to streamline the intake function, and we re-engineered entire systems and processes.
The backlog has now been eliminated. Moreover, we have put in place new measures, such as an emphasis on early resolution of complaints, to ensure that we do not fall behind again.
With the complaints backlog out of the way, we can now focus on more systemic issues and better service to Canadians.
I will now move on to the four policy priorities. We can also reflect on the bigger picture: the current and emerging challenges to privacy, in this country and globally, and how our office can continue to make a difference in the lives of Canadians.
In that context, we continue to advance our work in the four policy issues that we anticipate will most dramatically affect privacy in the years ahead: national security, information technologies, genetic technologies and the integrity of people's identity.
We have been deepening our understanding of these important issues through comprehensive research, increased public education and participation in policy discussions with a wide range of experts and other stakeholders.
Over the past year, we have also been examining our other core activities to ensure we are serving Canadians in the most effective manner.
For instance, we are retooling our processes for auditing compliance with our two acts. We are also transforming the way we review privacy impact assessments so that our activities are guided more explicitly by analyses of risk and alignment with our identified priorities.
With an eye to better service delivery, we were also encouraged by Parliament's progress on ECPA, the Electronic Commerce Protection Act. While Industry Canada has the lead on this initiative, my office, the Competition Bureau and the CRTC will ultimately share an oversight role.
I know that Assistant Commissioner Elizabeth Denham appeared recently, accompanied by Tom Pulcine, to discuss the supplementary estimates attached to this initiative, and we appreciate your support of those estimates.
Thanks to amendments to PIPEDA embedded in the legislation, ECPA would give me the authority to be more selective in the investigations we pursue, thus enabling us to focus on more complex or systemic issues.
Another laudable aspect of ECPA is that it would deepen our capacity to share information with other data protection authorities, in Canada and abroad. Collaborative enforcement has become essential in this globalized world, where data flows unimpeded across borders. The need for collaborative enforcement was made clear with last week's joint initiative related to Google.
For these and other reasons, we sincerely hope this bill will be reinstated and passed during this parliamentary session.
To continue, I'll talk a bit about legislative reforms and alternatives.
We also look to this committee's support for other measures that would allow us to better deliver on our mandate. For instance, while we accept that amendments to the Privacy Act, which we have discussed intensively in this committee, are not moving forward at this time, we are implementing a range of administrative alternatives.
For example, we are helping to improve privacy training among public servants, encouraging data breach notification as the norm across government, and ensuring that all privacy impact assessments, called PIAs, embed an assessment of necessity, a bedrock principle of privacy protection.
To underline our impact in the latter area, I want to note that the number of PIAs submitted to us rose from 64 in 2008-09 to 102 in the past fiscal year. We've also been reaching out to departments and agencies, individually and through a very successful PIA workshop, to make sure they understand what we would expect a good PIA to include.
Meanwhile, under PIPEDA, we look forward to further amendments that would make breach notification mandatory, as a means of better protecting the personal information of Canadians.
I'd like to talk now about the consumer consultations we'll be holding in three major Canadian cities in the next few weeks.
PIPEDA, the private sector law, also enters another review period next year. To inform this process with a further understanding of key emerging issues with important impacts on privacy, we're about to launch a groundbreaking consumer consultation on the online monitoring, tracking, and profiling of consumers by business, and cloud computing technologies.
All the members of this committee were sent invitations to these consultations, which will also be webcast across Canada. The first one is on Thursday of this week, in Toronto, with Montreal following in May, and Calgary in early June.
We have been working very hard to expand our office's presence across Canada. A quick scan of our website will reveal a plethora of fact sheets, guidelines, videos, youth competitions, blogs, and other products. Also, you can now follow us on Twitter.
In an approach supported by Parliament, we are also expanding our presence in the regions. We have bolstered our presence in Atlantic Canada and increased our activities in Quebec and in the west.
We are also establishing a satellite office in Toronto. Like Parliamentarians and many of our stakeholders, we feel this is a sensible initiative since so many of the companies we regulate under PIPEDA are headquartered there. We will be making use of existing resources for this work, so we're not asking for additional resources from Parliament at this time.
In conclusion, I've touched on but a handful of our activities over the past year and our plans for the year ahead. I hope I've been able to show you how we're pursuing our corporate priorities, which you know about but which remain unchanged. I'll just remind you that they're about improving service to Canadians; helping individuals, organizations, and institutions make informed privacy decisions; advancing global privacy protection for Canadians; furthering our priority privacy issues; and strengthening our internal capacity so the office can continue to carry out its mission for many years to come.
Mr. Chair, I understand that in this session the members are also interested in the issue of video surveillance. We would be happy to answer their questions. We've brought some materials, such as our guidance on video surveillance for public and private sector organizations.
And of course, we would be happy to answer the questions you have, Mr. Chairman.