Thank you, Mr. Chair, for the opportunity to appear before this committee to assist in your review of the Privacy Act.
This is an important review, given the profound changes in society, and the security landscape changes since the Privacy Act came into force in 1983. The RCMP welcomes this review and is committed to working with all government departments and agencies in considering changes to the act that balance privacy in an environment driven by constantly evolving information technology.
My name is Rennie Marcoux and I am the chief strategic policy and planning officer responsible for the access to information and privacy branch at the RCMP. I am accompanied by my colleague, assistant commissioner Joe Oliver, who is responsible for technical operations.
I will begin by describing how the RCMP is structured to respond to privacy requests. Then, I will explain some of the measures we have in place to promote compliance with the Privacy Act. Lastly, I will close with a few words on the importance of information in fulfilling our mandate.
The RCMP is divided into 15 divisions plus the national headquarters in Ottawa, each of which is under the direction of a commanding officer. At the local level, there are more than 750 detachments.
Given the size of our organization, the diversity and complexity of our operations, and the sensitive nature of our information holdings, responding to Access to Information and Privacy Act requests imposes a significant demand on the organization. Notably, we must be very careful in the collection, use, and disclosure of personal information in accordance with the Privacy Act.
The access to information and privacy branch at the RCMP is responsible for responding to all formal requests for information under the two acts. In addition, the access to information and privacy branch develops policies and procedures for use within the RCMP to ensure compliance with the legislation, regulations and associated guidelines.
We have approximately 68 employees, whose main focus of work is meeting the RCMP's obligations under the act. A quarter of these positions require police officers to ensure sensitive law enforcement information is properly protected, and to reduce the need for time-consuming consultations with our program managers. The employees are required to work with approximately 750 points of contact in our divisions across Canada.
The ATIP branch is responsible for coordinating the retrieval and release of records for the entire organization. The contacts in the divisions assist in identifying relevant records and ensuring that regional employees are aware of their responsibilities under the act.
In 2015-16, the RCMP received slightly over 5,000 Privacy Act requests, and our compliance rate was 82% compared to 78% from the previous year. For the first time since the fiscal year 2010-11, the RCMP was able to raise its compliance above the 80% standard set by the Office of the Privacy Commissioner.
The RCMP’s overall performance improved last fiscal year, since we closed more files, reduced late responses, and received fewer complaints.
These results follow an organizational workload review that led to the restructuring of the access to information and privacy branch so that it could process access requests more efficiently at intake. These changes represent a positive step for the RCMP.
The RCMP is very careful to comply with the Privacy Act when releasing information. For example, information is released only with consent or only to individuals and institutions authorized to receive the information. When disclosing personal information, the RCMP ensures that it has the disclosure authority under the act and that the requesting or recipient agency has the proper statutory authority.
In disclosures of personal information deemed to be of public interest, apart from a few senior officials at headquarters, only the commanding officers are authorized to make the decision.
As part of the ATIP branch's initiative to educate all RCMP employees, 21 presentations explaining their responsibilities under the Privacy Act were given to more than 200 employees last year. The RCMP is developing enhanced privacy training tools for all employees and reviewed its policies and definitions relating to personal information, including guidance around the release of information in the public interest.
An access to information and privacy training plan has been developed and implemented. Access to information and privacy personnel are regularly attending sessions provided by the Treasury Board Secretariat as well as other training sessions and workshops as part of their development.
The training strategy encourages the employees to enrol in various access to information and privacy-related courses as a way to gain knowledge and improve their efficiency as specialists in the field.
As a part of their orientation, all employees receive five days of training on the two acts when they arrive in the branch.
We're also focusing on training at the detachment level to ensure that frontline employees know the RCMP’s obligations under the federal legislation.
The mandate of the RCMP is to prevent crime and apprehend offenders. The collection and sharing of information is essential to this mandate. The fast-paced transactional nature of crime requires that we act quickly and partner with other police forces and security agencies in Canada and around the world. Effective and responsible information sharing with our security partners has become increasingly essential to identify threats and protect public safety.
The RCMP enforces the laws of Canada in accordance with appropriate judicial authorization. We adhere to privacy standards set forth by the Government of Canada, and we're conscious of the need to take the utmost care when handling the sensitive or private information of suspects and victims.
We take our obligations under the Privacy Act very seriously and make every effort to balance those obligations with our main priority to ensure the security of Canadians.
Any review of the Privacy Act should continue to balance the need to protect the privacy rights of Canadians with the need for security agencies to have the appropriate authorities to investigate criminal activities and to protect the safety and security of Canadians.
Thank you again, Mr. Chair, for the opportunity to appear before the committee.