A number of considerations come into play.
The commission would like more organizations brought under the access to documents act. Currently, certain organizations that are entirely, or mostly, publicly funded, as well as those carrying out functions comparable to public functions, are not subject to the act.
The biggest challenge when it comes to modernizing the act has to do with the wording of the restrictions around access to documents. The act is more than 30 years old, and the restrictions are worded in very general terms that are quite open to interpretation. That can result in more remedies and more refusals by institutions, who have more discretion in denying access to information. I'll give you a specific example.
Under Quebec's legislation, a public body can refuse to disclose an opinion or recommendation that is less than 10 years old. The public body not wanting to disclose the opinion or recommendation is not under any obligation to show that the disclosure could have a negative impact. “Opinion” and “recommendation” are very broad concepts, and it was necessary for the commission to define how they should be interpreted.
There is something else I can tell you about that. In the provinces of my two counterparts who are joining us by videoconference, the acts contain a provision authorizing the refusal to disclose opinions and recommendations. But they also stipulate that the restriction cannot be applied to certain types of documents in specific situations. We don't have that in Quebec. As I see it, that's one of our biggest issues when it comes to access to information.
As far as the privacy component is concerned, without going into too much detail, I will tell you that the legislation was drafted at a time when most documents and records were on paper. There isn't enough flexibility in the act to adequately address issues arising from the use of new technologies, in terms of safeguarding privacy and protecting personal information.
Another principle that didn't exist in 1982 but is becoming more common nowadays is proactive disclosure, versus disclosure in response to an access request.