Government Operations Committee on Feb. 16th, 2017

Yes, and thank you for the question.

When the Public Servants Disclosure Protection Act first came into force in 2007, a number of organizations were excluded from the act, and the Canadian Armed Forces was one of those organizations. The onus was on the Canadian Armed Forces to put in place a parallel regime. I think the wording in the Public Servants Disclosure Protection Act indicates a regime similar to that under which the Treasury Board rolled out the Public Servants Disclosure Protection Act.

I'll just summarize very quickly. The tenets on which we built the Canadian Armed Forces process are very similar to what's under the civilian side under the Department of National Defence. We have a definition of wrongdoing; there are very minor differences in the definition of wrongdoing. We put in place established procedures for disclosure; there is no difference between the two regimes. A senior officer has to be appointed, so that's me for both of those; so that's identical.

There is a prohibition against reprisal. That's one difference that I'd like to point out to the committee. Under the Public Servants Disclosure Protection Act, if there is a case of reprisal, in the case of someone coming forward with a protected disclosure, those cases are investigated directly by the Public Sector Integrity Commissioner. Under the Canadian Armed Forces process, reprisal is dealt with by me. So all reprisal complaints are dealt with and investigated by me. I think that is an important point for the committee to note.

There is a requirement for confidentiality in the process, so we ensure confidentiality under both.

There is a need for annual reporting, so we prepare one annual report under both.

That sums it up.

I'll use the civilian side as an example.

Since its inception we've had 183 disclosures come forward, which we accept, but not every disclosure winds up in an investigative process. In a number of cases, we take a look at whether they fit the definition of what is wrongdoing under the Public Servants Disclosure Protection Act. If there are other recourse mechanisms that are already in place.... A lot of times individuals will come forward; let's say it's under a human resources–related issue, and we already have a very formal defined process under the HR regime whereby individuals, if they're not satisfied with an HR process or an HR matter, have recourse mechanisms available to them already internally within the organization.

I would agree. Part of the issue, and I think it's especially important, is that as you get new people coming into the public service and you renew departments, it's important for employees to understand the regime on which the public service is built, like a code of values and ethics, as well as all the mechanisms that are available to them for recourse—of which there are many—and which one is the appropriate one to turn to.

Good morning, Mr. Chair, and honourable members. My name is Marc Thibodeau and I'm the director general of the labour relations and compensation directorate at the CBSA, the Canada Border Services Agency.

I'd like to thank the committee for the invitation to speak to you today on your review of the Public Servants Disclosure Protection Act.

As the committee has heard, the main objectives of the Public Servants Disclosure Protection Act, the PSDPA, are to promote ethical practices in the public service and to create a positive environment and confidential process for public sector employees and others to disclose wrongdoing in the workplace without fear of reprisals.

While the Treasury Board Secretariat is responsible for the broad PSDPA policy framework, each department and agency is responsible for implementing its own processes and internal accountability mechanisms under the act.

CBSA is a dynamic organization of 14,000 employees which facilitates legitimate travel and trade while keeping the border safe and secure. Our operation runs 24 hours a day, seven days a week, and we have a mix of uniformed and non-uniformed employees, some with enforcement responsibilities.

As a law enforcement organization, CBSA has a culture that is different from that of a regular office environment. To that end, we have a comprehensive induction and training program for all of our front-line recruits at the CBSA College, where integrity is part of the program. Our officers emerge from the program highly trained, aware of their rights and obligations, and supported by an engaged union. In support of the objectives under the PSDPA, the CBSA has implemented an integrity strategy that is integral to the relationships among the agency, employees, partners, and clients. The strategy outlines expected employee behaviours as outlined in the CBSA code of conduct and the Values and Ethics Code for the Public Sector, which form parts of their conditions of employment.

The strategy is built on three pillars. One pillar is proactivity, under which expected standards of conduct and disciplinary consequences for misconduct are communicated regularly, and under which we investigate suspicions of misconduct immediately. The second is a “no wrong door” approach in which our specialists guide employees towards the appropriate avenue to have their issues addressed, no matter how the issue is brought to our attention. The third is our motto of “no stone unturned”. Issues are tracked and reviewed using numerous tools such as misconduct investigation, workplace assessment, and, where necessary, criminal investigations. These three pillars are in addition to the pre-employment reliability screening process.

Mr. Chair, the CBSA promotes a culture of open communication. Supervisors at all levels are expected to foster and demonstrate ethical leadership. Management is expected to identify and resolve issues including misconduct in an appropriate and timely manner. We provide managers with tools and resources to help them fulfil their responsibilities, including PSDPA training. It is critical that employees be aware of the PSDPA and the many other internal disclosure and recourse processes that exist. Promoting this awareness is key to ensuring that they understand their rights and where to turn for assistance.

We aim to provide multiple paths whereby everyone can confidentially report alleged misconduct, and we aim to do so consistently across the country. Should agency employees wish to report misconduct, their complaints can come through a number of avenues, such as their supervisor or union referral or through an online or in-person submission.

Furthermore, confidential disclosure of wrongdoing under the PSDPA can be made to their supervisor, the CBSA senior officer for internal disclosure, or externally through the Public Sector Integrity Commissioner. As a first step, we engage with employees to discuss their disclosure of wrongdoing, and we outline the disclosure process confidentiality provision and explain that the allegation must meet the threshold of the act's definition of wrongdoing for us to investigate. Finally, we underline that the act protects employees against reprisal and explain how to make a complaint to the Public Sector Integrity Commissioner in the event of an alleged reprisal.

In order to determine if an investigation is warranted, we seek to answer the following: whether there is another recourse mechanism available to review the allegations; whether the matter, if proven to be founded, meets the act's definition of “wrongdoing” and the precedents set by the Integrity Commissioner; and, whether the issue is one of public or personal interest.

In the cases that will not be investigated, employees will receive an explanation, with a decision in writing, and will be apprised of other recourse mechanisms available to them—for example, where appropriate, the informal conflict resolution process.

Since 2013-14, an average of 38 individuals per year have sought advice or proceeded with one or more disclosures. In 2015-16, the CBSA reported that it had received 93 allegations and carried forward 25 more, but let me share some details to provide greater meaning to these numbers.

First, 61 of these allegations stem from two employees. After a preliminary review, 16 of these have been retained for more detailed analysis. Furthermore, looking at the 70 allegations that were not acted upon, one employee ceased the disclosure process, 23 were referred to other processes, and 46 did not meet the threshold for investigation under the act.

To conclude, in pursuing our agency's important mandate, CBSA employees interact with millions of individuals and goods, with domestic and international partners, with law enforcement organizations, and with industry stakeholders. As such, upholding the public's trust and promoting a safe and ethical workplace are matters we take seriously.

I would be happy to answer any questions the committee may have.

Thank you, Mr. Chair.

I've heard your words, and I'll try to keep it to seven minutes.

I am the professional responsibility officer for the RCMP, and with me is Ms. Jo-Anne Taylor, the manager of our PSDPA office.

The RCMP has undertaken a number of legislative, policy, and procedural initiatives as part of our approach to handling disclosures of alleged wrongdoing. We have just under 30,000 employees, comprising 18,000 regular members, who are police officers; 4,000 civilian members; and about 6,500 public service employees or PSEs. While members and PSEs are hired under different acts of Parliament, all are considered public servants for the purposes of the PSDPA.

It's important for the committee to recognize that the RCMP was not initially included in the proposed legislation and was only included at later stages, which necessitated certain provisions in the PSDPA to accommodate the fact that the framework for dealing with certain matters in the RCMP, such as discipline, was prescribed in the RCMP Act. That explains why certain things may not be dealt with by the Office of the Public Sector Integrity Commissioner or may be put on hold pending the completion of RCMP processes. For example, the decisions of our conduct adjudicators are not subject to wrongdoing complaints.

Since the coming into force of the PSDPA in 2007, we have followed the advice that the spirit and intent of the legislation is to avoid duplication of processes. On the legislative front, the RCMP Act recently underwent significant and substantive amendments, with the coming into force of the Enhancing Royal Canadian Mounted Police Accountability Act.

The accountability act provided the flexibility to allow for a more seamless response to disclosures of wrongdoing under the PSDPA, such as aligning the new conduct management process and the investigation of disclosures of wrongdoing. A specific example here is that, as the senior officer in the RCMP, I am now the delegated conduct authority to deal with discipline, which we now call “conduct”, in cases involving PSDPA allegations. We also have new Commissioner' Standing Orders, which permit the RCMP senior officer to better balance responsibilities, requirements, and rights under the PSDPA and the RCMP Act.

In terms of policy-related initiatives, the RCMP has developed a new PSDPA policy for all RCMP employees, implemented a new code of conduct for RCMP members, introduced a new code of conduct for RCMP PSEs, and created a conflict of interest directive for all RCMP employees that consolidated over 30 previous policies or instruments.

It is important to note that both the code of conduct applicable to members and the code of conduct applicable to PSEs adopted a more positive, responsibilities-based approach to conduct, and both contain an obligation to report concerns relating to misconduct. The RCMP's PSDPA policy also affords the senior officer the opportunity to assemble an assessment committee to assist in confidentially reviewing disclosures of alleged wrongdoing against a template containing applicable assessment criteria. While the RCMP recognizes that OPSIC has exclusive authority for investigating complaints of reprisal under the PSDPA, the RCMP'S PSDPA policy includes an internal reprisal process, as do a number of other internal processes, such as harassment and grievances.

In terms of our procedures, in December 2013, the RCMP implemented the workplace reporting system, or WRS. It is a confidential and centralized way for employees to report workplace issues through the professional ethics office, which reports to me. The WRS works when employees are unsure how to voice their concerns or when established reporting methods are not appropriate or possible. This process respects the confidentiality requirements of the PSDPA and provides another avenue of reporting for all employees. Between 2014 and 2016, the WRS dealt with 95 requests for assistance, three of which specifically involved alleged wrongdoing under the PSDPA. Additionally, RCMP personnel responsible for the harassment process have been instructed to inform their clients of the reprisal complaint process offered by OPSIC, as well as internal procedures to address concerns of alleged reprisal, which is also reflected in our policies.

PSDPA training is delivered either upon request or through in-service training on leadership development, such as our supervisor development program, manager development program, and executive or officer development program.

In terms of our activity under the statute, the RCMP has posted instances of founded wrongdoing three times since the PSDPA came into force, most recently in fiscal year 2013-14. These cases have touched on concerns with financial signing authorities, contract administration, and travel expenses. Overall, we are presently dealing with the 16th case involving alleged wrongdoing under the PSDPA.

With regard to annual reporting to the Treasury Board Secretariat on the PSDPA, as committee members are likely aware, when we talk about disclosures, we are really talking about allegations, given the TBS direction that if a disclosure contains multiple allegations, they are to be counted as separate disclosures, one per allegation. In the RCMP's 2015-16 PSDPA annual report to TBS, we reported having received 12 inquiries and eight disclosures.

On any reading, the PSDPA is complicated and challenging in terms of how it is drafted.

In terms of areas of comment for the RCMP, one aspect is the premature release by OPSIC of information related to a reprisal matter when the RCMP may have ongoing, outstanding processes or investigations of its own.

In a recent case, as a result of El-Helou v. Courts Administration Service from the Federal Court, OPSIC followed the requirements arising from that decision and disclosed to the complainant the information it had gathered as part of its reprisal investigation before the RCMP had completed its investigation of the initial alleged wrongdoing.

The provision of information by OPSIC to complainants in such circumstances could influence the complainant and/or subsequent investigations. Clearly, it is not satisfactory to have one investigative body under an obligation to disclose information before another body has completed its investigative mandate. It may be that some clarification can be provided in the PSDPA with respect to the competing tensions faced by OPSIC as a result of this Federal Court decision.

More recently, the RCMP received a letter from OPSIC that indicated that because the RCMP's code of conduct applying to members is in a regulation, a breach of the code of conduct not only results in a potential wrongdoing under PSDPA's paragraph 8(e), “a serious breach of a code of conduct”, but also constitutes a potential wrongdoing under paragraph 8(a), a breach of a regulation.

In other words, a PSE will only have committed a wrongdoing involving a breach of the code of conduct where it is “serious”. However, for an RCMP member, a breach of the code of conduct, whether or not it is serious, will qualify as a wrongdoing because the code of conduct is in a regulation. As a result, members are potentially liable for a finding of wrongdoing that is lower than and different from that of a PSE, which would not appear to be in accord with the intent of the PSDPA in its treatment of public servants.

Relatedly, consideration may also be given to clarifying subsection 6(1) of the PSDPA to indicate that the RCMP's obligation to establish an organizational code of conduct is met, for members, through the existing conduct under the regulations.

Finally, clarification at sections 43 and 44 of the PSDPA, regarding the scope of the confidentiality requirements in section 22.3 of the Privacy Act, and section 16.5 of the Access to Information Act, would assist the RCMP and potentially other departments, as there is some debate about the scope of confidentiality requirements pertaining to information that was not created for an investigation into wrongdoing, but rather was obtained in the course of that investigation.

Thank you for the opportunity to appear today.

Good morning, Mr. Chair, and members of the committee.

My name is Joanne Renaud. I am the director general of audit, evaluation and ethics at the Communications Security Establishment, known as CSE.

It is my pleasure to appear before you today as you undertake your review of the Public Servants Disclosure Protection Act, the PSDPA.

As the senior officer responsible for receiving and acting on disclosures of wrongdoing, I am grateful for the opportunity to participate in this important discussion and share with you the internal mechanisms that CSE has in place for the disclosure of wrongdoings.

Since this is my first time appearing before this committee, by way of background, allow me to begin by introducing CSE and its mandate. CSE is one of Canada's key security and intelligence organizations, and has been in the business of protecting Canadians for over 70 years. Our mission stems from our three-part mandate under the National Defence Act.

The first part of our mandate allows for the collection and analysis of foreign signals intelligence. CSE acquires and uses information from the global information infrastructure to provide foreign signals intelligence based on the government's intelligence priorities. It's important to emphasize that CSE targets only foreign entities and communications, and is prohibited by law from directing its activities at Canadians anywhere or at anyone in Canada.

The second part of our mandate allows for cyber defence and protection. CSE provides “advice, guidance, and services to help ensure the protection of electronic information and information infrastructures of importance to the Government of Canada.” Our cyber and technical expertise helps identify, prepare for, and respond to the most severe cyber-threats and attacks against computer networks and systems, and the information they contain.

Finally, the third part of our mandate allows us “to provide technical and operational assistance to federal law enforcement and security agencies in the performance of their lawful duties.” As Canada's national cryptological agency, CSE possesses unique capabilities and expertise that may be used to assist a requesting law enforcement or security agency, under its legal authority. These activities are subject to any limitations on the requesting agency's legal authority, including any applicable court warrant.

Lawfulness and protecting the privacy of Canadians are enshrined in our mandate, and are also a fundamental part of our organizational culture. CSE employees undergo a rigorous security screening process and maintain the oath of secrecy, as well as the highest standards of security. We respect and protect the privacy of Canadians in accordance with the Canadian Charter of Rights and Freedoms, our legislation and Canadian privacy laws.

In fact, the extremely sensitive nature of our work requires us to be even more vigilant, and we take this responsibility very seriously. As public servants working in a classified environment, it is critical that we retain the trust of the government and of Canadians. As a result, CSE has multiple structures in place to ensure that we continue to operate lawfully.

These include executive control and oversight, embedded policy compliance teams in our operational areas, an on-site legal team from the Department of Justice, and active ongoing monitoring of internal processes.

In addition, all of CSE's activities are subject to robust review by the independent CSE Commissioner. The CSE Commissioner has full access to CSE employees, records, systems and data.

Furthermore, I am proud to share with you that just a few weeks ago, we celebrated the third anniversary of the most recent version of the CSE values and ethics charter. The charter articulates our most cherished values of sustainability, integrity, lawfulness, innovation, collaboration, and agility, and sets high standards for professional behaviour to uphold these values.

As you know, CSE requires exceptional treatment under the PSDPA for reasons of national security. As such, the charter provides an internal mechanism for employees to discuss or report serious ethical issues, including a perceived or suspected wrongdoing. Such a mechanism is required for CSE to be compliant with section 52 of the PSDPA, and has been vetted by Treasury Board and is consistent with CSE's values.

In accordance with the charter, any CSE employee who believes they have witnessed or have knowledge of an alleged wrongdoing in the workplace is encouraged to disclose the matter to his or her manager, a union representative, labour relations, the manager of the ethics office, or me, as the senior officer.

As the senior officer, I am responsible for receiving and reviewing these disclosures of wrongdoing, and establishing if there are sufficient grounds for further action and if resolution is appropriate. Similarly, any employee who believes he or she is being asked to act in a way that contradicts the values and ethics set out in the charter can report the matter directly to me. They can be accompanied by a trusted person such as a colleague or union representative.

If neither option seems reasonable or appropriate, a disclosure may be made directly to our deputy head, the chief of CSE. Should a situation occur where an employee feels strongly that a perceived wrongdoing cannot reasonably be addressed within CSE, in such instances employees are reminded that one of the duties of the CSE commissioner, as laid out in the National Defence Act, is to undertake any investigation that he or she considers necessary in response to a complaint.

I am responsible for preparing an annual report to the chief on the number of disclosures received, actions taken, investigations initiated, recommendations made, as well as any identified systemic issues and recommendations for improvement.

The chief in turn is responsible for reporting disclosures made and related issues as part of the annual report to the Minister of National Defence. If an allegation is brought forward that does not meet the criteria of an alleged wrongdoing, I can also direct CSE employees' concerns for consideration and possible handover to other redress parties including audit, management, personnel security, labour relations and our internal counselling and advisory program.

It's important to stress that employees are protected from reprisal for having made a disclosure or having co-operated in an investigation associated with a disclosure. CSE is committed to protecting the identity and privacy of persons involved in all matters related to disclosures of wrongdoing. All information obtained in the course of an investigation is handled and stored in accordance with established procedures for handling and storing protected or classified information. In addition, all information collected as a result of a disclosure is treated in a confidential and discreet manner.

I will conclude my remarks by stating that I am confident in the internal mechanisms that CSE has in place for the disclosure of wrongdoing. My confidence stems from the professionalism and commitment of CSE's highly skilled workforce in carrying out their duties in an ethical and professional manner.

We at CSE know that values and ethics play a fundamental role in maintaining public confidence in the integrity of CSE. As a result, we will continue to strengthen our ethical culture and maintain high standards of behaviour in everything we do.

Thank you for inviting me here today. It will be my pleasure to answer any questions you might ask.

Thank you for your question.

The Public Servants Disclosure Protection Act is a last resort mechanism for issues that are not covered by other mechanisms. In that context, a lot of issues were raised and resolved through other processes. At the Canada Border Services Agency, the available information shows that on average, four cases per year of disclosure lead to adjustments and improvements to certain processes.

Last year, there were no disclosures. Generally speaking, even an unfounded disclosure can lead to corrective measures being taken. The methodology used to bring forward the information may mean that there are more zeros in the table than what really happens in reality would warrant. In the case of the agency, I would say that the zero figure applies more to disclosures that led to a finding of wrongdoing than to disclosures that led to corrective measures.

Merci. I would echo the comments of my colleague.

You have to understand this, I think, in two ways.

One is to consider whether there is a legal framework under which employees can have protection, if necessary, if they come forward with something. I think the general view would probably be that there are protected disclosures that are defined and that the category is fairly broad. In the RCMP's instance, because employees have an obligation to report misconduct, they have fairly significant protection around that.

The other part is the climate, which is what I think you're more alluding to. There is a percentage of employees who simply aren't going to report ever, and there's a percentage of employees who are not actually going to approach—

Well, I think they are never going to have confidence in whatever you build. You try to build something that people are going to have confidence in generally, and I'm not of talking broad numbers here, but—

No, I'm not talking about the blue wall of silence. I've worked in provincial, federal, and municipal government, and there are in my experience employees who are not going to be persuaded that coming forward with allegations is a good thing to do—a small percentage.

There is another percentage of employees who are not going to go to an external framework. In my role I've experienced employees who, when you raise OPSIC with them, don't want to hear about it; they don't want to deal with it. They actually have confidence in the organization to deal with it.

But to get directly to your question, they might not trigger the PSDPA as a way of dealing with their concerns. I don't think you should read the numbers of PSDPA disclosures in isolation from other things that an agency may be doing by way of reports that come forward of things that are broadly understood as wrongdoing, but that are managed through other processes or for which there are disagreements about how things are approached.