This page has been archived.
Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats on the "Contact Us" page.
All OPC efforts and activities are directed towards achieving the organization's Strategic Outcome, the protection of individuals' privacy rights. The Office plays a leadership role in encouraging organizations that handle Canadians' personal information to respect the privacy rights of individuals. Others who contribute to this mission include provincial and territorial privacy commissioners, data-protection authorities and other international organizations, privacy advocacy groups, chief privacy officers, professional associations, consumer representatives, academics, Parliamentary committees, and government departments and agencies.
Expected Result | Performance Indicator | Target |
---|---|---|
Ultimate Outcome for Canadians | ||
The OPC plays a lead role in influencing federal government institutions and private-sector organizations to respect the privacy rights of individuals and protect their personal information. | Extent and direction of change in the privacy practices of federal government institutions and private-sector organizations | Three (3) on a scale of one to five, which means that "some preparatory steps to progress toward change" from the baseline of 2010-2011 may be observed by March 31, 2012 |
Performance Measurement Strategy |
---|
This umbrella indicator is based on performance information generated from the following indicators used to measure the OPC Program Activities:
|
The OPC's four Program Activities are described in Section II with an overview of the activity (as set out in the Main Estimates, Part II); a table with the expected results for Canadians, the performance indicators (including measurement strategy) and targets to be achieved by March 31, 2012; the allocated financial and human resources; planning highlights for 2011-2012, and benefits for Canadians.
The OPC is responsible for investigating privacy-related complaints and responding to inquiries from individuals and organizations. Through audits and reviews, the OPC also assesses how well organizations are complying with requirements set out in the two federal privacy laws, and provides recommendations on Privacy Impact Assessments (PIAs), pursuant to Treasury Board policy. This activity is supported by a legal team that provides specialized advice and litigation support, and a research team with senior technical and risk-assessment support.
Expected Results | Performance Indicators (Performance Measurement Strategy) | Targets |
---|---|---|
Intermediate Outcomes | ||
Federal government institutions and private-sector organizations meet their obligations under federal privacy legislation and implement modern practices of personal information protection. | Extent to which investigation and audit recommendations are accepted and implemented over time (Tracking and analysis of responses to investigation and audit reports) |
90 percent of ‘well-founded', ‘resolved' and ‘well-founded and resolved' investigation recommendations are accepted and implemented within one year of reporting 90 percent of audit recommendations are accepted fully by entities Upon follow-up two years after the initial audit report, action to implement has begun on 90 percent of recommendations |
Extent to which obligations are met through litigation (Review and analysis of litigation files and statistics on settlements) |
Legal obligations are met in 80 percent of cases, either through settlements to the satisfaction of the Commissioner or through court-enforced judgments | |
Intermediate Outcomes | ||
Individuals receive timely and effective responses to their inquiries and complaints. | Timeliness of OPC responses to complaints (Analysis of Office statistics on the time required to close files) |
95% of complaints are closed within 12 months of receipt (Note: in 2011-2012, the OPC will further review its service standards to define distinct response times by type of complaint resolution). |
The privacy practices of federal government institutions (including Privacy Impact Assessments for new and existing government initiatives) and private-sector organizations are audited and/or reviewed to determine their compliance with federal privacy legislation and policies. | Proportion of audits and PIA reviews completed within planned times (Review and analysis of statistics on audit and PIA project completion) |
90 percent of audits are completed within planned times and 70 percent of PIA reviews are completed within 120 days of receipt |
Feedback and action from federal government departments in response to OPC advice relating to PIAs (Tracking and analysis of responses to PIAs ) |
75 percent of institutions that submitted a PIA during the year were responsive to the OPC advice |
Forecast Spending 2010-2011 | Planned Spending | |||
---|---|---|---|---|
2011-2012 | 2012-2013 | 2013-2014 | ||
Financial Resources ($000) | 9,631 | 10,391 | 10,391 | 10,391 |
Planned Human Resources (FTEs) | 87 | 87 | 87 |
The OPC will continue to work toward the Compliance Activities outcomes (as identified in the outcomes table on the previous page), while also supporting the achievement of the first corporate priority - "Identify, adopt, and deliver on new service-delivery models to maximize results for Canadians". In addition to its usual ongoing activities, the OPC will conduct the following initiatives in 2011-2012:
The investigation services delivered by the OPC help to safeguard the privacy rights of Canadians. Audits and PIA reviews also seek to improve management and accountability for privacy within organizations, thus enhancing the privacy rights of individuals for today and future generations. Collaboration with provincial, territorial and international counterparts contributes to more effective enforcement of privacy legislation.
The OPC serves as a centre of expertise on emerging privacy issues in Canada and abroad by researching trends and technological developments, monitoring legislative and regulatory initiatives, providing legal, policy and technical analyses on key issues, and developing policy positions that advance the protection of privacy rights. An important part of the work involves supporting the Commissioner and senior officials in providing advice to Parliament on potential privacy implications of proposed legislation, government programs, and private-sector initiatives.
Expected Results | Performance Indicators (Performance Measurement Strategy) | Targets |
---|---|---|
Intermediate Outcomes | ||
Parliamentarians and key stakeholders have access to clear, relevant information and timely and objective advice about the privacy implications of evolving legislation, regulations and policies. | OPC information and advice on selected policies and initiatives add value for stakeholders (Tracking of stakeholders' reaction to the OPC information and advice) |
The OPC views have added value for parliamentarians and key stakeholders |
Intermediate Outcomes | ||
The work of parliamentarians is supported by an effective capacity to identify privacy issues, and to develop privacy-respectful policy positions for the federal public and private sectors. | OPC views on the privacy implications of relevant laws and regulations add value for parliamentarians (Tracking impact from OPC work at parliamentary committee appearances, submissions, and other support to parliamentarians) |
The OPC views have added value for parliamentarians and key stakeholders |
Knowledge about systemic privacy issues in Canada and abroad is enhanced through information exchange and research, with a view to advancing privacy files of common interest with stakeholders, raise awareness, and improve privacy-management practices. | Stakeholders have had access to, and have considered, OPC research products and outreach materials in their decision-making (Review of progress reports against the operational plans for the four priority privacy issues to extract evidence that OPC research products and outreach materials have had an impact on stakeholders) |
Initiatives under all four OPC priority privacy issues (100 percent) have involved relevant stakeholders and there is documented evidence demonstrating that stakeholders were influenced by OPC research products and outreach materials |
Forecast Spending 2010-2011 | Planned Spending | |||
---|---|---|---|---|
2011-2012 | 2012-2013 | 2013-2014 | ||
Financial Resources ($000) | 5,442 | 5,206 | 5,206 | 5,206 |
Planned Human Resources (FTEs) | 19 | 19 | 19 |
The OPC will continue to work toward the Research and Policy Development outcomes (as identified in the outcomes table on the previous page), while also supporting the achievement of the second corporate priority - to "provide leadership to advance the four priority privacy issues relating to: information technology, public safety, identity integrity and protection, and genetic information". In addition to its usual ongoing activities, the OPC will conduct the following initiatives in 2011-2012:
Knowledge about emerging and systemic privacy issues is the foundation for OPC advice and guidance, which help to inform organizations about the privacy implications of their actions. For legislators, the implications relate to laws and regulations, and for organizations and Canadians, the implications relate to everyday decisions in the marketplace. An enhanced understanding of national and global privacy issues and a strengthened capacity to address them more effectively are critical for Canada to be recognized as a leader in privacy protection and to positively influence the development of international privacy laws and co-operative agreements.
With the help of effective and well-communicated research activities, policy positions and legal advice from the OPC, decision-makers can better evaluate their actions and measure the privacy risks they assume. Organizations, moreover, are better able to comply with their privacy obligations.
The OPC delivers public education and communications activities, including speaking engagements and special events, media relations, and the production and dissemination of promotional and educational material. Through public outreach activities, individuals have access to information about privacy and personal data protection that enable them to protect themselves and exercise their privacy rights. The activities also allow organizations to understand their obligations under federal privacy legislation.
Expected Results | Performance Indicators (Performance Measurement Strategy) |
Targets |
---|---|---|
Intermediate Outcome | ||
Federal government institutions and private-sector organizations understand their obligations under federal privacy legislation and individuals understand how to guard against threats to their personal information. | Privacy outcome for government initiatives or programs stemming from consultations or recommendations associated with the PIA process (Tracking of privacy outcomes from PIA consultations/ recommendations) |
In 70 percent of the government initiatives or programs for which a high-priority PIA was reviewed and a recommendation was issued, the consultations with or recommendations from the OPC resulted in stronger privacy protections |
Extent to which private-sector organizations understand their obligations under PIPEDA (Biennial polling of a sector of private industry) |
More than 50 percent of private-sector organizations report having at least moderate awareness of their obligations under PIPEDA | |
Intermediate Outcome | ||
Individuals have relevant information about their privacy rights and are enabled to guard against threats to their personal information. | Reach of target audience with OPC public education and communications activities (Analysis of reach is based on media monitoring, visits to the OPC website and blogs, audience size for speeches and events, distribution of materials, etc.) |
100 citations of OPC officials in the media on selected communications initiatives per year At least 100,000 visits per month on the OPC website and 20,000 visits per month to the OPC blog At least one news release per month on a subject of particular interest to individuals At least 350 subscribers to the e-newsletter At least 1,000 communication tools distributed per year Two public education initiatives per year, designed for new individual target groups Two public events addressing needs of individual target groups |
Extent to which individuals know about the existence/role of the OPC, understand their privacy rights, and feel they have enough information about threats to privacy (Biennial public opinion polls and other research activities) |
At least 20 percent of Canadians have awareness of the OPC At least 20 percent of Canadians have an "average" level of understanding of their privacy rights At least 35 percent of Canadians have some awareness of the privacy threats posed by new technologies |
|
Federal government institutions and private-sector organizations receive useful advice and guidance on privacy rights and obligations, contributing to better understanding and enhanced compliance. | Responsiveness of, or feedback from, federal government departments and private-sector organizations to OPC advice and guidance relating to privacy rights and obligations (Tracking and analysis of feedback and responses received) |
75 percent of institutions and organizations are responsive to the OPC advice |
Reach of organizations with OPC policy positions, promotional activities and promulgation of best practices (Analysis of reach is based on reviews of Office statistics; analysis of top-10 pages of the website and writing of anecdotes on best practices; and an analysis of the targeting and distribution of public education initiatives) |
At least 1,000 communication tools distributed per year At least one news release per month on a subject of particular interest to organizations Exhibiting at least four times throughout the year At least 350 subscribers to the e-newsletter Two public education initiatives annually designed for new organizational target groups Two public events/speaking engagements addressing needs of organizational target groups |
Forecast Spending 2010-2011 | Planned Spending | |||
---|---|---|---|---|
2011-2012 | 2012-2013 | 2013-2014 | ||
Financial Resources ($000) | 3,788 | 3,976 | 3,976 | 3,976 |
Planned Human Resources (FTEs) | 24 | 24 | 24 |
The OPC will continue to work toward the Public Outreach outcomes (as identified in the outcomes table starting two pages earlier), while also supporting the achievement of the third corporate priority - to "support Canadians, organizations and institutions to make informed privacy decisions nationally and internationally". In addition to its usual ongoing activities, the OPC will conduct the following initiatives in 2011-2012:
The Privacy Commissioner of Canada has a mandate to raise awareness of rights and obligations under privacy laws. By having a more in-depth understanding of Canadians' views and concerns with respect to their personal information, the OPC can better educate individuals about their rights and help them make informed choices with respect to their personal information protection. By helping organizations understand their responsibilities under federal privacy laws, and by encouraging them to better protect the personal information in their care, Canadians ultimately benefit from enhanced privacy protection.
Internal Services are groups of related activities and resources that support the needs of programs and other corporate obligations of an organization. As a small entity, the OPC's internal services include two sub-activities: governance and management support, and resource management services (which also incorporate asset management services). Communications services are not included in Internal Services but rather form part of Program Activity 3 - Public Outreach. Similarly, legal services are excluded from Internal Services at OPC, given the legislated requirement to pursue court action under the two federal privacy laws. Legal services form part of Program Activity 1 - Compliance Activities, and Program Activity 2 - Research and Policy Development.
Expected Result | Performance Indicator (Performance Measurement Strategy) |
Target |
---|---|---|
The OPC achieves a standard of organizational excellence, and managers and staff apply sound business management practices. | Ratings against the Management Accountability Framework (MAF) (Review of results from the biennial MAF self-assessment exercise and annual progress reports) |
Strong or acceptable rating on 70 percent of the MAF areas of management |
Forecast Spending 2010-2011 | Planned Spending | |||
---|---|---|---|---|
2011-2012 | 2012-2013 | 2013-2014 | ||
Financial Resources ($000) | 5,358 | 5,086 | 5,086 | 5,086 |
Planned Human Resources (FTEs) | 46 | 46 | 46 |
The OPC will continue to work toward achieving and maintaining a standard of organizational excellence and will have managers and staff apply sound business management practices. Over the next three years, and more particularly in 2011-2012, the OPC will enhance and sustain its organizational capacity (the fourth corporate priority) by pursuing the following Internal Services activities, in addition to its usual ongoing activities: