This page has been archived.
Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats on the "Contact Us" page.
Privacy Commissioner of Canada
|The Honourable Vic Toews
Minister of Justice and Attorney General of Canada
Overview of Resources and Priorities
Internal Factors Affecting Program Delivery
External Factors Affecting Privacy and the Office
OPC Plans and Priorities for 2006-2007
I am pleased to present this 2006-2007 Report on Plans and Priorities, which sets out the strategic directions, priorities, expected results and spending estimates for the Office of the Privacy Commissioner of Canada for the coming fiscal year.
Privacy is important, and Parliament has signalled its relevance and importance with the enactment of privacy laws and with the creation of this Office. Privacy is a right seen by many as fundamental, as the bedrock to many other civic, political, social and economic rights, including the right to autonomy, dignity and integrity of the person.
Increasingly, there are pressing and complex issues putting Canadians' informational privacy at risk — the willingness of government to share more and more information in the name of national security, personal data flowing across the borders, the pervasive use of technologies such as global positioning systems and radio frequency identification devices (RFIDs), and the potential of publicly available personal information being used for invasive or malevolent purposes.
In the last few years, it has been difficult for this Office to fully deliver on its multi-faceted mandate to fully promote and protect the privacy rights of Canadians. We do not have permanent funding to carry out our mandated activities under the Personal Information Protection and Electronic Documents Act (PIPEDA), as PIPEDA funding was granted initially for only three years and then renewed annually. With the coming into force of PIPEDA, which began in 2001 and reached full implementation in 2004, we understand that it was important to take stock before making long-term commitments. But PIPEDA has now been in full force for two years and the pressures are increasing. Furthermore, this Office has not had the adequate funding to deliver on our obligations under the Privacy Act.
This past year, our Office was pleased to take part in an innovative and entirely new process for seeking funding approval for the operations of Officers of Parliament. We embraced the opportunity to engage Parliament in a constructive dialogue about our funding needs. But before doing so, we certainly did our homework. Our Vision and Institutional Service Plan and our Business Case for Permanent Funding provided a comprehensive framework for protecting the privacy rights of Canadians and residents, and for serving Parliament in meeting its needs for privacy expertise as it considers legislation. The Service Plan and Business Case are the Office's blueprint for a stronger and more effective institutional role.
This Report on Plans and Priorities outlines the strategic directions, priorities, anticipated results and spending estimates within the context of this new Vision for our Office and for the federal privacy protection regime. A new Office, which will emerge in 2006-2007, will be one:
This is all very good data protection news for our Office, for Canadians, and for the organizations covered by federal privacy laws, both in the public and private sectors. The year 2006-2007 promises to be exciting and full of challenges. This Office is now poised to meet these challenges, to work toward fully implementing the mandate that was entrusted to us by Parliament, and to ultimately better protect the privacy rights of Canadians.
In closing, the OPC has recently expanded the membership of its External Advisory Committee to include a wider spectrum of Canadian society's interest in privacy protection. The Committee reviewed the strategic directions of the OPC and offered invaluable advice and insights to help our institution move forward with the implementation of our Vision and Institutional Service Plan. We are indebted to many distinguished members of the Committee for their observations and their support of our work. We look forward to continue receiving their advice on a range of privacy issues on which they are knowledgeable.
Privacy Commissioner of Canada
I submit for tabling in Parliament, the 2006-2007 Report on Plans and Priorities
( RPP ) for
the Office of the Privacy Commissioner of Canada.
This document has been prepared based on the reporting principles contained in Guide for the Preparation of Part III of the 2006-2007 Estimates: Reports on Plans and Priorities and Departmental Performance Reports.
It adheres to the specific reporting requirements outlined in the TBS guidance:
Privacy Commissioner of Canada
The mandate of the Office of the Privacy Commissioner (OPC) is to oversee the application of the Personal Information Protection and Electronic Documents Act (PIPEDA) and the Privacy Act, and within that context to promote privacy.
Our mission is to protect and promote the privacy rights of individuals in Canada, as they are set down in data protection law and the Canadian Charter of Rights and Freedoms. The oversight powers are those of an ombudsman, which allows us to play a fundamental role in providing advice and guidance, and brokering consensus and optimal compliance with the spirit of the law. This vision is based on existing powers as found in the Privacy Act (sections 29 to 68 and section 70.1) and PIPEDA (sections 11 to 25).
As ombudsman and public advocate for the privacy rights of Canadians, the Commissioner carries out the following activities:
We interpret this mandate broadly and expansively, as an ombudsman should. The powers (sections 23 and 24) under PIPEDA give us a further role to coordinate with provinces with substantially similar legislation.
As an Officer of Parliament responsible for the application of two federal privacy statutes respecting the protection of personal information in Canada and as an ombudsman, the OPC defines its service framework along four mutually reinforcing roles (see graphic below):
Firstly, the OPC serves the Parliament of Canada by providing expert advice on privacy issues raised by bills, legislation and regulations. In 2005, the OPC appeared before parliamentary committees a total of 16 times to comment on a broad range of bills and policy issues including amendments to the Statistics Act dealing with the release of census information, the review of the Anti-terrorism Act and consumer issues in the financial services sector. The OPC also serves Parliament by enforcing two federal privacy statutes. Thus, the OPC is both an implementation vehicle for Parliament and a tool to achieve accountability and transparency for the privacy management practices of the federal agencies and departments and private sector organizations engaged in commercial activities in Canada. From that perspective, the OPC can be seen as an institution serving democratic governance in Canada. Parliamentarians need to have access to current, clear information and advice on the impact that emerging technologies and enhanced security initiatives have on privacy rights. While the requirement for such information may relate to legislation, it might also relate to policy debates in Parliament, to constituency issues, or to the scrutiny of government operations in committees. Parliamentarians need the assurance that the information they require to make decisions and to do their jobs can be provided to them in a timely and unbiased fashion.
Secondly, the OPC helps Canadians, residents, visitors to Canada, and clients of organizations in Canada by investigating their complaints about the personal information management practices of the federal government and of the private sector. The OPC also helps the people of Canada by fostering better awareness and understanding of privacy issues and responding to their inquiries about the Privacy Act and PIPEDA. The OPC thus functions as a public institution serving to protect the fundamental privacy rights of individuals. We are a key institution to help preserve the trust of citizens and non citizens alike in the Canadian government and the private sector. Individuals need to have confidence in organizations that collect, use and share personal information that relates to them, and oversight is necessary to ensure trust. In an era of globalization, heightened security concerns and increasing transborder data flows, exercising oversight and building trust have become more important, and more challenging, than ever. With increasing amounts of personal information flowing across borders we have opened dialogues with other national agencies with similar mandates about working together to foster compliance and assist individuals who wish to pursue redress.
Thirdly, the OPC helps private sector organizations engaged in commercial activities meet their obligations under PIPEDA by providing guidance and promoting best practices. We do this by investigating complaints from clients, customers and employees, by publishing summaries of our complaint findings to help organizations understand their obligations, and by providing advice about the privacy implications of new products, services and technologies. The OPC plays a vital role in maintaining a viable commercial sector in Canada that adheres to the highest standards in the protection of personal information. This is necessary to meet growing expectations and rising standards in data protection both domestically and globally, as more and more countries adopt data protection statutes. Growing threats from trans-national criminal activity, notably spam, identity theft and data breaches, are driving the demand for more precise guidance, regulation, and oversight. From that perspective, the OPC can be seen as an institution serving a sustainable and competitive economy.
Fourthly, the OPC assists the federal government by helping departments and agencies covered by the Privacy Act implement the elements of a privacy management framework to comply with the provisions of the Act. Through our investigations, audit, review and privacy impact assessment functions, we try to provide advice that will prevent mistakes and subsequent breaches and complaints. Through policy analysis, research, and participation in interdepartmental committees, we contribute the privacy perspective at the design phase in policy development. The OPC serves as an instrument to achieve an effective and accountable public administration at the federal level. Complementary roles are performed by provincial and territorial commissioners, and through our collaboration with them, we try to ensure a harmonious approach to common policy challenges. The OPC also serves the cause of ethical government, because compliance with the Privacy Act is an integral part of the federal public service Code of Values and Ethics adopted by the government of Canada in June 2003, and which has since become a condition of employment for all federal public service employees. The Privacy Act has served Canada well for almost 25 years, but our values and privacy expectations have evolved. The OPC believes that the Privacy Act needs to be updated to reflect this new environment. Privacy Act reform will be a major priority for OPC in 2006-2007.
These four service roles define the OPC as a public institution dedicated to the protection of what many see as a fundamental human right, to accountable government, and to fostering a competitive marketplace through fair and equitable business practices. The Office of the Privacy Commissioner is unique in relation to other Officers of Parliament in that as an oversight agency it has responsibility for the private sector through PIPEDA, which applies to organizations engaged in commercial activities in Canada, as well as the public sector through the Privacy Act.
Financial Resources (planned)
Human Resources (planned)
The planned increase in financial and human resources from 2006-2007 to 2007-2008 is due to the phasing in of the resource levels. The resource levels peak in 2007-2008 due to the one-time costs associated with equipping new employees. The resource levels for 2008-2009 represent the forecast requirements for future years.
The planned spending numbers for 2006-07 through 2008-09 do not include spending that will be required for the implementation of the upcoming Federal Accountability Act (FedAA). The OPC is in the process of developing a business case and implementation plan with respect to aspects of the FedAA which will impact the OPC; namely, the creation of an office to handle access to information and privacy requests, and an increased number of privacy investigators to handle new organizations who will now be subject to the Privacy Act upon passage of the FedAA. The exact funding and resource requirements will not be known until the OPC has concluded its internal analysis based on the final wording of the legislation and the coming into force dates.
Given the broad scope of the OPC mandate, the number of issues that could be addressed at any given time is quite extensive. For 2006-2007, the OPC will focus its attention on a few key questions of national importance, understanding that we will also address urgent issues as they arise in Parliament and in national dialogue. The OPC plans to make these issues the main focus of research, communications, policy analysis and development.
|New technologies||New data-gathering technologies, such as global positioning systems, radio frequency identification (RFID) and black boxes in vehicles, are being introduced on the market at an unprecedented rate. These technologies pose significant risks to privacy by making it easier to carry out illicit surveillance and privacy invasion. Additional research and communications are required to ensure that individuals' understanding and awareness of these risks keep pace with the technological progress.|
|Interconnected information systems||Electronic information records, including the most sensitive information such as financial, health and employment records held by the private and public sectors, pose challenges to the protection of personal information because information stored electronically is easier to analyze, manipulate and share. As the ability to create linkages between different records increases, so does the risk that information collected for a specific purpose will be used inappropriately or find its way into the wrong hands. Sound policy decisions are required to ensure effective privacy management frameworks govern networked information systems and their interconnections and that the risks to privacy are appropriately managed.|
|Trans-border data flows||The advances in communication networks, notably the Internet, have facilitated 24/7 processing of personal information around the globe. Borders have become irrelevant to data flows as business and governments seek more efficient and seamless data processing. Access to information about Canadians can be gained from anywhere in the world, thus raising a wide range of risks from the nuisance of spam to financial consequences of identity theft. The OPC must respond to these challenges through applied research, better collaboration with other jurisdictions and joint enforcement actions.|
|National security and law enforcement||There are many national security and law enforcement initiatives on the government's agenda. This Office is responsible for analyzing their implications for privacy, exercising oversight over such activities as well as creating greater public awareness of the effects of large scale surveillance on the rights of privacy and civic trust in public institutions. The OPC will examine the privacy implications of the DNA Identification Act, the Proceeds of Crime (Money Laundering) and Terrorist Financing Act, the Lawful Access legislative proposals as well as other bills, policies, measures (such as national identity cards, e-passports, etc.) and systems in support of national security and law enforcement objectives.|
|Legislative Review: Keeping the privacy rights of Canadians up to date||In the context of the statutory review of PIPEDA, planned for 2006-2007, the OPC intends to bring forward a set of proposals to strengthen and clarify the privacy rights afforded under the Act. The Privacy Act, however, is a first generation privacy law which has not been substantially amended since its inception in 1983. The law has not kept up with technological change and therefore the privacy management framework that determines the Canadian government's information practices does not meet the standard set in the private sector. The OPC will continue to advocate for a fundamental overhaul of the Privacy Act. Canadian privacy laws need to be periodically reviewed to ensure that they remain effective in protecting the right of privacy in the midst of new economy and e-government initiatives.|
|Strategic Outcome: Privacy rights of Canadians are protected|
|1. Improve and expand service delivery||Ongoing||
|2. Respond to Parliament||Ongoing||
|3. Participate in PIPEDA review and Privacy Act reform||Ongoing||
|4. Plan and prepare for the 2007 International Data Protection and Privacy Commissioners Conference||New||
|5. Build organizational capacity: hire and integrate new staff, engage and train existing staff||New||
|6. Develop results-based systems and baselines||New||
This section describes the operating environment of the OPC in three parts. The first part describes the major program delivery mechanisms; the second and third parts describe important internal and external factors affecting program delivery.
The OPC seeks to promote fair information management practices by both public and private sector organizations in Canada in accordance with two federal privacy laws — the Privacy Act, which was enacted in 1983, and PIPEDA, which began coming into effect in 2001 and which came into full force in 2004. The principal means of doing this is through complaint investigations, which are conducted by the OPC's Investigations and Inquiries Branch. The Branch investigates complaints from individuals alleging that their personal information has been collected, used or disclosed inappropriately.
In conducting this work, Investigations and Inquiries is supported by activities of other branches, such as the Legal Services and Research and Policy branches. The Legal Services Branch helps with the interpretation of the two Acts and is involved in litigation concerning the interpretation and application of these Acts and in cases relating to the jurisdiction and powers of the Commissioner. The Research and Policy Branch works with the Investigations and Inquiries Branch in establishing the Office's position on policy matters and provides investigators with research material to assist with the development of needed expertise in such areas as newly emerging technologies, which are the subject of an increasing number of complaints to the Office.
The Investigations and Inquiries Branch also responds to inquiries from members of the general public, government institutions, private sector organizations, and the legal community, who contact the Office on a wide variety of privacy-related issues.
To safeguard Canadians' right to privacy, the OPC's Audit and Review Branch conducts compliance reviews under Section 37 of the Privacy Act. These reviews assess systems and practices for managing personal information from collection to disposal by federal departments and agencies. These reviews are carried out with reference to sections 4 to 8 of the Privacy Act and government policies and standards. This work is intended to encourage the growth of fair information practices by government institutions. The OPC also has the mandate, under Section 18 of PIPEDA, to conduct audits of the personal information management practices in the Canadian private sector.
The Government of Canada's Policy on Privacy Impact Assessments (PIA) has added to the responsibilities of the OPC. Our role, as defined in the Policy, is to assess the extent to which a department's PIA has succeeded in identifying privacy risks associated with a project or initiative and to comment on the appropriateness of the measures proposed to mitigate identified risks. The OPC views PIAs as an integral part of the federal government privacy management framework.
The Commissioner acts as Parliament's advisor on privacy issues, bringing to the attention of Parliament issues that have an impact on the privacy rights of Canadians. We do this by tabling annual reports to Parliament, by appearing before Committees of the House of Commons and the Senate to comment and advise on the privacy implications of proposed legislation and government initiatives and by identifying and analyzing issues that we believe should be brought to Parliament's attention.
The Office also assists Parliament to become better informed about privacy, acting as a resource or centre of expertise on privacy issues. This includes responding to a significant number of inquiries and letters from Senators and Members of Parliament.
The Privacy Commissioner is specifically mandated under PIPEDA to conduct public education activities to ensure that the business community in Canada is complying with its obligations, as well as to make individuals aware of their rights.
The Contributions Program supports the development of a national privacy research capacity in the voluntary, academic and not-for-profit sectors to generate and transfer knowledge on the privacy impact of emerging technologies, and the personal information management practices of the private and public sectors.
The OPC is confident that in 2005-2006 we "turned a corner" in terms of dealing with the legacy of issues and challenges of the past few years. All of our staff continue to demonstrate an unwavering commitment to protecting and enhancing the privacy rights of Canadians, and there is new momentum in the organization as a result of changes implemented in recent years.
This new momentum offers for the Office both an opportunity and a challenge. The opportunity is to acquire new staff and to realign the organization so that all aspects of the OPC mandate are effectively and efficiently supported and resourced. The challenge is to successfully pilot the organization through the significant change that this will represent, so that all OPC resources are aligned, integrated, and effectively contributing to achieve our mandate and mission.
The climate in which the OPC operates is a complex one, characterized by conflicting goals and trends. Canadians overwhelmingly, even in the face of threats to their security, believe that privacy is their right, and that it must be protected. They also want security, law enforcement, convenience, and value for money in the marketplace and in government services. This cluster of needs has some inherent conflict. The data protection law we administer to meet the privacy need is still very new in societal terms. It takes a while to seep into the culture, and until it does, there is an ongoing job of teaching, correcting and enforcement.
To some extent, that desire for and belief in privacy is ahead of reality, as our Office deals with a population that has not learned enough about the matter to take steps to protect themselves. Public education is essential if we are to live in a community with respect for basic rights. Meanwhile, society rushes forward with the implementation of new technologies that erode privacy and produce new ways to gather data, making that job of public education more difficult each day. Who understands the black box that is in their new car, reporting on geo-positioning and speed? Who understands what data their cellular operator has about their calls? When Canadians say to pollsters that they support or don't support a national identity card or a biometric passport, who understands what that means and what databanks and registration platforms, what security measures and physical readers might be entailed in the process?
Neither the population subject to these new surveillance systems, nor the organizations or government departments implementing them, are finding it easy to keep up with the pace of change. They all struggle to understand the impact of new initiatives and technologies, and systems integrators both in the public and private sectors need help to try to ensure they respect the requirements of data protection law. It is the OPC 's responsibility, mandated through law and policy, to assist them.
None of these technical issues had presented themselves when the Privacy Act was drafted in 1982, because there were no personal computers, no Internet, no cell phones, no geo-positioning systems, let alone biometrics and RFID chips or nanotechnology. Our Office has pointed out on many occasions that the Privacy Act is long overdue for an update, because it was crafted in the era of reel to reel computer tapes and paper files in filing cabinets, when trans-border data flow almost entirely was achieved through shipping goods, tapes or paper, not digital bits.
Nevertheless, even with the old car we are driving to transport the privacy rights of Canadians into the 21st century, we believe we can refocus our activities to achieve more, and to reflect what Parliament asked of us when it passed PIPEDA in 2000. PIPEDA contains a broader suite of powers than the Privacy Act, including public education, a broader basis for litigation, the right to take our own cases to the Federal Court, and the power of the Court to award damages. We are trying to respond to the growing demands of Canadians and of Parliament to be the counterbalance on the teeter-totter of public safety and national security versus the rights of the individual to a private life, and we must fully utilize the toolkit Parliament has provided in this recent legislation, not cling to old ways.
The OPC is confident that an increase in resources will enable it to increase its capacity to:
As a result, 2006-2007 will be a pivotal year for the OPC, the year in which we build a foundation for this capacity increase and renewal, by focusing on the following strategic priorities:
|2006-2007 Strategic Priorities||Type|
|1. Improve and expand service delivery||Ongoing|
|2. Respond to Parliament||Ongoing|
|3. Participate in PIPEDA review and Privacy Act reform||Ongoing|
|4. Plan and prepare for the 2007 International Data Protection and Privacy Commissioners Conference||New|
|5. Build organizational capacity; hire and integrate new staff, engage and train existing staff||New|
|6. Develop results-based systems and baselines||New|
This priority crosses all program activities and organizational boundaries, with a particular focus on the following:
As stated above, the OPC is committed to providing Parliamentarians with accurate and timely information on privacy issues, whether the request relates to legislation, to policy debates in caucus or in Parliament, to constituency issues, or to the scrutiny of government operations in Committees. In addition to responding promptly to requests from Parliament, the OPC plans to:
PIPEDA includes a provision for a parliamentary review every five years after its coming into force. Since the Act came into effect in 2001, a review by a committee of the House of Commons, or of both Houses of Parliament, is expected in 2006. The OPC will prepare for this review by developing an adoption and implementation strategy, and by drafting framework documents that highlight the issues and lessons learned in this first implementation period.
Our Office has pointed out on many occasions that the Privacy Act is long overdue for an update. When it was drafted in 1982, there were no personal computers, no Internet, no cell phones, no geo-positioning boxes, let alone biometrics and RFID chips or nanotechnology, and there is a need to modernize the Act to take into account the proliferation of these new technologies. We remain ready to support Parliament in the review of the Privacy Act in the event that it chooses to proceed.
In September 2007, Canada will be hosting the 29 th International Data Protection and Privacy Commissioners Conference, bringing together representatives from the world of business, public administration, science, the IT industry as well as governmental and non-governmental organizations to discuss leading-edge issues related to privacy and the protection of personal information. This will provide a unique opportunity to highlight and enhance Canada 's international role in promoting privacy standards. To succeed, s uch a major event requires careful planning and preparation, and these activities will require significant resources in 2006-2007. The planning effort is already under way, and responsibilities have been assigned within OPC to move forward on the event programme and logistics. The OPC intends to work in partnership with provincial and territorial commissioners to ensure that this conference is a success.
Much of our energy and effort will be directed to increasing our organizational capacity to approved levels. In order to achieve success, our plan includes two major components:
This priority is a cornerstone of our strategy to increase capacity and become a model of corporate excellence and innovation. To be able to report on progress, we must have the systems in place to measure our performance, and we must have a clear baseline of our current levels of performance. In 2006-2007, we will focus specifically on the following elements:
This section provides information on the basis of the Office's program activity architecture (PAA). The PAA provides the structure for planning and reporting the Office's activities.
Our program has four operational activities aimed at achieving one strategic outcome on behalf of Canadians.
|Strategic Outcome||Protection of the Privacy Rights of Canadians|
|Activities||1. Assess and investigate compliance with privacy obligations||2. Privacy issues: research and policy||3. Privacy education — promotion and protection of privacy|
|Financial Resources - $000||7,696||10,154||11,115||10,681|
|Human Resources - FTEs||76||88||98||93|
The planned increase in the level of resources from 2005-2006 to 2007-2008 is based on the phasing in of resource levels. The resource levels for 2006-2007 and 2007-2008 include the one-time costs of equipping new offices for employees and additional resources for those years to eliminate the backlogs in investigations and inquiries.
The OPC is responsible for investigating complaints and responding to inquiries received from individuals and organizations who contact the Office for advice and assistance on a wide range of privacy-related issues. The OPC also assesses how well organizations are complying with requirements set out in the two federal laws and provides recommendations on PIAs pursuant to the Treasury Board of Canada policy. This activity is supported by a legal team that provides specialized legal advice and litigation support.
The operations under this activity will contribute to the achievement of the following priority described in Section II.
|Improve and expand service delivery||Ongoing|
We will report on our performance under this activity using indicators that measure workload and output such as:
We will also measure outcomes, for example the implementation of recommendations made as a result of investigations, reviews of PIAs, and audits and reviews.
|Financial Resources - $000||2,003||3,393||3,956||3,930|
|Human Resources - FTEs||14||19||23||23|
The OPC serves as a centre of expertise on emerging privacy issues in Canada and abroad by researching trends, monitoring legislative and regulatory initiatives, providing analysis on key issues, and developing policy positions that advance the protection of privacy rights. An important part of the work done involves supporting the Commissioner and Assistant Commissioners in providing advice to Parliament on legislation and on government program and private sector initiatives that may impact on privacy.
The operations under this activity will contribute to the achievement of the following three priorities described in Section II.
|Respond to Parliament||Ongoing|
|Participate in PIPEDA review and Privacy Act reform||Ongoing|
|Plan and prepare for the 2007 International Data Protection and Privacy Commissioners Conference||New|
The Office will report in the 2006-2007 Departmental Performance Report and/or in its annual reports on the outputs of this activity using indicators such as the appearances before parliamentary committees (number, purpose and result); the support provided to individual Parliamentarians (number of inquiries, meetings, requests for information, etc.); the major research and policy documents produced (number and issues addressed); and the status of PIPEDA review and Privacy Act reform processes. We will also report on key milestones achieved in the preparation of the 2007 International Data Protection and Privacy Commissioners Conference.
|Financial Resources - $000||1,614||2,751||3,249||3,222|
|Human Resources - FTEs||10||18||22||22|
The OPC plans and implements a number of public education and communications activities, including speaking engagements and special events, media relations, and the production and dissemination of promotional and educational material.
This activity will contribute to the achievement of the following two priorities described in Section II.
|Improve and expand service delivery||Ongoing|
|Respond to Parliament||Ongoing|
We will report on the outputs and results of this activity using indicators such as the volume of inquiries handled, the use of our Web site, the number of publications distributed, the number of presentations made to key target audiences. We will also wherever possible, evaluate the impact or outcome of our proactive outreach efforts through anecdotal and quantitative and qualitative research.
The OPC continues to enhance and improve its management practices in order to meet the highest standards of performance and accountability. Although the resources captured in this section are those allocated specifically to Corporate Services, all managers of the OPC are expected to take responsibility for the expected results, and to integrate the necessary activities in their operational plans.
These activities will contribute to the achievement of the following three priorities described in Section II.
|Build organizational capacity: hire and integrate new staff, engage and train existing staff||New|
|Improve and expand service delivery||Ongoing|
|Develop results-based systems and baselines||New|
We will report on the outputs and results of this activity using indicators such as:
We will also report on changes to the organization and improvements to our management capacity, such as:
The Privacy Commissioner is an Officer of Parliament appointed by the Governor-in-Council following approval of her nomination by resolution of the Senate and the House of Commons. The OPC is designated by Order-in-Council as a department for the purposes of the Financial Administration Act. As such, it is established under the authority of schedule 1.1 of the Financial Administration Act and reports to Parliament for financial administration purposes through the Minister of Justice. The Privacy Commissioner is accountable to and reports directly to Parliament on all achieved results.
The roles of the Research and Policy, Public Education and Communications, Legal Services, Investigations and Inquiries, and Audit and Review Branches are described in the preceding sections. The roles of the administrative branches, Corporate Services and Human Resources, are set out below.
The Corporate Services Branch, headed by the Office's Chief Financial Officer provides advice and integrated administrative services (corporate planning, finance, information technology and general administration) to managers and staff.
The Branch's most important priority will be to lead the implementation of the business case plans that will enable the Office to fulfil its mandate efficiently and effectively. The business case plans will necessitate a complete review of branch design, staffing and classification requirements as well as a comprehensive accommodation plan.
The Corporate Services Branch will also lead a number of important initiatives linked to the OPC 's goal of becoming a well-managed, effective and efficient Parliamentary agency. These initiatives focus on developing and implementing the Office's management accountability framework and integrated information management architecture. Specific projects include:
Human Resources is responsible for the management and delivery of comprehensive human resource management programs in areas such as staffing, classification, staff relations, human resource planning, learning and development, employment equity, official languages and compensation.
The priorities for the HR Branch in the 2006-2007 fiscal year include:
|($ thousands)||Forecast Spending
|Vote 45 - Operating expenditures||3,925||14,460||16,192||15,764|
|Statutory - Contributions to employee benefit plans||728||1,838||2,128||2,069|
|Total Main Estimates||4,653||16,298||18,320||17,833|
|Funding provided through transfers from TB Vote 5 and Governor General Special Warrants in lieu of Supplementary Estimates for activities under PIPEDA||7,135||--||--||--|
|Total Planned Spending||11,788||16,298||18,320||17,833|
|Plus: Cost of services received without charge|
|Accommodation provided by Public Works and Government Services Canada (PWGSC)||823||990||1,065||1,146|
|Contributions covering employers' share of employees' insurance premiums and expenditures paid by TBS (excluding revolving funds)||572||774||896||871|
|Audit of the financial statements by the Office of the Auditor General of Canada||110||90||90||90|
|Cost of Program||13,293||18,152||20,371||19,940|
|Full Time Equivalents||80||125||143||139|
The planned increased resources are being phased-in over two years, 2006-2007 and 2007-2008. The planned spending for those two years also includes the one-time costs of fitting up offices and systems for the increased staff; in addition resources are temporarily provided in those years to eliminate the backlog in Investigations and Inquiries. The planned spending for 2008-2009 represents the resource utilization on an on-going basis.
|Program Activity ($)||
|Assess and investigate compliance with privacy obligations||10,154,000||--||10,154,000|
|Privacy issues: research and policy||3,018,000||375,000||3,393,000|
|Privacy education — promotion and protection of privacy||2,751,000||--||2,751,000|
|($)||Assess and investigate compliance with privacy obligations||Privacy issues: research and policy||Privacy education — promotion and protection of privacy||Total|
|Offices of the Commissioner and Assistant Commissioners||428,000||428,000||428,000||1,284,000|
|Investigations and Inquiries||3,567,000||--||--||3,567,000|
|Research and Policy||--||1,713,000||--||1,713,000|
|Audit and Review||1,655,000||--||--||1,655,000|
The Offices of the Commissioner and Assistant Commissioners include the costs of federal-provincial coordination and international activities. The OPC budgets centrally for many of its costs. For example, Corporate Services includes the costs of information management and information technology (computer systems and computer equipment for all employees), office furniture and supplies and telecommunications. Human Resources Branch includes the cost of employee training.
|Privacy Act 85, ch. P21, amended 1997, c. 20, s. 55||R.S.C. 1985, ch. P21, amended 1997, c.20, s. 55|
|Personal Information Protection and Electronic Documents Act||2000, c.5|
Statutory reports, publications and other information are available from the Office of the Privacy Commissioner of Canada, Ottawa, Canada K1A 1H3; tel.: (613) 995-8210 and on the Office's Web site at www.privcom.gc.ca
Mr. Tom Pulcine
Director General, Corporate Services/Comptroller
Office of the Privacy Commissioner of Canada
Place de Ville, Tower B
112, Kent St., Suite 300
Ottawa, Ontario K1A 1H3
Telephone: (613) 996-5336
Facsimile: (613) 947-6850