Information and Privacy Commissioner Releases Investigation Reports on Delays in Responding to Access Requests

February 23, 2017

The Office of the Information and Privacy Commissioner (OIPC) released two investigation reports today that looked into delays in responding to access requests by Alberta Justice and Solicitor General, and Executive Council and Public Affairs Bureau.

While the reports had different findings and recommendations, a few themes emerged. Senior leadership support is essential to engender a culture that respects access to information, resourcing and staffing for processing access requests has not kept pace with the number of requests received, and having trust in the professionals who manage access requests would reduce the time spent reviewing and signing off on the release of records.

“The purpose of these investigations was to shed light on some of the systemic issues in the administration of access to information in Alberta,” said Information and Privacy Commissioner Jill Clayton. “While process management is important, senior leadership must lay the groundwork for a culture that trusts and respects access to information as a cornerstone to good governance.”

Both investigations were opened in response to several requests to review responses – or lack thereof – to access requests that had been submitted to the office. In the majority of these requests for review, the applicant had not received responses to access requests within the legislated timelines set out in the Freedom of Information and Protection of Privacy Act (FOIP Act).

These requests for review were coupled with “deemed refusal” orders issued to Alberta Justice and Solicitor General, and Executive Council and/or Public Affairs Bureau. The only issue being adjudicated in a deemed refusal order is a failure to respond to applicants within the legislated timeline. To date, 24 such orders have been issued to Alberta Justice and Solicitor General while three have been issued to Executive Council and/or Public Affairs Bureau.

Background

Alberta Justice and Solicitor General

On September 1, 2016, the OIPC received a request from an applicant who alleged he had not received a response to any of the 14 access requests he had made to Alberta Justice and Solicitor General (JSG). At the time, the OIPC had issued eight deemed refusal orders. (Since the investigation opened, 16 additional deemed refusal orders were issued to AJSG for a total of 24.)

Upon review, the investigation found that there were 187 additional access requests that were still outstanding and had been for more than 30 days. The newest outstanding request was 109 days overdue while the oldest was more than 1,000 days overdue (p. 7). However, it was found that these outstanding requests are not publicly reported by JSG or the Government of Alberta in its annual reporting on the operation of the FOIP Act, which is completed by Service Alberta.

There were a number of concerns noted with regard to process. For example, the investigation reviewed one exchange to retrieve records that were responsive to an access request. A request for records went to the Assistant Deputy Minister of the Corporate Service Division, who is the delegated authority for the public body with regard to access requests.  Subsequently, seven reminders were required and it took JSG nearly six months to provide a response to the applicant. As the investigator said (p. 10), “In my view, this is not acceptable.”

The application of discretionary exceptions to access was also noted as a time consuming process, and the investigation emphasized that discretionary exceptions do not mean information must be withheld. In these cases, it was recommended that staff responsible for managing access requests be trusted to use their own their own judgment and to generally trust the professionalism of civil servants to provide sound advice even if information might be disclosed publicly (pp. 12-13).

Further, the investigation recommended to disclose more information withheld under discretionary exceptions thereby reducing the chance of an applicant asking the OIPC to review the response, and to become more transparent.

The investigation noted the time constraints within which employees responsible for managing access requests operate (p. 9), particularly considering that staffing has not kept pace with the number of requests being received. Further, the investigation found an increase in the number of complex or large requests (p. 19).

From 2011 to 2016, the number of access requests received by JSG increased 83% to 410 in 2016 from 224 in 2011 while staffing levels in the FOIP Office ranged between eight to 11 employees. However, in May 2016 there was intent to hire additional staff members to an anticipated level of 16 employees responsible for managing access requests (p. 16).

Finally, there was anecdotal evidence provided during the investigation that questioned the respect for access to information. For example, one individual said that “FOIP wasn’t taken seriously” by senior levels of the ministry when the Department of Justice was merged with the Solicitor General’s department in 2012, and again when the increase in access requests began (p. 21). Senior leadership support is essential to set the tone for a culture that respects access to information.

In total, there were 19 recommendations made in the investigation.

Executive Council and Public Affairs Bureau

On June 29, 2016, the OIPC received 14 requests asking for a review of how Executive Council and Public Affairs Bureau responded to access to information requests the applicant had made. The applicant submits access requests on behalf of elected officials.

Of the 14 requests, nine were made to Executive Council and five to the Public Affairs Bureau. One FOIP Office handles access request processing for both public bodies.

The investigation focused on 12 of the requests, which the applicant alleged were not dealt with individually as they were received but were handled as a group or batched. The applicant believes that batching the responses may have unnecessarily delayed the response.

It was found that in each of the 12 cases the timelines to respond were not met under the FOIP Act. The longest delay was for more than six months beyond the 30-day time limit; the shortest was five days overdue (p. 7).

Further, the investigation found that 257 access requests were made from August 2015 to October 2016. Of those, 105 requests were submitted by the applicant. A response was provided to the applicant for 82 of his 105 requests. The average length of time to respond was 78 days. Meantime, the average length of time to respond to all of the other applicants was 64 days. In both cases, legislated timelines were not met but the response time to the applicant was 14 days longer than the average general response time, which could suggest that the applicant’s requests are treated differently or are even deliberately or intentionally delayed (pp. 12-13).

The investigation noted the time constraints within which those responsible for managing access requests operate, particularly considering that staffing has not kept pace with the number of requests being received.

Disregarding very low numbers in 2011/12 (five access requests between both public bodies), there had been a 216% increase in the number of requests to 240 in 2015/16 from 64 in 2012/13 (with 2016/17 on pace for an additional increase). Staffing levels were adjusted during the course of the investigation from three to five staff members responsible for managing access requests; however, one analyst recently left.

Beyond the volume of requests, there were additional concerns in the process. Rather than an access request being sent to a FOIP Analyst upon receipt, the request was sent to the Senior Financial Officer (SFO) who sent it to the Deputy Secretary of Cabinet (DSC), who is the delegated authority for the public bodies with regard to access requests. Following reviews by the SFO and DSC, a request was then sent to the FOIP Office for retrieval and review of records prior to disclosure.

The investigation noted that this practice of preliminary review by the SFO and DSC impacts timelines, and that the process could be perceived as a form of interference by individuals who need not be involved until the records are retrieved and at least an initial review has been completed (pp. 9-10).

During the course of the investigation, the public bodies changed the process. Although the DSC continues to receive a copy of the request, it is sent to the FOIP Analyst at the same time so as not to delay processing.

It was, however, recommended that the SFO not be involved in the process despite employee reporting structures within the public bodies. Having more individuals involved not only delays the process, it also is contrary to the privacy protections in the FOIP Act. An individual who has no delegated authority in the processing of requests should not have access to the personal information contained in the records nor of applicants, if they are identifiable in the access request.

Among the 12 requests at issue, the approval time was of concern. The investigation noted the average approval process was 33 days, more than the legislated timeline of 30 days alone. The longest period of time was 85 days, while the shortest was 16 days. Even the shortest time was more than half of the allotted time to respond to an access request within legislated timelines (pp. 11-12).

In total, there were nine recommendations made in the investigation.