2010 Legislative Session: Second Session, 39th Parliament

SPECIAL COMMITTEE TO REVIEW THE FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT

MINUTES AND HANSARD

MINUTES SPECIAL COMMITTEE TO REVIEW THE FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT

Wednesday, March 24, 2010

9:30 a.m.

Douglas Fir Committee Room

Parliament Buildings, Victoria, B.C.

Present: Ron Cantelon, MLA (Chair); Doug Routley, MLA (Deputy Chair); Harry Bloy, MLA; Stephanie Cadieux, MLA; Katrine Conroy, MLA; Marc Dalton, MLA; Eric Foster, MLA; Guy Gentner, MLA; Douglas Horne, MLA; Jenny Wai Ching Kwan, MLA; Harry Lali, MLA; Ralph Sultan, MLA

1. The Chair called the Committee to order at 9:31 a.m.

2. The Chair made an opening statement regarding the public release of submissions to the Committee.

3. The following witnesses appeared and answered questions:

4. The Committee adjourned to the call of the Chair at 11:56 a.m.

The following electronic version is for informational purposes only.

The printed version remains the official version.

REPORT OF PROCEEDINGS
(Hansard)

sPecial committee to review the
FREEDOM OF INFORMATION AND PROTECTION OF PRIVACY ACT

Wednesday, March 24, 2010

Issue No. 6

ISSN 1708-3168

[ Page 99 ]

WEDNESDAY, MARCH 24, 2010

The committee met at 9:31 a.m.

[R. Cantelon in the chair.]

R. Cantelon (Chair): Well, good morning, everybody. This is the Special Committee to Review the Freedom of Information and Protection of Privacy Act. I'm sure other members will be joining us shortly as we progress. I know that the government representatives who are here today to inform us have busy schedules, and I'd like to welcome you. I'm going to ask the members and everyone to introduce themselves.

Before we begin, I'd just like to state that in an effort to promote openness and transparency during the inquiry being conducted by the Special Committee to Review the Freedom of Information and Protection of Privacy Act, I believe it's only appropriate that submissions made to the committee, once received by all members, become public documents, with every effort being made to delete any personal information that might be contained in the submission. We will be posting up all the information, all the submissions we receive, on the Web, which I think is only consistent with the spirit of the act and this committee.

With that, I'm going to welcome the vice-Chair, Mr. Routley, today. I'll start with David Morhart to introduce ourselves, and we'll go around the room.

D. Morhart: My name is David Morhart. I'm the deputy minister, Ministry of Public Safety and Solicitor General.

D. Nikolejsin: My name is Dave Nikolejsin. I'm government's chief information officer.

K. Henderson: My name is Kim Henderson. I'm the Deputy Minister of Citizens' Services.

C. MacDonald: My name is Cairine MacDonald, and I'm the Deputy Minister of Housing and Social Development.

R. Cantelon (Chair): Well, we very much look forward to your presentations, so the floor is yours.

Presentations

K. Henderson: I'll just cover generally how the presentation will work this morning. Dave Nikolejsin, the chief information officer, will kick us off with an overview of the act and some of the trends we're seeing in other jurisdictions and the changes they're making to their legislation.

I'll pick us up when we want to talk about ministry themes and the approach we took to designing government's submission to the committee. My colleagues David Morhart and Cairine MacDonald will speak to specific examples and issues that they're facing unique to their ministries.

I'll then talk about some issues that we're facing in the Ministry of Citizens' Services and sum up with a summary of the recommendations that government would make to you. With that, I'll turn it over to Dave Nikolejsin.

D. Nikolejsin: Thank you. I am going to go through some background. Kim talked about the types of things we're going to be covering in the presentation. Excuse me. I'm fighting a bit of a cold, so pardon my voice.

We're going to talk a little bit in my section just about the background. I know that a lot of the committee members will be very familiar with a lot of this, but it's seen as necessary level-setting by us. I'm going to talk a little bit, then, just about setting the stage for where the act came from, hopefully as a context for where we think it needs to go in the future.

Again, I'm sure a lot of this is very familiar to the committee. The act was passed in 1992 and came into force over the next couple of years. In keeping with the type of legislation that was created at that time, it sought to seek a balance between the two sides of the issue — one being a citizen's right to privacy and the other being a citizen's right to access to information.

One of the things that we think is worth spending just a little bit of time on, though, is the type of legislation it is and just for the committee to consider the fact that at the time the legislation was created, it was very much in keeping with the type of legislation that was being created at that time for this purpose.

[0935]

It is highly prescriptive legislation. What we mean by that, and what we notice as we try to live within the mechanism of this legislation, is that it is a very rules-based, prescriptive legislation. In other words, it attempts to be a very extensive and complete list of dos and don'ts. You'll see how that affects some of the things as I talk a little bit later on and as you hear the presentation about the effect of that, especially as we've tried to amend it over time.

Some of the key restrictions that we see that come to the front as potential issues — and are issues based on the way that the act works today — are some of the limitations on collection, particularly around an individual's ability to consent to collection of their personal information. If you contrast that with the PIPA legislation, it's very different.

PIPA has a much more consistent description of the collection, use and disclosure of information. In FOIPPA collection is treated differently. Individuals actually can't consent to the collection of their information, and that becomes a problem for how we then use that information later on. So you have actually more liberal provisions for the use and disclosure of information
[ Page 100 ]
than we do for the collection of information and for a citizen's ability to consent to that collection. That does create limitations for program bodies.

There are limitations on how we're able to then share information once we have it in our possession and the restrictions around sharing with only other public bodies. An example of a non-public body, as described in the act that we're referring to here, is something like the federal government, for example. That's an organization that's not covered as a public body under our legislation but that we have a legitimate need to share information with for program delivery purposes.

Another example would be a non-profit organization, perhaps, that is part of our service delivery organization and perhaps in the social space where we have a legitimate need to share information for good, cohesive program delivery. But the way the act works and the way the rules are described creates problems in the way we can share that information for effective program delivery.

When we talk about inconsistencies in provisions…. Again, I'll talk a little bit about this later on, and you'll hear some of that as the presentations come out. There are a lot of differences of opinion.

For example, if you look at the definition in the way that we currently describe and try to implement things like consistent purpose programs, we have a lot of varying opinions on what that means. Because of the varying opinions on what it means and how it should work and the way that the wording is in the statute, it creates a lot of effort and real and perceived impediments on the implementation of things like consistent purpose or common or integrated programs.

When you look at some of the amendments in general, the act has been amended many times — sometimes directly through bills that are specific around this statute. Many times it gets amended consequentially as a result of things going on in other statutes. There has been a lot of change to the act since 2002, and a lot of the changes have been an attempt to keep pace with the rapidly changing environment. I'll talk a little bit of that in the next couple of slides.

What we do notice is that even though the act is essentially this balancing between FOI and privacy, a lot of the amendments and a lot of the activities that happen and have happened in the House are focused around the privacy side of the act. There's a lot of action on the privacy side of the ledger.

It's important to note that there are lots of changes that have been proposed and that have wound their way through various levels of approval inside the system — some all the way to the House — which haven't always been accepted. There have been attempts to fix things that we've noticed as issues in the past that haven't always been accepted.

A couple of the much more notable amendments that are worth thinking about are…. In 2004 we did the Patriot Act amendments, which was Bill 73, I believe. It was a response of this province to Patriot Act legislation in the U.S.A. Again, I know you're very familiar as a committee with provisions of that amendment. The point I wanted to make here, though, is that there were many, many — I think, unanticipated at the time — consequences to that amendment.

For example, the way that B.C. is now forced to do business in the technology sphere is very different than other provinces — certainly very different than other jurisdictions south of the border.

[0940]

Even if you look at Alberta or Ontario, other jurisdictions that we quite often compete with for economic development purposes, B.C. is a different place to do business when you deal with public information. Any of the public bodies that are covered under the FOI statute are bound by the provisions of these Patriot Act amendments.

A couple of examples. How we are able to do some of our alternative service delivery projects is dictated, because a lot of the organizations that bid on opportunities like that and attempt to do business with us are not Canadian businesses. We have to go through machinations that other jurisdictions don't in order to make sure that the data stays in Canada.

Another example is a term you've probably heard a lot if you follow any technology things. It's "cloud computing" and the move across governments and business towards this notion of putting your data in a cloud. Again, there are really big discrepancies between that type of technological evolution, how the wording of the act works and our ability to embrace those kinds of things as efficiency measures or just good business practices. If you have more questions on that, we can talk later.

Another big change that's been made to the act recently, which we think is part of the response to this rapidly changing environment that I talked about earlier, is the recognition that we need common integrated programs or consistent purpose–type things going on, so the act has been amended to try to introduce the ability to do that. It has not really worked out very well.

Again, it's what I said earlier. However many lawyers you can get into a room, you will get that many different opinions on how to operationalize this part of the act. It is very, very difficult at the bureaucracy level to take the provisions that are currently in the statute and to operationalize them for common or integrated programs.

R. Cantelon (Chair): Maybe I'll just pause here for a moment. We have a full committee. I'll start with Eric and ask the committee members to introduce themselves.

E. Foster: My name's Eric Foster, and I'm the MLA for Vernon-Monashee.
[ Page 101 ]

D. Horne: Douglas Horne. I'm the MLA for Coquitlam–Burke Mountain.

S. Cadieux: Stephanie Cadieux, MLA for Surrey-Panorama.

R. Sultan: Ralph Sultan, MLA for West Vancouver– Capilano.

M. Dalton: Marc Dalton, Maple Ridge–Mission.

H. Bloy: Harry Bloy for Burnaby-Lougheed.

R. Cantelon (Chair): Ron Cantelon for Parksville-Qualicum, and Chair.

D. Routley (Deputy Chair): Doug Routley from Nanaimo–North Cowichan, and Deputy Chair of the committee.

G. Gentner: Guy Gentner from the very transparent Delta North.

J. Kwan: Jenny Kwan, Vancouver–Mount Pleasant.

H. Lali: Harry Lali from Fraser-Nicola.

K. Conroy: Katrine Conroy from Kootenay West.

R. Cantelon (Chair): Just before you proceed again, Dave, do you want to take questions as you proceed?

D. Nikolejsin: It is entirely up to the committee and how they would like to do that.

R. Cantelon (Chair): Well, if you have questions as you proceed, I'd recognize questions. We want to be cautious not to push us into the afternoon, but we'll take questions as we go.

R. Sultan: It's a very small question, but you used the word "inability" to do something in your second or third slide. I didn't quite get the drift of the sentence. You said a person has an inability to do something. Is he precluded from, or he's unable to? I didn't quite get the meaning.

D. Nikolejsin: The way the act currently works…. What I was talking about is that government would like to, sometimes, when we're collecting personal information, explicitly ask people to consent to things — the use of their information. "I'm gathering this information about you for this purpose of this program. Do you consent to allow me to do something with it — for example, use it for research or share it with another program?"

Right now there is no ability to do that in the statute. There is in the private sector. If TELUS was doing the same thing and saying, "Okay, I need your personal information right now, and I'm going to collect it, and I'm going to give it to the cell phone part of my company or something. Do you consent?" that's allowed. You can't do that in the public sector right now. We think that's a gap in the statute that needs to be addressed.

R. Sultan: In other words, a person contributing that data is unable to prevent its further dissemination. Is that the meaning?

D. Nikolejsin: I would say that's not correct. There are lots of provisions in the statute that govern the use and disclosure of information, and those parts of the statute are still in force. It's just that the person can't explicitly consent to something.

R. Cantelon (Chair): If I may correct that. Under PIPA, which TELUS would be dealing with — personal, private — you can give consent. Under this act, you can't give consent, and you're prevented from allowing this information to be used by other means.

D. Nikolejsin: Correct.

[0945]

D. Routley (Deputy Chair): Thank you, Mr. Nikolejsin for your input today. We appreciate it.

The alternative service delivery complications that you refer to due to Bill 73 and maybe some other aspects of the act could be viewed two ways. They're either a complication for those companies, or it could be that we're ahead of the curve as other jurisdictions push for similar protections in light of the U.S.A. Patriot Act. I'd like to have your opinion of that and what you've seen happening in other jurisdictions, because we may not want to reduce our protections to eliminate those complications. Rather, others would catch up to us.

Then cloud computing. At the recent privacy conference there was a lot of concern around cloud computing from the point of view of private corporations and their responsibility to protect privacy. What is the view of your office when it comes to cloud computing? Are there measures that can be taken to protect privacy once we go down that path?

D. Nikolejsin: Regarding the Patriot Act provisions and what's happening in other jurisdictions in Canada, the only other province that has really followed our lead in regards to building in statutory protections against the U.S.A. Patriot Act is Nova Scotia. Their act is quite a bit different from ours, but it's similar in intent.

All the other provinces have looked at the issue. I sit on a council with my peers from all the other provinces and
[ Page 102 ]
the federal government. They have all had an examination of "What did B.C. do; should we follow that route?" No jurisdictions other than Nova Scotia have taken that approach.

That does not mean they aren't concerned about the Patriot Act and its consequences on their citizens' information. How they have chosen to address those concerns is through contractual mechanisms. A similar thing that we've done in the statute…. Ontario or Alberta, for example, would build those types of privacy protections into the specific contracts that they're building with whatever organization it is.

I have had fairly extensive discussions with the Office of the Privacy Commissioner here in B.C. about their feelings about which direction is better. I leave it to them to speak in their submission, but it would be worth asking them their view on that as well, because I think it is a legitimate issue for this committee to decide which direction we should go there. It definitely does add a lot of cost and time to B.C.'s ability to do those kinds of things.

Sorry, the second part of your question was on cloud computing. Please do not interpret my comments about cloud computing as being "That's all safe and good, and we should be doing that." My comments were really meant to say that based on the way the statute works today, we're not even permitted to enter the thought process of "Should we do that?" or "Is it a good thing?" or "Are there other benefits or drawbacks?"

What I would suggest is that there are legitimate privacy concerns about cloud computing. If you look at what California is doing or what the U.K. government is doing as examples of that, they are actually shying away from the Google cloud or the Amazon cloud as a way of doing business, and they're much more turning their minds towards, as governments, setting up a government cloud.

Could we work with an organization like Google to create a private space for us that leverages all the same benefits of their economies of scale and their technology base and all that and get all those types of efficiencies but cordon it off in an operating way for privacy reasons? That is what a lot of leading governments are doing with cloud computing right now.

M. Dalton: Thank you, Dave, for your presentation. You stated the difference between the U.S. and other jurisdictions in Canada. Just regarding the criminal investigations and crime prevention, what is the impact? What is the difference here as opposed to other jurisdictions?

D. Nikolejsin: With regards to the FOI statute?

M. Dalton: Yeah, that's right.

D. Nikolejsin: I would say that in Canada it's not a lot of difference. One of the benefits of having an FOI statute is that it prevents arbitrary sharing of information in that sense.

[0950]

It's actually illegal, because of the FOI statute, for one program to arbitrarily and without rationale or reason share information with another program. That's very consistent with other legislation across Canada and, I'd say, with Commonwealth countries, with Europe and so on.

The U.S. is quite a bit different. Their privacy environment is very different than Canada's privacy environment, so that's quite a bit different down there.

R. Cantelon (Chair): Thank you, Dave. Please carry on.

D. Nikolejsin: Okay, thank you. I have just a few more slides, and then I’ll turn it over to Kim on the background space.

One of the things that we think, as the government…. It's important for this committee to think about it as well, because we know there's been discussion about original intent of the act and how that was considered by the people who framed the statute originally. One of the things that we think a lot about is that the time that the act was created was a different time technologically.

If you think about the fact of the state of things like the Internet at the time — no one had access to the Internet; if you did, it was dial-up — and our sheer ability to create information, to create records that then become subject to the act, it was a very different world.

As an example, I did a bit of math, and flash memory was available back in 1992. If you were to try to build an 8-gig iPod, it would have cost somewhere between $3 million and $4 million. The sheer cost of memory at the time dictated a lot about "How many records did we have; how much did we create?" Our tools, and our ability to do that — it was a very different world. That has two effects. One is the ability of technology to help us sort through all that, but it also affects the sheer amount of information we create.

The other thing that's worth considering, when you think about the environment today, is that back when the act was created in 1992 — again, partly because of the way that technology was, but also the way that government operated in those days — government was very, very vertically oriented and vertically integrated.

It was not uncommon at all to have an entire vertical orientation, a ministry that developed programs, that had its own systems, its own networks, its own computers, its own front counter, its own offices in every town around the province and its own records. Citizens dealt with that program for that reason to get that service. It was very vertically oriented, and that was the state of where we were in 1992, when the statute was created. Most of it was paper.
[ Page 103 ]

If you look forward to today in the world we live in, it is very uncommon — in fact, I tried to think of one — to have a program that works like that anymore. It is absolutely the norm that programs we deliver are horizontally integrated. There are handoffs between programs, between ministries and between service delivery organizations, non-profits, different levels of government and so on. You're going to hear more about that in the presentations that the other members make, but it's really important, when you think about the context for the intent of the act — the time that the act was created in as well.

Another point is citizens' expectations. I talked about that horizontal government piece and the need to share information effectively to do effective service delivery. We have a lot of information that tells us our citizens are more and more expecting us as the government to respond effectively with integrated programs in an on-line way. Whether you're at the counter or whether you're on line, it should work more like on-line banking. You know, I sign on once, and I can do everything I need to do. Why is government so different?

Government is different in two regards. Government is different because there's not much behind the on-line story. Once I log on, I can't actually do much. To do the really important things with government, you've got to show up at a counter somewhere. That doesn't feel right in this day and age of electronic access.

It's also very true that citizens have an absolute need to be reassured — as we do those things, as we put those services on line and we integrate them effectively — that we're absolutely paying attention to the privacy stuff. It's not an either-or question.

There's one set of statistics up on the board there from StatsCan. I would offer to this committee, if they would like to hear what's kind of really going on out there in the polling, that ICCS has done a bunch of polling — Citizens First. The Institute for Citizen-Centred Services has done a whole bunch of polling across Canada. Governments have done polling.

If the committee would like access to that information to show what citizens' expectations in this space are, we can provide that to the committee. We have come to the conclusion as a government that it's really very important, from a citizen perspective and a Citizens' Services perspective, to get on line effectively.

[0955]

I've already talked about this notion of siloed government moving to horizontal government. You're going to hear more about that again in some of the presentations to come later, but a great example — and I think Cairine is going to build on this one — is the homelessness one, so I'll leave that one for her.

A couple of the international comparisons. We could put up a bunch of these. We chose the Australia one to focus on because they've been at it a bit longer than others and they are also a Commonwealth country that's very similar to us. What they have really started to get a handle around are some of the issues that we've dealt with — or that I raised earlier, we're trying to deal with now — around our statute. What I mean by that is that they are moving towards a much more principled-based way of dealing with these issues.

Rather than continually trying to go back to the act and add more rules or amend the rules or add yet another rule and then having it be an interpretation issue or, "Yeah, gee, we didn't get it quite right; we've got to add yet three more rules to clarify the last rule we added or to balance out the last," they've gone to a much more principled type of approach.

You're also seeing this in some of the European countries as well. They're writing entirely new legislation to deal with some of the issues I raised a couple of slides ago, because it is indisputably true that government is computerized. It is indisputably true that people want to get on line and do business with their governments on line, and it is also indisputably true that you cannot and should not and will not somehow toss privacy over the transom as you try to fulfil those legitimate needs.

It's going to a principled way of dealing with the issues, to say: "You know, these privacy things are important, and they must be kept in balance." They are going towards a mechanism where they leave the programs much more in charge of how they adhere to those principles as opposed to trying to be very, very prescriptive.

Again, if the committee would like examples of these or some of what's going on…. The reason I like the Commonwealth ones better than some of the European ones is that what some of the European countries are doing is moving more and more towards these national idea initiatives, which I very much don't like for privacy reasons. That's why I don't like to use some of the Scandinavian or European examples as much as I do the Commonwealth examples.

This is my last slide. We already do a whole bunch of things really well, so I don't want to overstate the point here either, but we do believe there are a lot of improvements that can be made, and that we can do better. There are legitimate, reasonable, balanced amendments we could make to the statute that would allow us to more effectively share information and do better collection of information for specific purposes that would definitely benefit our citizens.

R. Cantelon (Chair): Any other questions at this point?

D. Routley (Deputy Chair): Mr. Nikolejsin, when we look at the approach in other jurisdictions, going back to the first section and contracted standards rather than legislated standards, there is a difference in that
[ Page 104 ]
I can choose a different competitor in the private sector. There's no real danger — say, my cell phone contract when I go from Rogers to TELUS to Bell — that suddenly they're all going to combine the information they have on me and then be in possession of that sort of warehouse of information.

Whereas with the government, it's clear that in the case of integrated case management, for example, there would be that broad capacity to collect information and store and use it. Also, in the private sector contracted arrangement there would be less opportunity for individuals to opt out or to give consent, not give consent.

Are those considerable issues? Do you think that those deserve consideration by the committee when we consider the move? It also implicates a move from a regulatory-based act, like this, to a principle-based act like is being implemented in Australia.

D. Nikolejsin: I think the issues there are the same regardless of the technology or the project. What government could do if they chose to ignore the statute is the same either way, given existing systems or new systems or whatever.

My experience has been — and, certainly, I see it a lot — that government ties itself in absolute knots because we do not ever ignore the statute or the provisions of the statute around things like who can see what data when, and for what purpose.

[1000]

Who got to decide? Who's the steward of that information, and who made the decision of who gets to see what when, and for what purpose? It is taken immensely seriously, whether it is disparate systems or an integrated system.

I think the benefits you get by moving towards modern systems that are not a hodgepodge — something that was built 30 years ago, or a hodgepodge of things that were added on since — is that you can much more cohesively and specifically address these things and build in the necessary provisions to make sure that that doesn't happen. I take the approach that says: "I see technology and modernizing the technology environment in a way that's respectful of the statute as a part of the solution to the very concerns you raise."

D. Routley (Deputy Chair): In that case, if we're considering this move to a more modern approach using all of these technologies that are available, with the implications to privacy being considered, is there…? What we've seen so far….

I take very seriously what you've said about government's respect of the act. Really, we have to set the standard because government also regulates the private sector's observance of privacy protection. So how can we point to them and increase their standard while there are slipping standards in government? I take very seriously what you've said, but then, on the other side of that, there are the human error or human components of that.

At the privacy conference we heard about a doctor who took huge medical files of vast numbers of people home and accidentally put them on a shareware program, and they went everywhere. We've got the example of the Wainwright scandal in government where one person was able to intrude on the privacy of 1,400 income assistance recipients.

I think that's where the nervousness is around any change. There's this phrase: "Any fool can bring change. It's progress we need." So definitely we want to progress our technology and our ability to serve citizens, but how do we protect ourselves against those kinds of breaches, either in the old system or the new system? I think that human component is where their falling-down will be regardless of if we stay with what we have now or move on.

D. Nikolejsin: I don't disagree. I think that the human component will absolutely always be an issue. People who choose to do illegal things for nefarious reasons will always be an issue.

One of reasons that the Wainwright thing became an issue, initially at least, was that the records management process was very much paper-based. So our ability to actually go back and really understand who's accessing what records, under what authority and for what reason, is limited by the technology environment we have in place.

It is not a panacea. It will help us, I believe, minimize those kinds of things in future and absolutely help our ability to remediate them when they happen. But will it mean we'd never have another bad person doing bad things? That will always be an issue.

D. Routley (Deputy Chair): One quick follow-up. Then would you say that there are increased opportunities for detection of this kind of a breach by moving in the direction you're recommending?

D. Nikolejsin: Absolutely. Without question not only will we have better surveillance of who's accessing what information under what purposes for what reason, but we'll be able to set up much more fine-grained rules than we have today.

We talk about things, and we toss around these terms — you know, "roles-based access to information." We'll be able to define much more fine-grained roles and say: "Based on what role you're playing in the service delivery exercise for this citizen, what are you allowed to actually see? You do not get to see the whole file. You only get to see the parts that are relevant to the role you're playing in this interaction, and we will be able to see if that somehow gets violated."
[ Page 105 ]

I would also suggest that it will provide an opportunity for others — auditors, privacy commissioners, whomever might be deemed appropriate to come in and make sure that what I'm saying is true. Right now it's almost impossible for them to come in and say: "Well, are we actually living up to what I'm espousing?" We will have all sorts of abilities for them now to come in and check on that.

[1005]

J. Kwan: I think that last answer, in part, answered my question, and that is that with this integrated system, the new and improved modernized system that's being talked about, the process of accessing the information, then, would be restricted to the ministry staff pertaining to whatever role that they engaged in. For another ministry to try and get access….

Let's say, just using this as an example, the Health Ministry tries to get some information about an income assistance recipient, about their nutrient supplement information. They would not be able to access the information. Is that what you are saying?

D. Nikolejsin: That's correct, by default. What we would like to introduce is the ability that should a citizen choose to want to have that information be shared…. It goes back to that consent question earlier and, technically, the environment being created that would allow it then to be shared to put that in place. But by default, you're absolutely correct.

J. Kwan: Then with this integrated system, if someone tried to access information without consent and without the authority, as it does not pertain to their role, it would then be registered in the computer that John tried to access this information each and every time?

D. Nikolejsin: Yes. I mean, we still have to build the system, but yes, that's a design principle of the system.

J. Kwan: Just so I fully understand the integrated system, then, the purpose of it is basically to move from paper mode of documentation into a computerized system. Is that correct?

D. Nikolejsin: Partially. I'd say a lot of the systems already are computerized. Some of them are 30-year-old systems. Some of them were built more recently. Some are very small systems. Some are gigantic systems. But most of them actually are computerized.

The problem is that programs…. It's that notion of horizontal that I talked about earlier, where citizens are encountering program by program one service delivery experience, and each of those programs are on a different system, which sometimes happens as people fall through the cracks or information doesn't….

The real notion, the important notion, is that where there is a legitimate, authorized decision that has been made to share information for appropriate…. The decision is not made by technology people or by the people designing the system. It's the stewards of the information, the owners of the information that have the legal authority to share something…. They have a much, much more enhanced ability to do that. Right now the computers are not connected together. They don't talk to each other. Some of it is on paper and all of that.

J. Kwan: Who gets to authorize, and what are the overriding provisions, then, to access information without consent?

D. Nikolejsin: Sorry, are we talking about ICM specifically, or is that a general question about…? There are lots of systems in government that have lots of information in them. The general answer is that the program owners, the stewards of the information make those decisions, and there is all sorts of enabling legislation around programs.

There are the heads of the public bodies, who you'll hear from in a moment, that deal with program matters and the information that's under their stewardship. Those decisions are made by the stewards of the information, and that's different depending upon what program we're talking about or where it is.

J. Kwan: Okay. In this instance, I'm just trying to sort of get a fuller sense — right? First we heard that with the integrated system only the people pertaining to the role in which they play would have access to that information about that particular person. No other ministry, even though it's on an integrated system, would have access to that information if they do not play that role unless explicitly consented by the individual — right? That's one piece.

Related to that question is: is there anybody within government who can then override access to information on a particular person's file without the consent of the individual? Would it be the minister who would say: "Well, actually, with this particular file, I think we need to share that information for these reasons"? Is there somebody who can give that authority to override that restriction?

D. Nikolejsin: Again, I would say that goes back to the individual programs and the heads of those public bodies, but what you're asking is a policy question.

[1010]

If there's a policy decision made that looks something like what you said, that information needs to be shared, that would be made by the appropriate policy-making authority, taking I'm sure everything into account that they need to think about. But that is not a….
[ Page 106 ]

Again, I would go back to some of the things I stated earlier, which is…. When those kinds of discussions happen, they're always done in the context of the statute — right? A policy decision can never trump the statute. The statute is clear around when information can be used and for what purposes, and when it should be shared and not shared and so on, or disclosed.

The concern that we have is when we look at trying to create these notions of common purpose programs — right? — which is where really the rub happens. So from a citizen's experience perspective, they want to have it look like a seamless interaction with government on a particular interaction, which might involve, say, two different programs. How do we then share that information?

It is a complicated answer, because as I said earlier in my opening comments, the way that's described in the statute currently is not easy to implement in an operational sense. Most often the citizen experience is sacrificed on a risk decision that says: "You know what? We've got to err on the privacy side of this equation."

That's what happens all the time. So one of the questions we're raising here at the committee is: is that okay? Do we need to start considering the ability to build provisions into the statute that try to balance that out and say: "Yes, privacy's important." No one ever said it is not, but it's this notion of saying the citizen experience…. And the notion that government is horizontal now. It is. Are we going to try to build ways into the statute that are more enabling around building those notions of common purpose programs?

R. Cantelon (Chair): Doug has a question. Just before I take that question…. The Wainwright case has been mentioned a couple of times. If I could caution members and presenters that we don't want to imply or make any judgmental statements regarding that as being good or bad or otherwise. We want to be careful, because that is in the court, so I'd like to give you that cautionary word.

D. Routley (Deputy Chair): Yes, and then I'd preface any remark that I make towards referencing that case — that it's just an example of a system issue and not implicating or attempting to implicate guilt on the part of anyone, simply that it's an indication of the system maybe malfunctioning or not functioning exactly as it should.

Mr. Nikolejsin, it would be hard to argue against an increased citizen experience, the phrase that you've used, and who would? Obviously, when I go to Shared Services B.C. offices I talk to people about the difficulties they have in serving citizens and how they would like to see improvements in efficiency and communication horizontally, as you indicate. But then on the other side, as you've said, privacy is never going to be unimportant.

Can we do both? Can we offer people the option to opt out of having their information shared in this horizontal way through a system like ICM? Will that capacity be there? Do you think it's advisable to offer that? It's kind of like the old Rogers negative option. You're either in or you’re out, and you have to indicate whether you want out. Or do you think that people should indicate whether they want in?

D. Nikolejsin: If I could beg the committee's indulgence, I would suggest holding that question. Cairine MacDonald, who is the head of the public body, would be in a much better position to answer that type of question.

R. Cantelon (Chair): If that's agreeable to you, Doug.

D. Routley (Deputy Chair): That would be okay.

R. Sultan: We've had witnesses appear before us, and the common lament is that requests for information are dealt with very slowly. The information is frequently blacked out. The cost is exorbitant. There's maybe even a conspiracy to make it so difficult that people kind of give up. One gets the impression that some of these people imagine an era when they could get on their laptop and start roaming through the government files on their own.

[1015]

I think Google has sort of raised expectations here in terms of finding out anything you want about anything, and they would like to do the same thing about government. I presume — I'm extrapolating a little bit — that they would like to do their own analysis of the efficiency of a certain government operation or the incidence of some occurrence in the government files.

Can you foresee the day when it might be possible for citizens of that bent to sort of roam through the government databases for whatever individual purpose they might have in mind?

D. Nikolejsin: I think not, broadly speaking, simply because of the privacy balancing act there. I think that if you're talking about land data or mining information — absolutely. We should be striving more and more every day — and I think we are — to put all of that stuff out there and just let people do whatever they like with it, because there are no implications to privacy. That, to me, is where that separates.

I cannot imagine the day we would let citizens mine the child and youth mental health database. I mean, it's just not going to happen. In fact, the amount of contortions we go through even to allow researchers to get anonymized access to those kinds of information for legitimate research purposes shows you how far away we are from opening any of that up.
[ Page 107 ]

R. Sultan: Well, aside from individual, personal data, some of these respondents seem to be referring more to budget and cost and expenditure numbers.

K. Henderson: We made a separate submission on the administration of the act itself, and we talk about routine disclosure in that. There's no question that there's more that we can do on routine disclosure. Dave mentioned a site — GeoBC. I think it's a fabulous example of what government can do with data and put it on line so that citizens can access it, manipulate it, mash it up and do whatever they want to do with data.

I think there's a lot more that we could be putting on line, and it is about us striking that balance about what is appropriate information for us to be putting on line and what isn't. Financial data is another great example, where we think there's more that we can be putting on line and giving citizens access to. It's about doing the analysis about what is that right balance.

D. Routley (Deputy Chair): Much larger organizations — like, for example, the federal government of the United States and all of its agencies — are moving towards routine disclosure and electronic reading rooms. Isn't there a fairly simple dividing line in the act already between personal privacy issues and unexempted information under the act?

Do you see routine disclosure of all documentation that is not exempted from FOI as being an economy to the government — that in fact, rather than process thousands upon thousands of freedom-of-information requests, electronic reading rooms, as prescribed in the U.S. policy, which would be searchable by common search engines, archivable and retrievable by individuals, would be an opportunity to expand democratic participation, as well as a huge saving to government when we consider the cost of processing so many FOI requests for non-exempted documents?

K. Henderson: I think we continue to do an assessment about what is appropriate information to put on line. We've received, over the last fiscal year, over 6,300 requests for information, and the bulk of what we get are information requests for personal information about individuals. Obviously, that always has to be administered in the way that we currently do that.

What we're trying to assess is: where is that line of information that we can put on line and give citizens more access to? It's certainly a trend that the U.S. is going in, and lots of different jurisdictions. You see municipalities doing that now with open data sites. That's the direction that we'd like to go in and figure out what all the data across government is that we can put on line and give citizens greater access to.

But the bulk of the inquiries that we get are for personal requests for personal information, so that is how we're always going to administer that. It's really about figuring out what we can put on line.

D. Routley (Deputy Chair): I'm sure the bulk would be personal requests. We can look to the difference in numbers between Alberta and B.C. and see that ICBC is largely responsible for that. But those are generally quite low-cost requests, if I understand the situation correctly.

[1020]

The high-cost requests that tie up a lot of the various offices' time and result in the kinds of bills that some of the presenters to the review committee have shared with us, which are quite extraordinarily large, are more related to financial issues of government, like the budgeting or land use decisions around forestry or environment — the Ministry of Environment and their decisions and rulings.

Are not those documents that could be offered through routine disclosure? As long as we establish which class of documents are not exempted, if they were on line, wouldn't that be a huge savings to the government in general and the Citizens' Services Ministry in particular?

K. Henderson: Yes, and that's part of the assessment we want to do: figuring out what those pieces of data are that we can put on line. You're right. The very complex requests we get are the ones that are the most time-consuming. Although our statistics are improving — our average response time has gone from 35 days down to 24 days — there is much more we can do in terms of routine disclosure.

It is often the nature of how the request is worded when it comes in that makes it very complex in terms of dealing with multiple agencies and our need to try and gather information from multiple agencies and how we coordinate that. That becomes very complex for us. So yes, it is an intention of ours to try and figure out what data it is that we can put on line more routinely. We do think it will cut down on some of those more complex requests.

H. Bloy: Once you get to a number of those complex requests…. You've just said that you think the numbers will be reduced. But is it repetitious of the people that ask now? Is there a same group? Or is it reporters that are asking? Are they looking at you to do research for them?

K. Henderson: I wouldn't want to speculate as to why they'd want to access the information. We do receive a large number of general requests. A large number are media and political parties.

J. Kwan: By way of an example in terms of routine release, would something like this be considered for a
[ Page 108 ]
routine release? I actually put forward an FOI request to the Ministry of Small Business, Technology and Economic Development. I was asking for release of contracts that were signed by the ministry related to hosting activities for the 2010 Olympics.

The request went in. I got a bill that said: "If you want access to this information, for the search to begin, you have to pay something" — to the tune of $10,000 and change — "for this request." Then the suggestion was that we narrow the request. Of course, I thought the request was quite narrow already. Anyway, through that process and discussion, it came back that we got access to three contracts, which were given to us for free. The other contracts that were somehow held — and I don't know how many there were — we couldn't get access to unless we paid.

To me, those contracts — all of them — should have been routinely released and been on the public record, in my view. Would that be something that would be considered in this process? And it took months, notwithstanding.

K. Henderson: What we have to be conscious of is section 21 of the act. Section 21 dictates that it's mandatory that we don't disclose information that may be harmful to the business interests of a third party. While I don't know the specific request that you made or the circumstances around that, I would expect it's probably that they determined that releasing some of the information in those contracts would have been harmful to the business interests of a third party.

That's what it says in the legislation. Generally speaking, I'd agree with you that we've committed to some transparency around our ASD contracts, but it may have been in the assessment that they were considering section 21.

J. Kwan: It's interesting, though, because three contracts got released with no information severed at all — names, everything, intact. It begs the question. If what you say, on the section that applies, is the concern, then it ought to have applied for those other three contracts as well, but it didn't. They were released.

[1025]

Somehow some other contracts were held, and whatever they were and in what magnitude, nobody knows. It's a kind of curious thing in terms of when you apply that section and under what set of circumstances.

Why would it apply to one company, then, and not the other and not consistently across the board? It begs questions in terms of how this whole thing is managed. Frankly, it speaks to issues related to transparency — more particularly, lack thereof.

K. Henderson: We centralized all the FOI staff last January, so one of the benefits we've had is an increased response timeline. One of the other benefits is more consistent advice to ministries on how some of these responses are coordinated. Sometimes you would get individuals making different decisions or different legal advice on what should get released. It is a benefit that we've consolidated these staff into one group to try and get some consistent advice.

Again, I wouldn't know what was in…. There may have been more extensive information harmful to a third-party interest in the other contracts that you're requesting and not in the others. But I wouldn't know — unique to that request.

J. Kwan: May I ask one further follow-up on the calls-related side of things?

R. Cantelon (Chair): Yes, you may. Go right ahead.

J. Kwan: In our previous presentation related to the issue of release altogether, it ties into the routine release of documentation because of the cost implications. I think, if memory serves me correctly, it's something like $999 for searches to take place through the computer, to access information through the mainframe. A charge would be forthcoming to the person who's requesting the information to the tune of $999. It goes close to a thousand dollars per hour, I believe, for that search to take place.

Help me, because the idea of getting information onto a computerized system…. One would assume that it's easier to access that information than to have it in paper format. Theoretically, the cost should be a lot lower than what it is, because the information is more accessible through a computerized system, easily searchable. But it charges a thousand dollars an hour, for all intents and purposes, to carry out this work.

Then there was an additional charge for any programs that were developed associated with the mainframe for accessing this information. That, too, would be charged to the person requesting the information.

Help me out here. If we're going to streamline…. Then we talked about integrated services, and so on, to make things more efficient. In the case where we do have some efficiency by way of computerized systems, the charge is still exorbitant. It makes it almost impossible…. In fact, it does make it impossible for people to access the information.

For that purpose, is there some evaluation done on the cost analysis and benefits of moving forward to a system of routine release of information versus those kinds of exorbitant charges?

K. Henderson: In terms of fees, the fees that we charge haven't changed since 1992. The first three hours of search are free, and then we charge $30 an hour after that. We don't charge for personal information, so if
[ Page 109 ]
you're requesting any personal information about yourself, we don't charge. We tend to do a lot of fee waivers. Last year government collected $50,000 in fees against the $10 million that it costs us just in the administration of the act itself.

When it comes to mainframe charges, that's an issue that was raised in ministry estimates and is something that we're going to take a look at. It does appear that there is some inconsistent application of when we're charging fees for mainframe access or not. One of the things that's important to understand in terms of now and when the act was brought in, in 1992 is that there are infinitely more records in government than there were in 1992, so there are infinitely more volumes of records to search. While they are in electronic format, it does require some period of time to search them.

J. Kwan: Suffice it to say — and I'll just close with this, Mr. Chair; I appreciate your indulgence on this — that of course, since 1992 we've also come some distance in terms of technological advances — in terms of the computerized system and what it is capable of and how it could actually search through this information. I appreciate that there may be more records to search through, but I also appreciate that there are a lot of advances in terms of technological advances.

Hence, I guess it's very timely in terms of the work of this committee, 1992 versus 2010. It's time to review and change in terms of the application of fees and what it really means.

[1030]

R. Cantelon (Chair): Now I've got a speaker list of four, so we'll go through that and then ask the presenters to carry on, if we may, in the interest of time.

D. Routley (Deputy Chair): You have mainframe access at $16.50 per minute since 1992, and it's something that was discussed in estimates. I think this committee is really going to have to look at what the real costs are and how we can justify that, particularly now that so much of it has been paid for.

I agree with the previous speaker that as we move forward, we have to consider how that will implicate new systems and what kinds of charges we'll have to justify creating those new systems.

There was a question earlier about repetition, repetitive requests from one group or another. I'd like to take a different cut at that — repetition and redundancy of requests from different groups but the same request, and the cost of answering the same request to a number of groups over a period of time. Would that redundancy not also be eliminated through routine disclosure? Would routine disclosure not prevent the various ministries from having to create the same documents for any number of applicants?

Then the other thing I would like to inquire about is the U.S. federal legislation and their exemptions around third-party interests, business interests, when it comes to freedom-of-information requests. I understand that there's a much more tight exemption — the principle that a public dollar is a public dollar is a public dollar. It's easier to trace public money into private contracts under the U.S. federal legislation. I may be mistaken.

K. Henderson: Yeah, I've just conferred with Dave. We're not familiar with the latter issue that you raise, so that would be something we'd have to look into.

In regards to your first question, I think, generally speaking, we agree that we need to be doing much more around routine disclosure, and we're looking at ways to do that. When you mention about getting common requests for information, it will always depend on how they're worded. If they're worded slightly differently, it can dictate a different search for us. It will also determine, when the records are released, whether any severing was required.

If we had to do that assessment under the act, then it wouldn't be something that we would be able to routinely disclose, because it needed to have that thought process of applying the act to the request. What we're trying to figure out…. Again, it's trying to strike that balance of what is data that the public is interested in receiving that we can routinely put on line, and those are the assessments we're doing.

D. Horne: Two questions, one going to one of the points you made. Obviously, the committee has heard from many groups that have presented to us about some of the high costs of accessing the system the way it exists today. One of the comments you just made is the fact that the fees are set and the amount the system costs us compared to the amount that we collect in fees today.

While the fees may be high, do they even, in many circumstances, represent anywhere close to actually paying for the cost of collecting the information and divulging the information to these parties? With the fees and the structure that we have in place today, are we looking for the parties to pay the cost of the searches that they're requesting? Or are we not looking for full recovery of those costs at this point? Where are we at within that spectrum?

I'm also interested in your thoughts on routine disclosure from sorts of the FOI requests that we get today, because my gut feeling would be that even with routine disclosure, which I very much am in favour of, many of the parties that aren't seeking personal information would be seeking not only the information that perhaps would be routinely disclosed but would also be interested in what perhaps might not be routinely dis-
[ Page 110 ]
closed, which would obviously add significant costs to that process as well.

[1035]

I'd be interested in your comments on those two issues.

K. Henderson: In regards to your first question on fees, as I mentioned, we collect about $50,000 in fees a year on a cost of administration of $10 million. That administration cost is just the cost at the Ministry of Citizens' Services. It doesn't include the cost of ministries actually complying or searching for the records, so it's actually quite a narrow number in terms of what the cost of the system is to us overall.

Fees are not designed right now to recover the full cost of what it takes us to do a search. It is a portion, and the fees are dictated in the act in terms of what we collect, but it is not a full cost recovery model. The average cost for a search for us is about $2,200.

G. Gentner: Thanks for this sort of informal candour here. It's helpful.

Two things relative to delays on requests for FOIs. How difficult is it to go back to the original intent of the calendar days versus now, the relationship of waiting for business days? We talked about some of the shifts or changes since the act in 2004, etc., but I haven't seen any reference to that in the presentation.

Secondly, can either one of the members here giving the presentation describe to us why that time is dependent on who the applicant is? When we look at the corporate request-tracking systems…. Obviously, requests from governments and business and other public bodies…. They receive their FOI request information streamlined, whereas interest groups, political parities and media have significant delays on their requests.

K. Henderson: In terms of business days versus calendar days, our entire system is built right now on business days. All of our business processes are designed that way, so it would be an administrative challenge for us to go back to calendar days.

In terms of your latter question, we absolutely do not distinguish between who the applicant is. Oftentimes the requests that you mentioned are just infinitely more complex than the other requests, and it is all to do with the complexity of the request that is being requested. It might involve multiple agencies, additional severing, additional application of the act, so it depends on the complexity of the request.

G. Gentner: Well, that's an interesting response. However, how can you distinguish a difference between a researcher that receives information according to the CRTS documentation at 75 percent efficiency level versus that of a researcher who is with the media? How do you describe…? Why is that?

K. Henderson: There is absolutely no process difference. When ministries receive requests, ministries do not see who the requester is, so there is absolutely no process difference. It will all be about the complexity of the request.

R. Cantelon (Chair): I'm going to take Marc Dalton's question, and then we have a couple of others I'm going to ask you to take notes on. I'd certainly take them later, but I'd like to make sure that we get through the presentation so we can take the questions in context of the presentation.

So Marc, and then we'll carry on, and please make a note of your question.

[1040]

M. Dalton: We had one presenter here, and he said that he does hundreds of requests every year — hundreds of requests. If you're saying, just with the Ministry of Citizens' Services, that it's about $2,200 per request on average, we're looking at half a million dollars just for this one person alone. I find this somewhat disconcerting.

I fully believe in the freedom of information, but I'm wondering if…. You mention that there is absolutely no filtering — there is no "who the person is" — and I'm wondering if this takes away from this service to other people and if you could maybe share. Is this an abuse of the system? What would happen if we had 1,000 people like this?

K. Henderson: As I said, we don't distinguish between requesters coming in.

Interjection.

R. Cantelon (Chair): I know you have a question, but I am going to proceed and take that question later, if we may. I am concerned that we have until noon. We might run out of time, so I rule to agree to move forward. I'll come back to you.

D. Routley (Deputy Chair): I think, as a point of order, we need to respond to that contention and remind the committee.

R. Cantelon (Chair): Well, I advise you to respond later, and please take a note.

Cairine, if you'd move forward.

K. Henderson: I'll just introduce this next section we have on ministry challenges. As I said at the outset, the approach we took in designing government's submission to the committee was in two parts. The first part
[ Page 111 ]
was some background information on the act itself. The second part was on some of the challenges the ministries are facing and what we felt were really practical challenges that the ministries are facing in terms of the legislation.

What we have in our submission are different chapters that are focused on different issues that ministries are facing. We took a great deal of effort to try and focus those from a citizens' perspective as opposed to a bureaucratic perspective of what we see in terms of operations of the system.

The approach we took was to canvass ministries for the challenges and issues that they have. Through Dave Nikolejsin's office we work with ministries on a daily basis in terms of an advisory capacity on the act. So we worked with all of our connections in ministries and with the responsible deputy ministers to canvass those challenges and issues.

What we found as we did that was that key themes emerged, and the key themes are up there on your slides and are in government's submission. The first is better outcomes. We feel that we can leverage information-sharing while protecting privacy to produce better outcomes for citizens.

The second is citizen-centered service and how we can provide services to clients more effectively and efficiently. The third is stronger engagement. How do we respond to citizens' needs and services demands? We feel that improvements can be made to the access to and the responsiveness of services to achieve better outcomes through the integration of programs and better information-sharing.

We want to be able to do all this in a world where the technology has changed significantly since this act was written, and the citizens' demands and expectations for services have changed too. Dave provided some of the data around that.

What we've done in terms of our presentation today is chosen some highlights from government's submission. Government's submission is much more fulsome in terms of the examples we've provided. We've just decided to focus on some key examples for you today.

I'll turn it over to my colleague Cairine MacDonald to talk about some examples from the perspective of the Ministry of Housing and Social Development.

C. MacDonald: As you are aware, Housing and Social Development is responsible for housing programs, homelessness initiatives, income assistance and employment programs, the provincial disability strategy and supports, gaming policy and enforcement, and liquor control and licensing.

What I'm going to focus on in my four slides are some of the outreach initiatives that are undertaken directly and coordinated by the ministry and which connect homeless British Columbians to needed supports. We need to then connect people to affordable housing, income assistance, employment programs and other programs designed to increase life skills, and mental health and addiction services to help them improve their health and move towards independence.

Homelessness has been a high-profile public policy issue. It is an issue right across North America and certainly is an issue in this province as well. It's regularly discussed in the media and educational think tanks and in public forums. So who are we serving?

Irene is 45 years old and has been living on the street for 18 months. She is chronically homeless, has mental health issues and addictions problems, and she is receiving income assistance. Because of the different services she requires and the inability of the different partners on her homelessness intervention project to share information about Irene, she is asked to complete several different consent forms and provide several different sets of information.

[1045]

She has trouble understanding why she needs to sign so many different forms and is frustrated with the process. The goal is for Irene's needs to be assessed by an integrated team and for her to sign one consent form that would be shared with all of the participating partners.

The homelessness intervention project was launched in March of 2009, and in the 18-month project, we have housed and provided services to approximately 2,400 homeless individuals in Victoria, Vancouver, Surrey, Kelowna and Prince George, who have been sporadically or chronically homeless for more than a year and who struggle with mental illness and/or addictions.

Our ministry has the lead role in coordinating provincial and community social housing and support services. Other project partners include the Ministries of Health Services, Public Safety and Solicitor General, Attorney General, Children and Family Development, Citizens' Services, as well as agencies such as the health authorities, Community Living B.C., B.C. Housing, as well as municipalities, contracted service providers and the non-profit sector.

One of the goals of the homelessness intervention project, or HIP, is to identify the chronically homeless and fast-track these individuals to government services and support. Breaking the cycle of homelessness requires an integrated approach to service delivery and information-sharing between project partners. In order for homeless citizens to access a multiplicity of government services and information that they need, it's imperative that government takes a one-government, one–social service approach to information-sharing.

However, HIP is encountering challenges related to the FOIPPA Act, particularly ability for partners, both public body and non–public body, to collect and disclose information among each other. There are limitations
[ Page 112 ]
in the act preventing applied research for program design, development and evaluation processes. Program evaluation is essential to ensuring the delivery of quality programs to citizens.

In the provincial homelessness initiative, a project to assist homeless individuals into supportive housing, a key component was evaluation. It was intended to identify the impact of supportive housing on the well-being of former homeless individuals, including health, crime and poverty measures, as well as to identify best practices to improve outcomes.

The provincial homelessness initiative was an example of a program of evaluation that ran into problems caused by limitations in the act on the collection and disclosure of personal information. The evaluation required personal information held by the Ministries of Health Services, Housing and Social Development, Public Safety and Solicitor General and the regional health authorities.

The housing policy branch within my ministry was prevented from moving forward with the evaluation, as the branch was advised that these project partners did not have authority to share the required information.

In summary, there are two challenges that we encounter in this space. One of these is the sharing of information for research, which is critical for program development and evaluation. So we do enter into sharing agreements, and they are cumbersome. We currently are using a separate lab to collect data. All of the personal identity is stripped off of that data, and we're looking at the outcomes for individuals.

What's important with these 2,400 people in the HIP project is: how long have they been housed? Do they stay housed once we put them into housing? Are they still on income assistance? Have they moved on to employment? Have we seen an increase or a decrease in their visits to the emergency department and their use of health services? Have we seen a decrease in their interaction with police services? Are they housed? Are they employed?

Those are the kinds of things that are important in terms of measuring. We are able to get there, but it is cumbersome and difficult, and the myriad agreements we have to reach with health authorities and with all of the individual parties have delayed the response in terms of getting some of that information and being able to share it.

The second, which I talked about originally, is the sharing of information about individuals, which is critical for appropriate and timely access of services from government and other service providers.

[1050]

Here I've talked about the kinds of people that we are working with in terms of outreach workers, our housing partners, income assistance, health provision — particularly for those with mental health and addictions, which includes this community — the interaction with justice and police, with community service providers and with other agencies, including employment agencies.

When this is done well and it works, we see things like the community court. We see things like our HIP project. We think that this is the future and where we need to be going in terms of sharing information appropriately.

I know there will be questions about the controls on sharing of information, so the intent is not that every person who's working with a client would have knowledge about every aspect of a client. The intent is that you would have information that that client was a client of another party and that you would work together on outcomes as opposed to having to say: "I don't know if they've got any current links into the mental health system. I don't know if they've got any links into B.C. Housing, etc."

That's my presentation.

R. Cantelon (Chair): Questions on this presentation?

D. Routley (Deputy Chair): I'd like to go back a bit.

R. Cantelon (Chair): Okay, before you back to that, may I just make a statement from the Chair. I think that, regardless of how many times a person has asked for information and regardless of the cost to the government, they're entitled to equal service and prompt service, as though it were an individual request. Certainly, I think that's true.

Irrespective of where that request came from, whether it be a political party or an individual, my understanding is that they are treated the same way because it's a blind receipt of that information and should be treated with equality regardless of who made the request. Both individuals are entitled to ask as many times as they want, regardless of the cost to the government, and should be treated that way. Secondly, regardless of who asks it, they should be treated with the same equality. I wouldn't get by those kinds of issues.

D. Routley (Deputy Chair): I think we need to clarify that and go a little bit further in that the legislation, when it was first considered — and all legislation of this type that I've had any experience with — is meant to make democracy function for citizens and that fees should never be an obstacle to access to government, to any citizen or any group.

The original intent, if we read the second reading of the 1992 legislation, was underlined time and time again — that this Freedom of Information Act was meant to be a backstop and to create a culture of openness, and that fees for accessing information, which the Premier himself has referred to as being the possession and property of the people, should never be an obstacle to that access.
[ Page 113 ]

I think the Chair's reminding us of that is important, but also that cost recovery should never be a notion that…. We're not in the business of having cost recovery of democracy. Otherwise, I'd question why we're even here. Until FOI was moved into Shared Services B.C., this was not such a discussion, but I believe it's become more of a discussion since then. That's more of an opinionated statement of my own.

I'd like to examine the issue of cost. The Freedom of Information and Privacy Association of B.C. made a request — the identical request to the Washington State government and the B.C. government. The request came back from Washington in less than 30 days and the bill was $5.30 U.S. The request from the B.C. government came back from the Premier's office in 60 days with a bill of $620.

This was an identically worded information request. There was a $310 requirement for deposit from the B.C. government. When FIPA B.C. held a press conference to relate that information, within two weeks they received a fee waiver.

This is an example of where fees are becoming an obstacle. We heard from several groups who have presented to this committee that they did not pursue matters that I would consider to be of a public interest. One of them was an environmental remediation issue — a contamination issue. It wasn't pursued because of the size of the deposit request. I think we as a committee have to really examine this problem.

[1055]

There's a disparity in the way we as a province are billing people who make requests. When the same request in Washington State comes back at $5.30 and from B.C. at $620, are we really fulfilling the obligations of the principles and the intent of the act? That's a statement, and I don't think it requires a response from the people here.

R. Cantelon (Chair): Well, I will invite them to respond.

D. Routley (Deputy Chair): Absolutely.

R. Cantelon (Chair): There may be differences in legislation that occur.

Kim, would you like to respond and comment? We don't know the specifics, of course, of the nature of the request.

K. Henderson: This question was canvassed in ministry estimates, and we aren't familiar with what the different legislative framework or fees would be in Washington State and how the requests would have been interpreted. There may have been more records available in British Columbia. I just don't know.

R. Cantelon (Chair): We have a list of three. But I think a very important issue has been put forward by Cairine, and that is that we're aware under the act that no consent can be given under this for using information in different ways. The question has been posed to this committee: should we open that door to enable ministries and perhaps public bodies to cooperate in research and service to individuals? So I'd like to remind us of that and come back to that.

J. Kwan: I wonder if the presenters — I guess any one of the presenters — could walk me through. What are the layers of sign-off for the release of FOI documents? In other words, one staff within the ministry prepares the document, and it's ready to go out. Who does it go to for sign-off before it's actually released to the person who is requesting it?

K. Henderson: We can provide the committee with a full work flow document after we leave this morning and submit it so that you can see the entire work flow of the process. The reason why we want to do it that way is that the business processes keep being refined, and we want to make sure that what we give you is the most up to date.

J. Kwan: Sorry, what do you mean that it's being refined? Does it vary from time to time, then?

K. Henderson: No.

J. Kwan: Is there not a standard set of procedures being followed?

K. Henderson: No, there is a standard set of procedures. It's just that we continue to try to improve those procedures to improve our timeliness. We want to make sure we give you the most accurate information as to what the procedures are at this stage of time. All the staff were centralized back in January 2009, and there's been a constant business process review in that group to try and improve our response timelines. So we'll provide you with a work flow document that describes how they're currently managing things.

J. Kwan: I look forward to the flow chart, because I will be very interested in seeing that and understanding that process. Could you quickly tell me: do FOI documents, before they're released, need to get sign-off from the minister's office or from the ministry?

K. Henderson: The head of the agency is responsible for final sign-off, and that's the deputy minister. If a minister's information is involved in the requests, then ministers' offices are involved in sign-off, but it's not routinely done.
[ Page 114 ]

J. Kwan: Is that the same for the Premier's office? Or is there the necessity to get sign-off from the Premier's office related to FOI requests?

K. Henderson: They would be involved if they were part of the subject of the request, and they are also involved in section 12, cabinet confidence, because that is the role of the cabinet secretary — to do that sign-off.

J. Kwan: Is that the deputy to the Premier, or is it the Premier's office? Is it the Premier's chief of staff? Who signs off?

K. Henderson: We'll have to verify for you. It's not the chief of staff. It's the deputy minister of the Premier's office.

[1100]

J. Kwan: Does your office track how long FOI documents that are ready to be released are held by the ministry or in the deputy minister's office before they're released? Do you track that time frame of how long it is held to get that sign-off?

K. Henderson: Yeah. We're improving our tracking mechanisms, and that's part of the business process redesign we've been doing with the staff. We have reduced the overall timeline from 35 days down to 24 days, and 87 percent of requests are now responded to on time. That was 71 percent back before we centralized the staff, so we are seeing an improvement, but we can provide you with some more details around that.

J. Kwan: I'd be interested in receiving — and, I'm sure, the committee as well — the statistics, I guess, related to that sign-off material. Do you break down, then, the sign-off material as to what categories they belong to? For example, is it individual requests — and the length of time in which they get signed off from the ministry's, the deputy minister's office — versus those from the media versus those from the opposition?

K. Henderson: Yes, we can provide you with that data.

J. Kwan: Very good. Thank you.

R. Cantelon (Chair): And as soon as we have those flowcharts available, I think it'd be very useful to see that — sort of a before-and-after. We would like to make that available to all the committee members. It'd be very useful.

You also mentioned earlier, Kim, the percentage of requests involved in privacy issues as opposed to ones that are regular. That proportion would be very useful, too, if you have that available.

K. Henderson: Yes, we can break down individual requests for individual information versus regular requests.

R. Cantelon (Chair): Before I go back to my list, to Dave, we were talking earlier about integrated case management and the fact that of course policy would have to follow the requirements of the statute. You referred to, and there's great interest in, the protocols that would be involved in releasing information under an integrated case management system. I think that's critical to maintaining privacy. I know that both sides of the House here feel that way.

I wonder if you could sort of do a what-if, how that might work theoretically — because we know the system isn't developed yet — how that might function in the real world. I think that would be very useful to see as well.

R. Sultan: Just an observation on the cost of FOI. If we're spending $10 million, obviously that's $10 million we can't spend on hospitals or schools, so the idea that there's sort of unlimited access by anybody, regardless of cost, I think, is a notion that we should discourage. This is a privilege, and there have to be limits, in the context of the overall government resources.

I have a question for, I believe, the Deputy Minister of Housing and Social Development, and it turns towards the privacy issue more than freedom of information. From time to time I have very distressing visits — distressing to me — from people in my office.

A typical case, to generalize, would be of an elderly parent who may have a son, for example, 40-ish, mentally ill, on the street. The parent wants to care for her son but can't really get any information about where he is or whether he's in the health system in some form.

She gets a telephone call from Victoria saying: "I saw your son on the street, walking around without any shoes on. His feet are bloody. He seems to be walking into traffic as if the cars don't exist." Somebody should do something about it, but she feels helpless, because the system won't allow her to get any real information about what her son's situation is.

A parallel situation arrives with parents whose teenaged children take off. I guess at some point they're considered adults, and the parents really are precluded — I presume under privacy legislation — from finding out much about them. There also seems to be a window of time when they might in fact be responsible for those children's acts, but at the same time, they can't find out any information on what the kids are up to.

[1105]

These are two cases where, it seems, privacy practices in this province do seem to work to the detriment of families trying to help their loved ones. Maybe this has been fixed, or maybe it's, in fact, a common situation. Can you comment, please?
[ Page 115 ]

C. MacDonald: You've identified two different cases. In the first case, if the parent comes to us and says, "I have an adult child who is mentally ill, and I'm worried about them," there's nothing that we can do in terms of releasing information to that parent. That is an adult person. They are independent. They can do what they like.

We can, however, release information to the parent if the child signs a release saying that they want the parent to have information. So if your parent contacted us, we would say: "This is what we need from the parent. We need a signed statement from the child saying, 'I want my parent to represent me.'" Where the two are in contact, that often happens, and it happens fairly quickly, and then we treat the parent as an agent of the child. That's the only way that we can provide information.

In terms of the teenager, that's a different situation. I don't have specifics on that. In fact, I think David might have some on the PSSG side. If they were in trouble with the law, a runaway from home, there would certainly be some legal implications. The other place they could go, of course, would be the Ministry of Children and Family Development.

We would have no contact with a runaway teenager unless they were on our caseload. We do have 2,200 people on our caseload who are teenagers under MCFD legislation, but we don't deal with teenagers otherwise.

R. Sultan: As I understand it, then, from your answer, the possible assistance of a parent and the disclosure of information would require consent of the person involved.

C. MacDonald: Yes, it would. The only other thing they could do is they could identify without…. We can't even tell you that a person is our client. If you were to contact us and say, "I think my son is your client," we can't even confirm that. So in that case they could hand in information and say: "If by chance you're dealing with this person, could you get this information to him?" That occasionally happens, but we can't even confirm or accept that that is a client that we're dealing with.

R. Sultan: Well, in a society where I think we, I would hope, encourage family cohesion and community support, not necessarily flowing through government channels, to enhance those instincts, is the situation that you describe, in your opinion, good public policy?

C. MacDonald: It is the public policy under our current privacy regulation. It is what works for the vast majority of our clients who may or may not want to be tracked down by their families. It may not be particularly helpful in the case of someone who has severe mental illness issues and may not be able to solicit or provide consent.

I think that that's where the other mechanisms I've talked about, the ability to share information between ministries, may be a helpful thing to getting the person eventually reconnected with family. But in terms of the privacy of the individual, I think that that is paramount in terms of the individual's right.

R. Sultan: So in British Columbia privacy trumps family. Is that one way of boiling it down?

C. MacDonald: I can't answer that because it's not my policy.

R. Cantelon (Chair): Okay, thank you. I've quite a speakers list here, starting with Douglas Horne, then Eric Foster.

D. Horne: Actually, I'm fine. My question has been answered. In the interest of time, I'll let Eric move on.

E. Foster: I won't try to put you on the spot, as my colleague did.

The original case you talked about with the lady who was on the street with mental health and addiction issues and so on…. You talked about the sharing of information. We all see this in our constituency offices on a regular basis. People come in, and there's a myriad of papers we have to sign for every ministry we have to deal with.

[1110]

Do you have any sort of a matrix or plan on how that might work? I think it's probably the answer as far as serving the people that we're trying to help here, instead of trying to get in their way — to streamline the whole process. Do you have a plan on how it may be laid out? You identified the issue.

C. MacDonald: I think it's situation-specific, so in the HIP project we are working with the communities to determine what the best information would be to share within those groups and to get the appropriate sign-off.

I can give you another example, which would apply to your teenage children. We have an agreement between the Ministry of Children and Family Development, ourselves and several other ministries to deal with people who are becoming adults, turning 19. They may currently be being served by Education and by MCFD, so these would primarily be children in care.

When they turn 19, the issue is: what happens to them? There are those for whom…. They have special needs, so they would typically come onto our caseload. The issue is how we expedite and facilitate that process. We have been doing that with MCFD, and we do have a protocol to do that.

That's the kind of example where you are sharing specific information in a specific time frame. You're
[ Page 116 ]
saying that this individual…. A couple of years out you might be saying: "I probably have this many people who will be coming your direction."

When you get to within a year, you start to work very closely together in terms of the client and the outcomes. What we would like to do is make sure that that person goes into income assistance if that's required, goes into housing if that's required and so on.

That's the kind of arrangement where, specific to that group of individuals, you have a specific protocol. I think that it will always be protocol-specific. So different circumstances will have…. I know that when David presents….

For example, we have protocols to work with prolific offenders. We have protocols where we work with the community courts, and it's a different protocol. So there is a protocol for dealing with these situations. The challenge in all of them is, right now, the approvals and the sign-offs that we have to get to do that.

K. Henderson: If I may add. For all the challenges we're talking about from the ministry perspective, we've included in the full government submission a remedy and a recommendation for you to consider as it relates to the act. I'd encourage you to look at the remedy we've proposed, from a legislative point of view, in our submission.

R. Cantelon (Chair): I've got Doug Routley and then Harry Bloy and then Jenny Kwan. I may have mixed the order up. My apologies if I did.

D. Routley (Deputy Chair): Two areas here. There are frequent comments about the response times to FOIs. "Response" needs to be defined. A response can be simply a refusal. A response can be "no documents found." There seems to be, at least reported to me when I speak to stakeholders — environmental groups, media and other organizations — a huge increase in the "no records available" response. This may be an indication….

When there's an appeal of that, there is an examination of whether or not a search was conducted but not of whether or not the documents actually existed, so that may be a problem. Plus the "no records" response may indicate the move to a more oral culture in government. We heard Ken Dobell, the former deputy to the Premier and a lobbyist, refer to FOI restrictions by saying: "They don't trouble me because I don't write anything down."

Maybe the "no records" response is partly where this increase in response times is coming from. If it is, then I think that's troubling, not reassuring.

Also, the deputy minister has referred to the complexity of requests. It seems that this is a new word being introduced. I'd like to ask: is this basically a new category of judging an FOI request — its complexity? Are we making judgments about how we will respond to FOIs based on complexity — if it's one page or more than one page?

K. Henderson: My comment around complexity was simply to try and gain some level of understanding about why general requests and requests from certain parties can take longer than an individual request.

[1115]

If an individual request comes in and they want to see their file from MCFD, it's obviously quite a simple assignment for us to get that file. If a request comes in that says, "We want to see every record government has on a particular topic," and we need to do a cross-government canvass, that's obviously a much more complex request for us to do. It was just an explanation to suggest that that's sometimes why our response timeline on general requests takes longer than it does on individual requests.

D. Routley (Deputy Chair): Thank you. The policy around sensitivity of requests may be that there's no different treatment, but I think that the practice might be a little bit different.

For example, one of our researchers tells me that all requests that she makes are deemed from a political party, so she began making requests as an individual. They still were deemed as from a political party. That would indicate some kind of vetting that would be judging who's asking and a separate treatment of that request.

Also, if we look back to the former Solicitor General Ministry Deputy Minister Morhart, there was an FOI release that came, unfortunately for Mr. Morhart, with a sticky-pad note that said: "Don't release this information. Use section 13." The note said that it was because it contradicted what government was saying. Those kinds of things….

I know that the public servants, particularly those here today, struggle to serve the public in a political environment, but it's difficult not to see political interference, particularly in that case, where we've got an actual sticky-pad note from a deputy minister that says, "Don't release this information," and it's because it's contradictory to what government has been saying.

While I know the policy is that there is no interference, many of the groups that I speak to are nervous that there is in fact interference and that the centralization of FOI makes that interference easier to accomplish. Is that something that the committee should be worried about, in your opinion?

K. Henderson: It's absolutely not our practice or our procedures to distinguish between requesters.

H. Bloy: When you talk about your ministry, you have to do a lot of research to evaluate the success of dif-
[ Page 117 ]
ferent programs. Without that it becomes anecdotal on whether it's successful or not. So when you have individuals that are taking advantage of income or providing homes, can you not automatically share their information? Could you not do a sign-off — like when they receive it, that they allow their information to be used just for research, okay? It's not going to the public but for research. It's a tool that I think is very important for governments to use.

K. Henderson: No, we cannot. That was an issue that Dave talked about, and it's actually coming up in our presentation. Individuals cannot, right now, give us consent to use their information in that way. We do agree. It would be very important.

H. Bloy: Your remedy, when I read that. Does that cover that?

K. Henderson: Yes.

J. Kwan: On the presentation, the question was asked or the issues were raised around the challenges of what the ministry faces. From there I'd like to ask several questions. One is: is sharing of the information only to facilitate access to services, or would it also be used in whatever set of circumstances to disentitle someone from a current service that they're receiving?

C. MacDonald: The information is to determine that people are getting the services to which they're entitled. If there was a duplication of service, then sharing the information might uncover that there was a duplication.

But the intent is not to be looking for disentitling people. It's to say: "If you don't have housing and we think you need to have housing, then we want to work with you to find housing. If you don't have shelter allowance, we would like you to have shelter allowance so that you can pay for your housing." It's really about making sure people get what they are entitled to.

J. Kwan: Right. It could have the effect, though, somehow or other, even though it might not be the intention, of disentitling someone from a service that they currently receive. It could have that effect.

[1120]

C. MacDonald: If there was a duplicate service.

J. Kwan: Because it cuts both ways.

C. MacDonald: If there was a duplicate service.

J. Kwan: Or in a different set of circumstances.

Okay then, on this question. If it's the case that it is meant to apply to people who are homeless, generally speaking, then we're talking about 2,400 or 2,500 people — within that range. That's coming out of the various counts. Would this application only apply to those who you come in contact with through the homelessness outreach initiative? That is to say, it would not apply to anyone else outside of that process.

C. MacDonald: No, I think that the broader issue we're putting forward — and I know that David will speak to this as well — is that there is a need to share information in a number of different contexts. I've given the example of another context, which was of children turning 19 and needing to access services from government.

J. Kwan: So it's across the board, across the entire population?

C. MacDonald: Yes.

J. Kwan: The data that's being collected — is it going to be…? With individuals' data that's collected, would it remain anonymous?

C. MacDonald: Yes, all of the research information…. When we do research, we strip off the individual identities so that we're able to say that of this cohort of 2,400 people, we have so many that are still housed and after so many months. So we can pull out the individual information and look at it from a research point of view, but we can't look at individuals and say: "This is so-and-so."

J. Kwan: So for the purposes of research, it would be anonymous. But for the purposes of sharing information for the individual to access services or to disentitle a person from services, then it would not be anonymous on that basis. Okay, thanks.

R. Cantelon (Chair): I have two other questions. Guy, and then Doug will have the last question. We have one more presenter to present yet this morning.

G. Gentner: We haven't even delved into the Ministry of Citizens' Services submission here, which was presented to us a couple of days ago. Specifically, I want to talk about section 13, albeit I know it's a policy situation. I'm sure it was canvassed during the estimates, perhaps even yesterday. I don't know. But I'm intrigued by what the ministry is presenting us here.

I quote: "The ruling of the court is in line with government's application of section 13, and government has used this ruling as guidance in its review of documents responsive to an access request."

What's being shared with us on page 9 is the view that the government has no intention of moving to change section 13. We've heard from numerous inter-
[ Page 118 ]
viewers, whether it be journalists or B.C. Freedom of Information and Privacy Association. We know what the original intent of the act was. It was quite a bit different, according to the then Attorney General Colin Gabelmann.

I'm intrigued with the following statement coming from the ministry in its submission here. "The Court of Appeal unexpectedly turned to section 13 and interpreted it more broadly than had the commissioner."

Why would the ministry say that it was unexpected?

D. Nikolejsin: I think the reason we'd say "unexpectedly" is because the substance of the question that was being asked of the court at the time was more narrow and on a different matter. So the question that the court decided…. When the court expanded its comments into specific deliberations on section 13 and they ruled on that, that's why it was unexpected. The question they were addressing at that time on that issue was not the specific question that was being challenged before the court at that time by the Privacy Commissioner's office.

G. Gentner: But it was still by the Ministry of Citizens' Services, which stated that it was unexpected. Therefore, if it was unexpected, why has the ministry not tried to address that decision and make the appropriate changes?

[1125]

D. Nikolejsin: I don't think the comment "unexpected" refers to the content of the decision of the court. The unexpected part is that they chose to rule as extensively as they did on that part of the statute. I wouldn't say the word "unexpectedly" relates at all in any way to the decision of the court. In our eyes, that's the decision of the court, and that is what we abide by, since that decision has been what we have been using as our interpretive mechanism for that part of the act.

G. Gentner: Well, I certainly can't ask for the recommendations of advice of staff to cabinet because I'm prohibited under section 13, so it's quite the quandary. Have there been any recommendations from the Ministry of Citizens' Services to government to deal with section 13 and make the appropriate changes?

D. Nikolejsin: I would say that there has been deliberation simply because the last special committee turned its mind towards that part of the statute. There have been discussions. Beyond that, I'm not really able to comment on the substance of those discussions.

G. Gentner: And I won't be able to FOI you on that advice under section 13 — correct?

D. Nikolejsin: There's nothing stopping anyone from filing any FOI request on anything they like. How that request turns out would be determined based on the request itself.

G. Gentner: There's the rub.

R. Cantelon (Chair): Doug Routley, last question. Then we have one more presenter to go, and we'll proceed after your question, Doug.

D. Routley (Deputy Chair): I wanted to refer back to the increase in "no records" responses and how that affects the overall performance rating of the ministry. In estimates on March 22 I asked the minister a question related to that very issue. His response I'll read directly, as Hansard has recorded it. He said, "…requests from political parties have increased by…250 percent in that same period," which is referencing the period we were talking about. "That's a significant increase, and you can imagine that maybe the reason that you're seeing more without briefing notes is because of the volume that is being requested by…political parties."

The minister is confirming that this oral culture is developing, in my view. The minister is saying that there are more requests coming back as "no records produced" because there are more requests from political parties, so fewer briefing notes are being created. This seems to me to be a real concern.

When it comes to the former Privacy Commissioner, he indicated that the historical record was at risk. If Mr. Dobell's words about "I don't write anything down" are to be taken as being indicative of that kind of a culture, this is a further statement that would support that. Have there been recommendations around a duty to create documents, and would you consider that as a recommendation?

K. Henderson: That is a records management question versus a Freedom of Information and Protection of Privacy Act question, and yes, there is policy around the duty to create records.

R. Cantelon (Chair): Okay, thank you.

I'd now like to ask David Morhart to give us the concluding part of the government presentation.

K. Henderson: Sorry, if I may. We're actually only about halfway through our presentation. David's got a couple of slides, and then I'll take us through the rest.

D. Morhart: I'll be speaking on behalf of three ministries — Attorney General; Public Safety and Solicitor General; and, in part, Children and Family Development — representing the justice family of ministries. The intention really is to give you some examples of the challenges
[ Page 119 ]
that we face, from what's been already talked about this morning, as a citizen experience. I'll come at it from two angles. First is from a victim's angle and, secondly, from the offender's angle.

[1130]

On the first slide that you have up there it talks about domestic violence. This has been a subject of much debate in media in the last number of years. I wanted to give you a real live example of a challenge that we face.

Susan was shot five times after leaving her partner. Before this shooting the woman had gone to police about her partner's other assaults against her and had let them know about his threats and access to weapons.

Police requested and obtained a peace bond from a judge but did not inform the woman that he had already had a criminal record dating back several years for threats and violence committed against a former wife and members of her family. Police cited restrictions contained in the privacy laws that made it difficult for them to release information about past criminal convictions.

If this information had been shared with the victim or the service providers working with her, it would have assisted her in the development of a more effective safety plan. This is just one example of some of the challenges that we face, and I'll go into some specifics here.

One of the big challenges we have is around the collection and disclosure requirements of the current act. As my colleagues have explained, it's very different what we can do around collection — the consent to collection — and what we can do around the disclosure requirements. There are some limited allowances for disclosure without consent, but there are often many new problems that are presented as a result of that.

Our domestic violence strategy that was released recently really highlighted some of the challenges of our ability to work with our various partners on domestic violence in our ability to share information and establish protocols so we can work together to help the victims of these unfortunate circumstances.

These partners include police, health, social and justice partners, and they can go across the non-profit sector as well as various government agencies. Often there are a lot of barriers in place that prohibit us from sharing information with the individuals that need it — that could provide assistance to these individuals. With these barriers in place, we're not able to work in providing services in a timely manner to those that are most vulnerable in our society.

I think the example that I provided earlier about Susan is a good example about where we would like to see a more citizen-centred focus within the legislation to allow police to provide information to a victim services society or provider to be able to go to the individual after the incident and provide assistance. Right now it would be illegal for police to do that.

They can, of course, ask for the consent of the victim right at scene, but you can understand often that at scene you are in a very tense situation. The victim often doesn't want to talk. They want the scene to be over with. They want the individual that's offending them to be removed from the scene. So we have some real challenges in being able to provide services to victims.

What happens, of course, then is we have victims go off to agencies after the fact. They're unaware of services that are available by government, and then we get criticized as government not providing information and services directly to individuals because we weren't aware that they were impacted. So we have a bit of a catch-22 that is very difficult to get around.

This next slide provides a direct quote from the child and youth representative. I won't go into the specifics of this particular case, but it was an example of where information that was held by many agencies wasn't able to be shared for the benefit of the victims that were eventually impacted in this situation.

It's a good example about how we could make some minor changes — and again, we've highlighted some potential resolutions within our submission to the committee — that could really enhance the protection of victims in our society. We're hoping the committee will consider those.

Moving over to the offender side of the equation, we've already talked this morning about our very conscious move from a siloed approach as ministries and agencies towards horizontal integration. We have some examples that we have been using within the justice system but also with our partner systems to look at how we can effectively integrate programs across ministries, across government, across the public sector to manage the needs of offenders much more appropriately.

We have within our corrections branch various integrated rehabilitative programs that we offer to offenders. Our intention there is really to get to the heart of what the offender's problem is. Often they are committing crimes to feed an addiction, or they have a mental health issue that needs to be addressed.

Part of the challenge in the justice system is understanding what the real problem is as opposed to treating symptoms. What we need to do is reach out to agencies and try to get to examples of how we can deal with the underlying problems that offenders face.

[1135]

Cairine referenced earlier some of the current pilots that we have underway. One is the downtown Vancouver community court. Anotherr is the prolific offender management program. These involve a spectrum of agencies that are focused on providing services to offenders, including ministries within government, health agencies — so the health authorities and the various providers —
[ Page 120 ]
non-profit organizations and even federal government agencies.

What's important in these programs is that we provide information collectively so that we can look at a common client and determine what their needs are. We've been working very proactively with the commissioner's office to talk about what kinds of information we can share. Again, this comes down to consent and disclosure. The commissioner's office has been very generous in its advice in saying: "It's okay for you to share information that's relevant to the work that you do, but you cannot gather information that's not relevant to the work that you're doing."

When we have collective teams — the integrated teams that are working with an offender — we have challenges where a probation supervisor is looking at how they control access under bail conditions for somebody that's returning to a community. For instance, an offender, because of assault charges, may not have allowance to interact with family or with small children. What we need to do is make sure that we know where the individual is in the community and what they're doing in the community.

When we have a health representative at the table…. This person may have an underlying health issue that needs to be dealt with. We're not interested, from a probation perspective, what that health issue is, but we do need to know that they are going to be in a clinic that's right across from a school and when they're going to be there and if somebody should be with them. That type of information is really important so that we can fulfil not only the offender's ability to comply with his bail conditions but also the services that we provide as agencies in making sure that he rehabilitates himself without jeopardizing other individuals within the community.

We have been working very hard on establishing broad justice records, and much like the integrated case management system, we're looking at common records within our justice system. The health system is working on these things as well. It's important that we're able to share some of this information so that we are able to look, again, at dealing with an individual — coming back to the citizen focus — in the most effective way. It's important that we're able to do some of those things. Again, we've offered some remedies within our submission to the committee to look at how we can move some of this forward.

In summary, our key challenges within these ministries come back to, similar to Cairine's submission, sharing information about individuals. It's really important that we're able to provide them timely access — in the case of victims, to be able to provide them services right at scene or shortly after so that they know what they're entitled to and we're able to help them move on with their lives — but also with sharing information with other public bodies and agencies so that we are able to provide a more continuous service delivery across the spectrum.

One of the other challenges, of course, that we are faced with within the act — and although I've only highlighted two examples here, we've got a much more comprehensive submission within the broader government submission — is the need to modernize the legislation.

Dave laid out earlier that what was designed in the 1990s is very different than the state of the systems and the records today. One small example that I'll provide in this regard is the definition of a "record" in a court file. It really refers to paper records. Something that we suggest would be much more relevant, both for individuals requesting documents but also for the way information is gathered and stored, is to change that definition simply to say "court record" so that you can recognize that there's both electronic and paper and other types of media that may be used in storing information.

I again refer the committee back to our detailed submission. I think there's a lot of practical things in there that we think would make a big difference in the way that we're providing services directly to citizens.

K. Henderson: I'll turn now to an example from the government submission related to health services. The Ministries of Health and Healthy Living and Sport are stewards of a system, and they play a lead role in setting the strategic direction, planning, service delivery, coordination, monitoring and reporting on the performance of health care. A key role that they have is the budget and policy accountability to the public.

In a population-based, pay-for-performance model, it requires individual levels of data to validate performance targets. Individual data is also critical to plan an appropriate mix of services across the province to meet citizens' needs.

[1140]

I'll touch on one example from the health submission. When the act was passed in 1992, service delivery and health care looked very different than it is today. The Ministry of Health had direct responsibility for the delivery of services and control over the management and delivery of services.

Now we have two different ministries with the role of government oversight to many separate but interrelated health service organizations, like the health authorities. The act sees these organizations as independent public bodies. Each is assumed to be a separate business, and there is a requirement to independently protect information in its custody or control.

The net effect of this is that the administration or delivery arm of Health Services has the ability to choose what data it reports to its oversight and funding body. This goes to the core of the current information stewardship problem in health care. Each of the many public
[ Page 121 ]
bodies in the health system is independent and decides on data that was once available to common clients under a single minister.

Data exchange cannot take place without extensive negotiation, legal analysis, security threat and risk assessments and information-sharing agreements. The Ministry of Health administers 250 data-access agreements each year. One-third of those take six to eight months to negotiate.

I'm going to give you one example that's provided in more detail in the submission, which is the divisions of family practice initiative. The province wanted to analyze the flow of patients through different parts of the sector and how many of those patients are touching emergency care versus family care. It took nine months to negotiate with the health authorities the legal and policy processes within the act. It took two days to collect the data once that agreement was in place.

In summary, the Ministries of Health and Healthy Living and Sport encounter one main issue: the sharing of information amongst health care sector partners, which is critical for meeting our health care stewardship role.

I'll turn now to the Ministry of Citizens' Services. The role of the Ministry of Citizens' Services is to provide front-line services to citizens on behalf of other ministries through our Service B.C. offices. We also provide much of the enabling infrastructure in services that government needs for its core business operations.

We also have a strategic role to modernize the internal operations of government and ensure we have an engaged workforce that is able to meet the demands of the future. In that strategic role, a key priority is moving to on-line services in response to demands for citizens.

We touch on a number of challenges in our submission. I'm going to highlight a few of them here for you. Dave touched on this in his background, which is the absence of collection based on consent and implied consent in the act. Today most high-value government services require an in-person visit.

Currently citizens cannot provide government ministries with permission to collect their personal information as there is no specific authority within the act. Unlike the private sector personal privacy legislation, the FOIPPA act does not provide the ability to collect personal information on the basis of consent by an individual. As an example, a citizen cannot provide an organization, such as Service B.C., consent to collect information on behalf of government agencies.

We provide a client example of this in our submission. If an individual comes to us at a Service B.C. office because their spouse is deceased, they are not allowed to provide us with consent to share that information with other government agencies so that we can facilitate everything that they need to do due to the fact that their spouse is deceased.

I have here just a few illustrative examples of how citizens are now used to accessing services and how government's hands are tied because we can't provide services in the same way. These will be examples that are familiar to many of you.

Many of us now do all of our banking on line, and all of these different systems that are available allow a consent mechanism. I can decide, if I'm on my Royal Bank site, to consent Royal Bank to share information with different divisions within Royal Bank. Right now we cannot do that within an individual ministry or across program areas. As we've all touched on, government operates on a very horizontal basis right now, and the act does not permit us to do this.

The federal government has moved in this direction. We have an example here from the Canada Revenue Agency, where individuals can consent to have their information collected. And eBay — another example for you.

This is just a highlight of the BCeID program. We are trying to move in this direction, but because of constraints in the act, we can't go as far as what all of us are used to in our own private lives and how we can consent for information to be used.

If you go on the BCeID site, there is not much behind what we can offer on this site. As the site explains, you actually have to go in person to validate your identity. None of that can be done on line in the B.C. government, and we do feel we're falling well behind citizens' expectations on how they can receive services.

[1145]

Another ministry challenge that we highlight is the use of social media. To engage citizens, governments must keep pace with an evolving world. This means providing citizens the ability to communicate with government and for government to share information in the most effective way possible.

The way the Internet works dramatically changed the way citizens expect to come to a government site or to be able to find government services through Google, and that has outreach implications.

The FOIPPA act creates barriers where there's no reasonable expectation of privacy on the part of participants using social media tools, because we place geographic restrictions on web-based tools. The act does not provide for disclosure outside of Canada when an individual voluntarily posts to a public domain.

On sites hosted outside of Canada, when government creates a presence and citizens post a comment or use an identifier like their e-mail address, it's defined as personal information in the act, and that counts as government disclosing personal information outside of Canada. This is an area where citizens don't have any expectation of privacy. Government is so constrained to respond to information that's posted on a social networking site that we can't even respond to incorrect information.
[ Page 122 ]

Social media is an incredibly important tool that government needs to respond to. British Columbia is falling well behind other jurisdictions in Canada and, certainly, around the world because of the constraints we have in this act. The Vancouver Sun has reported that four in five on-line individuals in Canada use social media tools, and right now we are constrained from being able to engage with citizens using social media tools.

It's also noted in the MCFD chapter that social workers and youth probation officers want to be able to engage with youth on their own terms. It is difficult to access these youth through traditional methods of communication. Right now any communication via a social media site involves a disclosure to a third-party service provider outside of Canada, and so we can't do it.

If we want to get in touch…. If a youth probation officer wants to try and reach out to a youth through Twitter or a Facebook site, we're not able to do that because of the constraints in the act.

In summary, there are two main issues that we see in the Ministry of Citizens' Services, and these are definitely cross-government issues. The first is the inability for citizens to consent to the collection of their own personal information. The second is the limits on the use of technology to be able to provide a different level of service to citizens and better engage citizens in service delivery.

I'll summarize now the government's submission. The nature of the way government works has changed significantly since the act was written. Government ministries and agencies are encountering common challenges to implement innovative ways of providing more effective services, integrated services, to citizens. In some cases less efficient and effective services are in place because of limitations in this act.

We believe that there can be a balanced approach to information and privacy sharing. This is not a zero-sum game. Information-sharing does not mean that we no longer protect individuals' privacy. It is possible to maintain and enhance the overall protection of personal privacy while promoting greater information-sharing and resulting in an overall benefit to citizens, in what we believe is in citizens' interest — and what they're asking us for in terms of different ways of delivering services.

We have a summary in the next few slides of the common recommendations that we have in government submissions. This is provided in great detail in the government submission. We have a theme on consent, collection and disclosure. I won't read out the slides here, but we refer you to government's submission so that you can see some of the themes that we've touched on today in our submissions.

We want to be able to allow an individual to consent to collection, use and disclosure, and we want to allow indirect collection of information where they're involved in an integrated program or where we see a benefit to a citizen.

For common or integrated programs or activities, we want recognition of the range of programs and activities. We want recognition of the fact that government works in a horizontal way to try and deliver best services to citizens and sharing amongst parties, public bodies and non-public bodies.

On the storage of personal information outside of Canada. When these provisions were made, social media had not yet developed, so the act needs to take into account these IT developments that make jurisdictional boundaries artificial but promote citizen engagement and take advantage of commercial opportunities, including cloud computing.

Under research and evaluation, we'd like to see a broader approach to research, including applied research for program planning and evaluation.

We believe that the amendments we've recommended to address these issues can facilitate new approaches to providing enhanced services to citizens and allow government to leverage opportunities presented by advances in IT to make our services more efficient, effective and accessible, to meet citizens' needs and expectations.

[1150]

We believe that our recommendations are designed to update the act and recognize the rapid advances in technology and data management. The major thrust of our recommendations has been around breaking down barriers across ministries in the interest of sharing information to deal with increasingly complex health and social issues.

R. Cantelon (Chair): Thank you very much, and thank you all for a very comprehensive and very useful presentation to all of us. You've given us something to think about, particularly in comparing PIPA to FOIPPA, where PIPA of course has the ability to provide consent and allow private companies to use information for various purposes.

But of course, there is no provision to give consent in FOIPPA, so this information under current statutes can't be shared among ministries, among services or among private enterprise, public or not-for-profit bodies that may perhaps improve service to clients — although there are, I know, considerations of privacy that must override and be of overarching concern.

We have a few minutes left still for questions.

E. Foster: The Deputy Chair referred on several occasions to the intent of this legislation on several different topics. I would suggest that the intent of the authors of this legislation was not to get people shot. We've talked a whole bunch about freedom of information, and we've talked very little about the privacy aspect of the thing over the last couple of months when we've been meeting on this. I really think we need to push this forward.
[ Page 123 ]

You talked about how, if the information had been shared with the lady, she might have been able to develop a better plan so that she didn't get shot. I travelled with the RCMP for eight years as an auxiliary, and I saw this on a weekly basis.

I hope that you've got really strong recommendations on this because it's something that we need to deal with. There was never an intent for this to happen. It's gone way too far. The rights of an individual only go as far as they don't infringe on other people's rights and their health and well-being. I really support that, and I hope that you've got strong recommendations. I'll certainly be supporting them at this stage.

R. Cantelon (Chair): Any other questions? I think we've certainly been challenged here to open the door to consent for information, to make better services available, cross-ministerial. Of course, that presents us, the board, with a challenge about protecting privacy and to make sure that protocols are in place that, should we do that, this can't be misused, as was pointed out by other members of the panel. I think that's a very interesting challenge.

Any other questions on that issue?

H. Bloy: I move adjournment.

R. Cantelon (Chair): I'll take one question, and then we are at the time.

D. Routley (Deputy Chair): The two B.C. Court of Appeal cases that were referenced for the expansion of section 13 were both rejected in other provinces' courts. This province's court expanded section 13. The last review committee recommended a narrowing and a redefinition of section 13.

The government has not yet acted on that. The previous submissions to cabinet from the previous FIPPA review committee are even considered exempted under section 13.

How can there be any confidence that there can be an increase in the transparency of government? We've seen a recommendation to narrow the scope of section 13. Will the ministry recommend that the government follow through and narrow the scope of section 13?

K. Henderson: Our role right now from a policy perspective is to follow the ruling of the court. But I do think that that's a good discussion for the committee to have.

R. Cantelon (Chair): We intend to do that. Without limiting that ability, of course, next week we will be talking to the freedom-of-information officer. Those are questions that specifically relate to how he administers the act and how he would recommend changes in that and other areas with respect to the act.

Noting the hour, we have a move to adjourn.

J. Kwan: I just wanted to put this in for consideration. We're going to be receiving some information from the presenters. Upon receipt of that information, it may well be that there would be further questions as well.

Good questions have been put on the table for our consideration, which may also generate future questions. I just wanted to put the request to the Chair that it may well be appropriate for the committee to invite the presenters back to have this ongoing dialogue.

[1155]

R. Cantelon (Chair): Thank you for that, because I meant to say that. Thank you for reminding me to do that. Yes, we can and may well invite the presenters back for further questions. We also invite any individual committee members, through the committee Chair, to direct questions to the presenters today, and of course any information that we get back would be made available to all committee members.

We are more or less on schedule, so we certainly would be able to…. If there's a will among the committee to bring them back, we would be happy to do that because we did appreciate…. I did have to march you through it fairly swiftly today, and I appreciate the indulgence of all committee members.

With that, noting the hour — the move to adjournment?

Motion approved.

The committee adjourned at 11:56 a.m.

[ Return to: Review FOI and Protection of Privacy Act Committee Home Page ]

Hansard Services publishes transcripts both in print and on the Internet.
Chamber debates are broadcast on television and webcast on the Internet.
Question Period podcasts are available on the Internet.

Copyright © 2010: British Columbia Hansard Services, Victoria, British Columbia, Canada