Today we released our 2015 Annual Report – Focus Ontario: A Year of Outreach, Engagement and Collaboration. The report contains a comprehensive review of the year in access and privacy issues, and detailed statistics about freedom of information requests, compliance rates, appeals and privacy complaints.
In the report, Commissioner Brian Beamish has made four significant recommendations to modernize access and privacy legislation. He is asking the government to conduct a comprehensive review of the province’s access and privacy laws to ensure Ontarians’ rights are better protected. A public review and update of the acts will ensure greater transparency and accountability of government institutions, meet the growing expectations of the public and ensure that Ontarians benefit from the same access and privacy rights as other Canadians.
It has been almost thirty years since the Freedom of Information and Protection of Privacy Act (FIPPA) and the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) became law. Since that time, public expectations, technologies and the ways in which government does business have changed. In other provinces, access and privacy laws have been strengthened to meet the challenges of modern society.
To keep pace with these changes, the Commissioner’s recommendations are:
Expand Coverage: Decisions about which organizations are covered by the two acts have been made sporadically and case-by-case, resulting in inconsistent levels of accountability and transparency. Unless there are unique and compelling reasons not to, an organization should be subject to these laws if:
• it receives a significant amount of its operating funds from the government,
• it delivers a program designed to support government objectives, or
• the government plays a significant role in its policy development and operational direction.
Enact Privacy Complaint Order-Making Power: The IPC has order-making power in relation to access requests, but this power is not extended to privacy complaints. Amending the law would enable the IPC to better protect the privacy rights of Ontarians by issuing binding orders to institutions that violate them.
Mandatory Proactive Disclosure of Identified Categories of Records: The legislation should be amended so that specific categories of information are identified for proactive disclosure, including, for example, procurement records. The public has a right to be informed about government procurement processes, including how contracts are awarded, what has been contracted for, how the successful bidders were chosen, what the costs of the contract are and who is responsible for decision-making. Disclosure of these records will bring increased transparency to public spending.
Address Changing Technologies: A comprehensive review is needed to address:
- the need for collaborative service delivery models and data sharing to support research and analysis,
- public expectations about access to information and services online, and
- the need to ensure that new technologies are used in a transparent and accountable manner, and do not negatively impact access and privacy rights.
Ontario was one of the first provinces in Canada to create access and privacy legislation. Now, FIPPA and MFIPPA lag behind the standards established in other Canadian jurisdictions. It is time to ensure that the access and privacy rights of Ontarians align with the rights of other Canadians.