On this page
- I - Introduction
- II - The Canadian Air Transport Security Authority – Mandate
- III - Delegation of Signing Authority
- IV - Statistical Report Interpretation
- V - Training and Awareness
- VI - Policies, Guidelines, Procedures and Initiatives
- VII - Response to Key Issues Raised
- VIII - Monitoring Compliance
- IX - Material Privacy Breaches
- X - Privacy Impact Assessments
- XI - Public Interest Disclosures
- Annex A: Delegation Order – Privacy Act
- Annex B: Statistical Report on the Administration of the Privacy Act
- Annex C: Supplemental Statistical Report on Access to Information Act and the Privacy Act
I - Introduction
The purpose of the Privacy Act, (“the Act”), is to strengthen Canada’s laws that protect the privacy of individuals with respect to personal information about themselves held by a government institution and that provide individuals with a right of access to that information.
This Annual Report on the Canadian Air Transport Security Authority’s (CATSA) administration of the Act has been prepared in accordance with section 72(1) of the Act and is hereby submitted for tabling in Parliament under Section 72(2) of the Act.
This is the 19th Annual Report. Previous such reports are available under the “Reports and Summaries” heading of the “Privacy” page on the website.
II - The Canadian Air Transport Security Authority – Mandate
Established as an agent Crown Corporation on April 1, 2002, CATSA‘s mandate is to protect the public by securing critical elements of the air transportation system as assigned by the Government of Canada.
Fully funded by parliamentary appropriations, CATSA is accountable to Parliament through the Minister of Transport. CATSA is governed by a Board of Directors. Operations are directed by a senior management team. CATSA currently contracts security screening to third-party contractors.
CATSA delivers on its mandate of securing Canada’s air transportation system by conducting the following activities across 89 of Canada’s designated airports:
- Pre-Board Screening (PBS) - The screening of passengers and their belongings prior to their entry into the secure area of an air terminal building;
- Hold Baggage Screening (HBS) - The screening of passengers checked (or hold) baggage to prevent the boarding of prohibited items;
- Non-Passenger Screening (NPS) - The random screening of non-passengers accessing restricted areas; and
- Restricted Area Identity Card (RAIC) - The program that uses iris and fingerprint biometric identifiers to allow non-passenger access to the restricted areas of airports.
Under an agreement concluded with Transport Canada in 2010, CATSA has the authorization to conduct screening of cargo at smaller airports if there is capacity to do so. Each of these activities is carried out effectively, efficiently, consistently, and in the public interest, as required by the CATSA Act.
Implementation of the Privacy Act at CATSA
The Manager, Privacy and ATIP, who is also the organization’s Access to Information and Privacy (ATIP) Coordinator, is responsible for processing requests received under the Act, as well as privacy policy and compliance. A Senior ATIP Advisor supports the ATIP Coordinator in processing requests under the Act, and a Privacy Advisor supports the privacy policy and compliance function. In addition, a Disclosure Advisor supports the disclosure Disclosure Advisor provided support for disclosures of personal information under Paragraph 8 of the Act.
The ATIP Coordinator reports directly to the Director, Corporate Services and Assistant General Counsel. The Vice-President, Corporate Services and Corporate Secretary serves as CATSA’s Chief Privacy Officer (CPO). The Vice-President reports directly to the President and Chief Executive Officer.
CATSA’s Privacy Office responsibilities regarding the Act are as follows:
- receive and process all requests in accordance with the Act;
- assist requesters in formulating their requests when required;
- gather all pertinent records and ensure that the search for information is rigorous and complete; receive and process all disclosure requests in accordance with the Act;
- conduct the initial record review and provide recommendations to the program areas;
- conduct all internal and external consultations;
- consolidate recommendations and apply all discretionary and mandatory exemptions under the Act;
- assist the Office of the Privacy Commissioner (OPC) in all privacy-related matters including complaints against CATSA;
- prepare annual reports on the administration of the Act;
- coordinate the annual Info Source update;
- work with representatives throughout the organization, complete Privacy Impact Assessments for any new or substantially modified activity, program or system that collects or uses personal information;
- provide ongoing advice and guidance to senior management and staff on matters related to privacy;
- promote privacy of personal information awareness and training sessions to ensure that all staff are aware of the obligations imposed by legislation;
- respond to consultations received from external organizations;
- develop and maintain privacy policies and guidelines;
- stay current on, and promulgate within CATSA, any changes to administrative requirements for the Act from the Treasury Board of Canada Secretariat, or guidance prepared by the Office of the Privacy Commissioner; and
- participate in ATIP community activities and ATIP community meetings.
During 2021-2022, CATSA regularly engaged the OPC to discuss initiatives potentially impacting privacy.
III - Delegation of Signing Authority
In accordance with section 73(1) of the Act, a delegation order, signed by CATSA’s President and Chief Executive Officer (CEO), designates the person holding the position of ATIP Coordinator to exercise and perform the privacy duties on behalf of the organization. The delegation order was issued on August 19, 2022.
The signed and dated delegation order is attached to this report as Annex A.
IV - Statistical Report Interpretation
Privacy Act Requests Received and Completed
In the current fiscal year of 2021-2022, CATSA received nine Privacy Act requests, which is the same amount of requests processed in the previous fiscal year.
One file was carried over from the previous fiscal year. Of the nine Privacy Act requests completed during 2021-2022, CATSA processed 530 pages, an average of 59 pages per request. The number of pages processed increased by 453 pages, a significant increase from the previous fiscal year. One file from the previous year was carried over to fiscal year 2022-2023.
Multi-Year Trend
Over the past number of fiscal years, the number of Privacy Act requests submitted to CATSA has fluctuated. Some CATSA Privacy Act requests are from members of the travelling public who wish to know if CATSA has any of their personal information on file.
Completion Time
Of the nine Privacy Act requests completed during the 2021-2022 fiscal year, CATSA was successful in responding to 88% of them within the statutory time frame. This result demonstrates CATSA’s commitment to ensuring that all efforts are made to complete its requests in a timely manner and in compliance with the Privacy Act.
Disposition of Completed Requests
Of the nine completed requests:
- Seven files (100%) were released without redaction; and
- For two files, no records were provided.
- For the requests that contained a disclosure, three files were delivered electronically and four files in video format.
Exemptions Invoked
No exemptions where invoked.
Extensions
For the nine requests completed in 2021-2022, one extension of 30 days was taken due to the potential for serious interference with the operations of the Organization.
Consultations
During this reporting period, CATSA received one consultation of 83 pages from another government department. No consultations were pending at the end of the previous reporting period.
The full Statistical Report on the Administration of the Act is attached as Annex B.
V - Training and Awareness
The Privacy Advisor and ATIP Coordinator both hold the designation of Certified Information Privacy Professional - Canada (CIPP/C), and keep current through professional development opportunities such as attendance at conferences and peer communication in order to provide the most up to date privacy training.
CATSA continues to provide staff with privacy training, most recently in accordance with its Privacy Training and Awareness Plan adopted in June of 2020. The training plan outlines specific privacy training and awareness activities accessible to various groups, including specific and relevant guidance on how CATSA employees should incorporate privacy considerations into their day-today job functions, especially for those with elevated access to personal information. In 2021-2022, as per the training plan, all new CATSA employees are required to complete the privacy e-learning module as part of the mandatory training requirement within 90 days of start of employment and on a triennial basis thereafter.
CATSA also offers additional privacy training during in-person orientation sessions for new employees. In 2021-2022, 27 employees received this orientation training.
VI - Policies, Guidelines, Procedures and Initiatives
In October 2019, a final Internal Audit report on CATSA’s Privacy Management Accountability Framework (PMAF) was issued. The overall conclusion was that CATSA recognizes the importance of privacy within its operations and the PMAF supports its overall Privacy Program. It also found that key foundational components of CATSA’s overall Privacy Program are established, including well-defined and communicated accountabilities, roles, and responsibilities, the development and implementation of privacy-related policies and practices and the continuation of established privacy risk mitigation measures (i.e. Privacy Impact Assessments (PIAs) and breach reporting).
As a recommendation from this Internal Audit, a Privacy Risk Register was adopted in June 2021. The register is designed as a privacy management tool that permits the recording and tracking of current privacy risks across the organization.
A new Personal Information Inventory (PII) was also adopted in October 2021 as a result of the Internal Audit. The two-phased project first identified, reviewed and analyzed the types of personal information under CATSA’s control across the organization. The second part of the project consolidated that information into an inventory to assist in the Privacy Office’s oversight of personal information holdings. It further allows the alignment of the information found in the Personal Information Banks (PIBs) as outlined in InfoSource, and will be a valuable resource for future projects and programs undertaken by CATSA.
The Privacy Office will continue to assess and update the activities used in CATSA’s PMAF.
VII - Response to Key Issues Raised
During the reporting period, one new complaint has been received under the Act.
VIII - Monitoring Compliance
As a result of the aforementioned Internal Audit, a Privacy Monitoring Plan was developed to mitigate monitoring and reporting compliance risk, and to enhance the foundational components of the CATSA’s Privacy Program. This serves to strengthen compliance monitoring practices beyond the Privacy Impact Assessment (PIA) and breach management processes, and provides an effective way to evaluate the status and maturity of CATSA’s Privacy Program.
The Privacy Monitoring Plan was approved by senior management in September, 2021. Reports on the CATSA’s Privacy Program are submitted to senior management semi-annually.
IX - Material Privacy Breaches
No material privacy breaches occurred during the reporting period.
X - Privacy Impact Assessments
Privacy Impact Assessments (PIAs) provide a framework to ensure that the protection of personal information is considered throughout the design or re-design of a program or service. PIAs identify the extent to which proposals comply with all appropriate statutes and legislation. They assist managers and decision-makers to avoid or mitigate privacy risks and promote only fully informed policy, program and system design choices.
During this fiscal year, the Privacy Office completed a PIA for the FaceStation Access Control System.
Completed PIA summaries are made available on the “Reports and Summaries” section of the “Privacy” page on the CATSA Web site
XI - Public Interest Disclosures
No disclosures were made under paragraph 8(2)(m) of the Act during the reporting period.
COVID-19 Operational impact
In fiscal year 2021-2022, CATSA’s ability to respond to Privacy Act requests within the timelines mandated by the Access to Information Act continued to be affected by COVID-19. During this period, CATSA experienced limitations in processing Privacy Act requests, due to pandemic restrictions from attending at CATSA premises. This was due to the inability to access paper records, which were only retrievable in the physical form and required attendance at the CATSA offices.
Collaboration
CATSA is a strong advocate of collaboration, both internally within the organization as well as within the Privacy Community.
CATSA – The Privacy Office regularly engages with various internal groups to provide advice, ideas and best practices. One example of this collaboration is how Privacy engages representatives from across the organization upon receipt of particularly complex requests. This is implemented as needed to reduce the impact on CATSA’s daily operations.
Privacy Community – The Privacy Office also has regular consultations with other Crown Corporation privacy offices as well as with the Treasury Board Secretariat through quarterly ATIP community meetings. These discussions encourage the sharing of valuable knowledge and experience.
ANNEXES
Annex A: Delegation Order
Annex B: Statistical Report on the Administration of the Privacy Act
Annex A: Delegation Order – Privacy Act
Privacy Act
Delegation of Authority
I, Mike Saunders, President and CEO of CATSA, pursuant to subsection 73(1) of the Privacy Act, designate the persons holding the positions set out in the attached Schedule ‘A’, or persons acting in those positions, to exercise the powers and perform the duties and functions that have been given to me as head of a government institution under the sections of the Privacy Act, as set out in the Schedule.
Mike Saunders
President and Chief Executive Officer
Canadian Air Transport Security Authority
Signed in Ottawa, Ontario, Canada this 19 day of August 2022
Schedule A
Section | Description | ATIP Coordinator |
Vice-President, Operations | Senior Director, Operations | General Manager, Program Delivery | Manager, Security Operations Centre | Director HR | Senior ATIP Advisor |
---|---|---|---|---|---|---|---|---|
For requests related to passenger and non-passenger records | For requests related to employee records | |||||||
8(2) (b) |
For any purpose in accordance with any Act of Parliament or any regulation made thereunder that authorizes its disclosure | Yes | Yes | Yes | Yes | Yes | Yes | No |
8(2) (c) |
For the purpose of complying with a subpoena or warrant issued or order made by a court, person or body with jurisdiction to compel the production of information or for the purpose of complying with rules of court relating to the production of information | Yes | Yes | Yes | Yes | Yes | Yes | No |
8(2) (d) |
To the Attorney General of Canada for use in legal proceedings involving the Crown in right of Canada or the Government of Canada | Yes | No | No | No | No | Yes | No |
8(2) (e) |
To an investigative body specified in the regulations, on the written request of the body, for the purpose of enforcing any law of Canada or a province or carrying out a lawful investigation, if the request specifies the purpose and describes the information to be disclosed | Yes | Yes | Yes | Yes | Yes | Yes | No |
8(2) (f) |
Under an agreement or arrangement between the Government of Canada or an institution thereof and the government of a province, the council of the Westbank First Nation, the council of a participating First Nation — as defined in subsection 2(1) of the First Nations Jurisdiction over Education in British Columbia Act —, the government of a foreign state, an international organization of states or an international organization established by the governments of states, or any institution of any such government or organization, for the purpose of administering or enforcing any law or carrying out a lawful Investigation | Yes | Yes | Yes | Yes | Yes | Yes | No |
8(2) (g) |
To a member of Parliament for the purpose of assisting the individual to whom the information relates in resolving a problem | Yes | No | No | No | No | Yes | No |
8(2) (h) |
To officers or employees of the institution for internal audit purposes, or to the office of the Comptroller General or any other person or body specified in the regulations for audit purposes | Yes | No | No | No | No | No | No |
8(2) (i) |
To the Library and Archives of Canada for archival purposes | Yes | No | No | No | No | No | No |
8(2) (j) |
To any person or body for research or statistical purpose when satisfied that the purpose for which the information is disclosed meets the conditions referred to in that paragraph | Yes | No | No | No | No | No | No |
8(2) (k) |
To any aboriginal government, association of aboriginal people, Indian band, government institution or part thereof, or to any person acting on behalf of such government, association, band, institution or part thereof, for the purpose of researching or validating the claims, disputes or grievances of any of the aboriginal peoples of Canada | Yes | No | No | No | No | No | No |
8(2) (l) |
To any government institution for the purpose of locating an individual in order to collect a debt owing to Her Majesty in right of Canada by that individual or make a payment owing to that individual by Her Majesty in right of Canada | Yes | No | No | No | No | Yes | No |
8(2) (m) (i) |
For any purpose where, in the opinion of the head of the institution the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure | Yes | Yes | Yes | No | No | No | No |
8(2) (m) (ii) |
For any purpose where, in the opinion of the head of the institution, disclosure would clearly benefit the individual to whom the information relates | Yes | Yes | Yes | No | No | No | No |
8(4) | To keep copies of requests made under 8(2)(e), keep records of information disclosed pursuant to such requests and to make those copies and records available to Privacy Commissioner | Yes | No | No | No | Yes | No | No |
8(5) | To notify the Privacy Commissioner in writing of disclosure under paragraph 8(2)(m) | Yes | No | No | No | No | No | No |
9(1) | To retain a record of use of personal information | Yes | No | No | No | Yes | No | Yes |
9(4) | To notify the Privacy Commissioner of consistent use of personal information and update index accordingly | Yes | No | No | No | No | No | No |
10 | To include personal information in personal information banks | Yes | No | No | No | No | No | No |
4( a) (b) |
To give notice to applicant that access will be given and to give access to requester | Yes | No | No | No | No | No | Yes |
15 | To extend time limit and give notice | Yes | No | No | No | No | No | Yes |
18(2) | To refuse to disclose any personal information requested under that subsection | Yes | No | No | No | No | No | Yes |
19 - 28 | To refuse to disclose any personal information requested under that subsection | Yes | No | No | No | No | No | Yes |
33(2) | To make representations to the Privacy Commissioner | Yes | No | No | No | No | No | No |
35(1) (b) | To receive the report of findings of the investigation and give notice of action taken or proposed to be taken or reasons why no action has been or is proposed to be taken | Yes | No | No | No | No | No | No |
35(4) | To provide access to personal information | Yes | No | No | No | No | No | No |
37(3) | To receive the report of findings after investigation in respect of personal information | Yes | No | No | No | No | No | No |
69 | To refuse to disclose a record referred to in that section | Yes | No | No | No | No | No | Yes |
70 | To refuse to disclose a record referred to in that section | Yes | No | No | No | No | No | Yes |
72(1) | To prepare annual report for submission to Parliament | Yes | No | No | No | No | No | Yes |
77 | To carry out responsibilities conferred on the Head of the institution by regulations made under section 77 which are not included above | Yes | No | No | No | No | No | No |
The ATIP Coordinator, the Vice-President, Corporate Services, General Counsel, Corporate Secretary (CPO), the Senior Vice-President, Operations, the Senior Director, Program Delivery, the General Manager, Program Delivery, the General Manager, Corporate Security and the Director, HR are authorized to designate in writing a member of their staff to act on their behalf in case of absence or unavailability.
Annex B: Statistical Report on the Administration of the Privacy Act
Name of institution: Canadian Air Transport Security Authorithy
Reporting period: 4/1/2021 to 3/31/2022
Section 1: Requests Under the Privacy Act
1.1 Number of requests received
Description | Number of Requests | |
---|---|---|
Received during reporting period | 9 | |
Outstanding from previous reporting periods | 1 | |
|
1 | |
|
0 | |
Total | 10 | |
Closed during reporting period | 9 | |
Carried over to next reporting period | 1 | |
|
0 | |
|
1 |
1.2 Channels of requests
Source | Number of Requests |
---|---|
Online | 0 |
8 | |
1 | |
In person | 0 |
Phone | 0 |
Fax | 0 |
Total | 9 |
Section 2: Informal requests
2.1 Number of informal requests
Description | Number of Requests | |
---|---|---|
Received during reporting period | 0 | |
Outstanding from previous reporting periods | 0 | |
|
0 | |
|
0 | |
Total | 0 | |
Closed during reporting period | 0 | |
Carried over to next reporting period | 0 | |
|
0 | |
|
0 |
2.2 Channels of informal requests
Source | Number of Requests |
---|---|
Online | 0 |
0 | |
0 | |
In person | 0 |
Phone | 0 |
Fax | 0 |
Total | 0 |
2.3 Completion time of informal requests
1 to 15 Days |
16 to 30 Days |
31 to 60 Days |
61 to 120 Days |
121 to 180 Days |
181 to 365 Days |
More Than 365 Days |
Total |
---|---|---|---|---|---|---|---|
0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
2.4 Pages released informally
Less Than 100 Pages Released |
100-500 Pages Released |
501-1000 Pages R eleased |
1001-5000 Pages Released |
More Than 5000 Pages Released |
|||||
---|---|---|---|---|---|---|---|---|---|
Number of Requests | Pages Released | Number of Requests | Pages Released | Number of Requests | Pages Released | Number of Requests | Pages Released | Number of Requests | Pages Released |
0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Section 3: Requests Closed During the Reporting Period
3.1 Disposition and completion time
Disposition of Requests |
1 to 15 Days |
16 to 30 Days |
31 to 60 Days |
61 to 120 Days |
121 to 180 Days |
181 to 365 Days |
More Than 365 Days |
Total |
---|---|---|---|---|---|---|---|---|
All disclosed | 0 | 6 | 1 | 0 | 0 | 0 | 0 | 7 |
Disclosed in part | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 |
All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
No records exist | 2 | 0 | 0 | 0 | 0 | 0 | 0 | 2 |
Request abandoned | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 2 | 6 | 1 | 0 | 0 | 0 | 0 | 9 |
3.2 Exemptions
Section | Number of Requests |
Section | Number of Requests |
Section | Number of Requests |
---|---|---|---|---|---|
18(2) | 0 | 22(1)(a)(i) | 0 | 23(a) | 0 |
19(1)(a) | 0 | 22(1)(a)(ii) | 0 | 23(b) | 0 |
19(1)(b) | 0 | 22(1)(a)(iii) | 0 | 24(a) | 0 |
19(1)(c) | 0 | 22(1)(b) | 0 | 24(b) | 0 |
19(1)(d) | 0 | 22(1)(c) | 0 | 25 | 0 |
19(1)(e) | 0 | 22(2) | 0 | 26 | 0 |
19(1)(f) | 0 | 22.1 | 0 | 27 | 0 |
20 | 0 | 22.2 | 0 | 27.1 | 0 |
21 | 0 | 22.3 | 0 | 28 | 0 |
22.4 | 0 |
3.3 Exclusions
Section | Number of Requests |
Section | Number of Requests |
Section | Number of Requests |
---|---|---|---|---|---|
69(1)(a) | 0 | 70(1) | 0 | 70(1)(d) | 0 |
69(1)(b) | 0 | 70(1)(a) | 0 | 70(1)(e) | 0 |
69.1 | 0 | 70(1)(b) | 0 | 70(1)(f) | 0 |
70(1)(c) | 0 | 70.1 | 0 |
3.4 Format of information released
Paper | Electronic | Other | |||
---|---|---|---|---|---|
E-record | Data set | Video | Audio | ||
0 | 3 | 0 | 4 | 0 | 0 |
3.5 Complexity
3.5.1 Relevant pages processed and disclosed for paper and e-record formats
Number of Pages Processed | Number of Pages Disclosed | Number of Requests |
---|---|---|
530 | 530 | 3 |
3.5.2 Relevant pages processed by request disposition for paper and e-record formats by size of requests
Pages | Less Than 100 Pages Processed |
100-500 Pages Processed |
500-1000 Pages Processed |
1001-5000 Pages Processed |
More Than 5000 Pages Processed |
|||||
---|---|---|---|---|---|---|---|---|---|---|
Disposition | Number of Requests |
Pages Processed | Number of Requests |
Pages Processed | Number of Requests |
Pages Processed | Number of Requests |
Pages Processed | Number of Requests |
Pages Processed |
All disclosed | 1 | 9 | 2 | 521 | 0 | 0 | 0 | 0 | 0 | 0 |
Disclosed in part | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Request abandoned | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 1 | 9 | 2 | 521 | 0 | 0 | 0 | 0 | 0 | 0 |
3.5.3 Relevant minutes processed and disclosed for audio formats
Number of Minutes Processed | Number of Minutes Disclosed | Number of Requests |
---|---|---|
0 | 0 | 0 |
3.5.4 Relevant minutes processed per request disposition for audio formats by size of requests
Disposition | Less than 60 Minutes processed | 60-120 Minutes processed | More than 120 Minutes processed | |||
---|---|---|---|---|---|---|
Number of requests | Minutes Processed | Number of requests | Minutes Processed | Number of requests | Minutes Processed | |
All disclosed | 0 | 0 | 0 | 0 | 0 | 0 |
Disclosed in part | 0 | 0 | 0 | 0 | 0 | 0 |
All exempted | 0 | 0 | 0 | 0 | 0 | 0 |
All excluded | 0 | 0 | 0 | 0 | 0 | 0 |
Request abandoned | 0 | 0 | 0 | 0 | 0 | 0 |
Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 0 | 0 | 0 | 0 | 0 | 0 |
3.5.5 Relevant minutes processed and disclosed for video formats
Number of Minutes Processed | Number of Minutes Disclosed | Number of Requests |
---|---|---|
4 | 4 | 4 |
3.5.6 Relevant minutes processed per request disposition for video formats by size of requests
Disposition | Less than 60 Minutes processed | 60-120 Minutes processed | More than 120 Minutes processed | |||
---|---|---|---|---|---|---|
Number of requests | Minutes Processed | Number of requests | Minutes Processed | Number of requests | Minutes Processed | |
All disclosed | 4 | 4 | 0 | 0 | 0 | 0 |
Disclosed in part | 0 | 0 | 0 | 0 | 0 | 0 |
All exempted | 0 | 0 | 0 | 0 | 0 | 0 |
All excluded | 0 | 0 | 0 | 0 | 0 | 0 |
Request abandoned | 0 | 0 | 0 | 0 | 0 | 0 |
Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 4 | 4 | 0 | 0 | 0 | 0 |
3.5.7 Other complexities
Disposition | Consultation Required | Legal Advice Sought | Interwoven Information | Other | Total |
---|---|---|---|---|---|
All disclosed | 0 | 0 | 0 | 0 | 0 |
Disclosed in part | 0 | 0 | 0 | 0 | 0 |
All exempted | 0 | 0 | 0 | 0 | 0 |
All excluded | 0 | 0 | 0 | 0 | 0 |
Request abandoned | 0 | 0 | 0 | 0 | 0 |
Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 |
Total | 0 | 0 | 0 | 0 | 0 |
3.6 Closed requests
3.6.1 Number of requests closed within legislated timelines
Description | Number of Requests |
---|---|
Number of requests closed within legislated timelines | 8 |
Percentage of requests closed within legislated timelines (%) | 88.88888889 |
3.7 Deemed refusals
3.7.1 Reasons for not meeting legislated timelines
Number of requests closed past the legislated timelines | Interference with operations / Workload | External Consultation | Internal Consultation | Other |
---|---|---|---|---|
1 | 1 | 0 | 0 | 0 |
3.7.2 Request closed beyond legislated timelines (including any extension taken)
Number of days past legislated timelines | Number of requests past legislated timeline where no extension was taken | Number of requests past legislated timeline where an extension was taken | Total |
---|---|---|---|
1 to 15 days | 0 | 0 | 0 |
16 to 30 days | 0 | 0 | 0 |
31 to 60 days | 0 | 0 | 0 |
61 to 120 days | 0 | 1 | 1 |
121 to 180 days | 0 | 0 | 0 |
181 to 365 days | 0 | 0 | 0 |
More than 365 days | 0 | 0 | 0 |
Total | 0 | 1 | 1 |
3.8 Requests for translation
Translation Requests | Accepted | Refused | Total |
---|---|---|---|
English to French | 0 | 0 | 0 |
French to English | 0 | 0 | 0 |
Total | 0 | 0 | 0 |
Section 4: Disclosures Under Subsections 8(2) and 8(5)
Paragraph 8(2)(e) | Paragraph 8(2)(m) | Subsection 8(5) | Total |
---|---|---|---|
152 | 0 | 0 | 152 |
Section 5: Requests for Correction of Personal Information and Notations
Disposition for Correction Requests Received | Number |
---|---|
Notations attached | 0 |
Requests for correction accepted | 0 |
Total | 0 |
Section 6: Extensions
6.1 Reasons for extensions
Section | 15(a)(i) Interference with operations | 15 (a)(ii) Consultation |
15(b) Translation purposes or conversion |
|||||
---|---|---|---|---|---|---|---|---|
Number of extensions taken |
Further review required to determine exemptions |
Large volume of pages |
Large volume of requests |
Documents are difficult to obtain |
Cabinet Confidence Section (Section 70) |
External | Internal | |
1 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 |
6.2 Length of extensions
Section | 15(a)(i) Interference with operations | 15 (a)(ii) Consultation | 15(b) Translation purposes or conversion | |||||
---|---|---|---|---|---|---|---|---|
Length of Extensions | Further review required to determine exemptions |
Large volume of pages |
Large volume of requests |
Documents are difficult to obtain |
Cabinet Confidence Section (Section 70) |
External | Internal | |
1 to 15 days | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
16 to 30 days | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 |
31 days or greater | - | - | - | - | - | - | - | - |
Total | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 |
Section 7: Consultations Received From Other Institutions and Organizations
7.1 Consultations received from other Government of Canada institutions and other organizations
Consultations | Other Government of Canada Institutions | Number of Pages to Review | Other Organizations | Number of Pages to Review |
---|---|---|---|---|
Received during the reporting period | 1 | 83 | 0 | 0 |
Outstanding from the previous reporting period | 0 | 0 | 0 | 0 |
Total | 1 | 83 | 0 | 0 |
Closed during the reporting period | 1 | 83 | 0 | 0 |
Carried over within negotiated timelines | 0 | 0 | 0 | 0 |
Carried over beyond negotiated timelines | 0 | 0 | 0 | 0 |
7.2 Recommendations and completion time for consultations received from other Government of Canada institutions
Recommendation | 1 to 15 Days |
16 to 30 Days |
31 to 60 Days |
61 to 120 Days |
121 to 180 Days | 181 to 365 Days |
More Than 365 Days | Total |
---|---|---|---|---|---|---|---|---|
Disclose entirely | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 1 |
Disclose in part | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Exempt entirely | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Exclude entirely | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Consult other institution | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Other | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 1 |
7.3 Recommendations and completion time for consultations received from other organizations outside the Government of Canada
Recommendation | 1 to 15 Days |
16 to 30 Days |
31 to 60 Days |
61 to 120 Days |
121 to 180 Days | 181 to 365 Days |
More Than 365 Days | Total |
---|---|---|---|---|---|---|---|---|
Disclose entirely | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Disclose in part | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Exempt entirely | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Exclude entirely | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Consult other institution | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Other | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Section 8: Completion Time of Consultations on Cabinet Confidences
8.1 Requests with Legal Services
Pages | Less Than 100 Pages Processed |
100-500 Pages Processed |
500-1000 Pages Processed |
1001-5000 Pages Processed |
More Than 5000 Pages Processed |
|||||
---|---|---|---|---|---|---|---|---|---|---|
Number of Days | Number of Requests |
Pages Disclosed | Number of Requests |
Pages Disclosed | Number of Requests |
Pages Disclosed | Number of Requests |
Pages Disclosed | Number of Requests |
Pages Disclosed |
1 to 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
16 to 30 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
31 to 60 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
61 to 120 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
121 to 180 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
181 to 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
8.2 Requests with Privy Council Office
Pages | Less Than 100 Pages Processed |
100-500 Pages Processed |
500-1000 Pages Processed |
1001-5000 Pages Processed |
More Than 5000 Pages Processed |
|||||
---|---|---|---|---|---|---|---|---|---|---|
Number of Days |
Number of Requests |
Pages Disclosed | Number of Requests |
Pages Disclosed | Number of Requests |
Pages Disclosed | Number of Requests |
Pages Disclosed | Number of Requests |
Pages Disclosed |
1 to 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
16 to 30 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
31 to 60 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
61 to 120 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
121 to 180 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
181 to 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Section 9: Complaints and Investigations Notices Received
Section 31 | Section 33 | Section 35 | Court action | Total |
---|---|---|---|---|
1 | 0 | 0 | 0 | 1 |
Section 10: Privacy Impact Assessments (PIAs) and Personal Information Banks (PIBs)
10.1 Privacy Impact Assessments
Description | Number |
---|---|
Number of PIAs completed | 2 |
Number of PIAs modified | 0 |
10.2 Institution-specific and Central Personal Information Banks
Personal Information Banks | Active | Created | Terminated | Modified |
---|---|---|---|---|
Institution-specific | 0 | 0 | 0 | 0 |
Central | 0 | 0 | 0 | 0 |
Total | 0 | 0 | 0 | 0 |
Section 11: Privacy Breaches
11.1 Material Privacy Breaches reported
Description | Number |
---|---|
Number of material privacy breaches reported to TBS | 0 |
Number of material privacy breaches reported to OPC | 0 |
11.2 Non-Material Privacy Breaches
Description | Number |
---|---|
Number of non-material privacy breaches | 3 |
Section 12: Resources Related to the Privacy Act
12.1 Allocated Costs
Expenditures | Amount | |
---|---|---|
Salaries | $260,000 | |
Overtime | $0 | |
Goods and Services | $4,000 | |
|
$4,000 | |
|
$0 | |
Total | $264,000 |
12.2 Human Resources
Resources | Person Years Dedicated to Privacy Activities |
---|---|
Full-time employees | 2.700 |
Part-time and casual employees | 0.000 |
Regional staff | 0.000 |
Consultants and agency personnel | 0.300 |
Students | 0.000 |
Total | 3.000 |
Note: Enter values to three decimal places.
Annex C: Supplemental Statistical Report on Access to Information Act and the Privacy Act
Name of institution: Canadian Air Transport Security Authority
Reporting period: 2021-04-01 to 2022-03-31
Section 1: Capacity to Receive Requests under the Access to Information Act and the Privacy Act
Enter the number of weeks your institution was able to receive ATIP requests through the different channels.
Description | Number of Weeks |
---|---|
Able to receive requests by mail | 52 |
Able to receive requests by email | 52 |
Able to receive requests through the digital request service | 0 |
Section 2: Capacity to Process Records under the Access to Information Act and the Privacy Act
2.1 Enter the number of weeks your institution was able to process paper records in different classification levels
Description | No Capacity | Partial Capacity | Full Capacity | Total |
---|---|---|---|---|
Unclassified Paper Records | 0 | 0 | 52 | 52 |
Protected B Paper Records | 0 | 52 | 0 | 52 |
Secret and Top Secret Paper Records | 0 | 52 | 0 | 52 |
2.2 Enter the number of weeks your institution was able to process electronic records in different classification levels.
Description | No Capacity | Partial Capacity | Full Capacity | Total |
---|---|---|---|---|
Unclassified Paper Records | 0 | 0 | 52 | 52 |
Protected B Paper Records | 0 | 0 | 52 | 52 |
Secret and Top Secret Paper Records | 0 | 52 | 0 | 52 |
Section 3: Open Requests and Complaints Under the Access to Information Act
3.1 Enter the number of open requests that are outstanding from previous reporting periods.
Fiscal Year Open Requests Were Received | Open Requests that are Within Legislated Timelines as of March 31, 2022 | Open Requests that are Beyond Legislated Timelines as of March 31, 2022 | Total |
---|---|---|---|
Received in 2021-2022 | 0 | 2 | 2 |
Received in 2020-2021 | 0 | 0 | 0 |
Received in 2019-2020 | 0 | 0 | 0 |
Received in 2018-2019 | 0 | 0 | 0 |
Received in 2017-2018 | 0 | 0 | 0 |
Received in 2016-2017 | 0 | 0 | 0 |
Received in 2015-2016 or earlier | 0 | 0 | 0 |
Total | 0 | 2 | 2 |
3.2 Enter the number of open complaints with the Information Commissioner of Canada that are outstanding from previous reporting periods.
Fiscal Year Open Complaints Were Received by Institution | Number of Open Complaints |
---|---|
Received in 2021-2022 | 0 |
Received in 2020-2021 | 3 |
Received in 2019-2020 | 0 |
Received in 2018-2019 | 0 |
Received in 2017-2018 | 0 |
Received in 2016-2017 | 0 |
Received in 2015-2016 or earlier | 0 |
Total | 3 |
Section 4: Open Requests and Complaints Under the Privacy Act
4.1 Enter the number of open requests that are outstanding from previous reporting periods.
Fiscal Year Open Requests Were Received | Open Requests that are Within Legislated Timelines as of March 31, 2023 | Open Requests that are Beyond Legislated Timelines as of March 31, 2023 | Total |
---|---|---|---|
Received in 2021-2022 | 0 | 1 | 1 |
Received in 2020-2021 | 0 | 0 | 0 |
Received in 2019-2020 | 0 | 0 | 0 |
Received in 2018-2019 | 0 | 0 | 0 |
Received in 2017-2018 | 0 | 0 | 0 |
Received in 2016-2017 | 0 | 0 | 0 |
Received in 2015-2016 or earlier | 0 | 0 | 0 |
Total | 0 | 1 | 1 |
Row 8, Col. 3 of Section 4.1 must equal Row 7, Col. 1 of Section 1.1 of the 2021-2022 Statistical Report on the Privacy Act
4.2 Enter the number of open complaints with the Privacy Commissioner of Canada that are outstanding from previous reporting periods.
Fiscal Year Open Complaints Were Received by Institution | Number of Open Complaints |
---|---|
Received in 2021-2022 | 1 |
Received in 2020-2021 | 1 |
Received in 2019-2020 | 0 |
Received in 2018-2019 | 0 |
Received in 2017-2018 | 0 |
Received in 2016-2017 | 0 |
Received in 2015-2016 | 0 |
Received in 2014-2015 | 0 |
Received in 2013-2014 or earlier | 0 |
Total | 2 |
Section 5: Social Insurance Number
Question | Answer |
---|---|
Has your institution begun a new collection or a new consistent use of the SIN in 2021-2022? | No |