This post was written prior to our January 2017 merger, under our previous firm name, MacPherson Leslie & Tyerman LLP.
Authors: Erin Wolff, Kristél Kriel
Saskatchewan’s freedom of information (FOI) legislation came into force in the 1990’s, and has seen only minor amendments since that time. In 2015, the Information and Privacy Commissioner of Saskatchewan (the “Commissioner”) published two reports recommending that Saskatchewan’s FOI legislation be reviewed and amended to modernize the legislation including, among other things, incorporating recent developments in access and privacy law. You can review the Commissioner’s proposals. Earlier this year, the Saskatchewan Government introduced proposed legislative amendments to Saskatchewan’s FOI legislation in response to the Commissioner’s recommendations. You can review the news release here.
FOI Legislation in Saskatchewan
In Saskatchewan, public bodies are subject to either The Freedom of Information and Protection of Privacy Act (“FOIP”) or The Local Authority Freedom of Information and Protection of Privacy Act (“LAFOIP”). Other than minor differences to reflect jurisdiction and context, the provisions of FOIP and LAFOIP (and the proposed amendments thereto) are substantially similar.
A number of amendments to FOIP and LAFOIP have been proposed. The following is a high-level overview of some of the key proposed amendments:
- Duty to Assist: Public bodies would have an express duty to respond to requests for access to information openly, accurately, and completely, including by providing explanations of terms, codes, and abbreviations used in the record(s). This express duty will likely require that FOI coordinators, among others things, keep in contact with applicants to assist with narrowing and clarifying requests, to determine if a request can be accommodated informally, and keep the applicant up-to-date in terms of time extensions, fees, and exemptions.
- Abandoned Requests: Public bodies would be permitted to treat requests for access to information as abandoned (and thus completed) if applicants do not respond to the public body within certain timelines.
- Manner of Access: Public bodies would be required to give access to records in a certain manner depending on the nature of the record (e.g. electronically if the record is in electronic form and it is reasonably practicable to do so).
- Duty to Protect: Public bodies would be required to establish policies and procedures to maintain administrative, technical, and physical safeguards to protect the integrity, accuracy, and confidentiality of personal information, to protect personal information from threats, hazards, loss, or unauthorized access, use, disclosure, or modification, and to ensure compliance with the legislation by the public body’s employees. This express duty would be subject to any additional requirements prescribed by regulations.
- Definition of “Employee”: A new definition of “employee” would be added that would capture a public body’s contractors as “employees” for the purposes of FOIP and LAFOIP. This definition would impact and clarify various other provisions (e.g. exemptions that may be claimed, what is captured as “personal information”, and who can be held liable for offences).
- Information Management Service Providers (“IMSPs”): Public bodies would be permitted to provide personal information to IMSPs (such as IT service providers) for specific purposes (such as processing or storing the information) provided that certain conditions are met (such as ensuring appropriate written agreements are in place). In addition, certain provisions of the legislation would apply directly to IMSPs and their employees (including the offence provisions discussed below).
- Mandatory Breach Notification: Public bodies would be required to take all reasonable steps to notify individuals of any unauthorized use or disclosure of the individual’s personal information if it is reasonable to believe that the incident creates a real risk of “significant harm” to the individual. It is likely that the definition of “significant harm” would be similar to that which has been proposed under the federal Personal Information Protection and Electronic Documents Act (“PIPEDA”) and includes bodily harm, humiliation, damage to reputation or relationship, loss of employment, business or professional opportunities, financial loss, identity theft, negative effects on a credit record and damages to or loss of property.
- Frivolous or Vexatious Access Requests: Public bodies would have the ability to obtain permission from the Commissioner to disregard access requests that unreasonably interfere with the operations of the public body, that amount to an abuse of the right of access or correction, or that are frivolous or vexatious, not in good faith, or concerning a trivial matter. The ability for public bodies to unilaterally disregard, or to request permission to disregard, certain access requests already exists in other jurisdictions.
- Open Government: Public bodies would be authorized to establish categories of records that the public body will make available to the public on a proactive basis.
- Application to Municipal Police Services: Police services and regional police services (as defined in The Police Act, 1990 (Saskatchewan)) would be added to the definition of “local authority” and thus become expressly subject to LAFOIP.
- Reports: The Commissioner would no longer be required to issue reports in all cases. This would give the Commissioner more flexibility to resolve issues prior to the issuance of a report, or to determine whether to issue a report in certain cases.
- Offences and Penalties: New offences would be added for various breaches of the legislation, such as snooping or intentionally destroying records. These new offences would apply to public bodies or to the employees of public bodies and IMSPs. Penalties would also be significantly increased – including a maximum monetary penalty of $50,000 (up from $1,000) and imprisonment for not more than 1 year (up from 3 months).
Status of Proposed Amendments
It is important to note that these proposed amendments are not yet in force and are thus not law. As of the date of this post, the proposed amendments were in the first stage before the Legislative Assembly of Saskatchewan. You can review the form of the proposed amendments that were introduced, along with explanatory notes. The proposed amendments will need to proceed through various additional stages before becoming law. You can read more about these stages here. Once these stages are completed, the proposed amendments will need to be proclaimed into force by the Lieutenant Governor of Saskatchewan before they become law. It is currently anticipated that the proposed amendments will come into force in the spring of 2017.
Public bodies and third parties may wish to consult experienced legal counsel to assist them in determining how the proposed amendments will impact them, and to review their policies, procedures, and contractual agreements on a proactive basis to prepare for these amendments.