Manual
Personal Privacy s.21
FIPPA / s.14 MFIPPA
This section contains the following topics:
Summary
Personal Privacy
The Exceptions
Factors to be
Considered
Presumed Invasion
of Privacy
Exceptions to
the Exemption
Refusal to Confirm
or Deny
Public
Appointments
Summary
Section 21 FIPPA / s.14
MFIPPA
This section of the Freedom of Information and Protection of Privacy
Act (FIPPA)/Municipal Freedom of Information and Protection of Privacy Act
(MFIPPA):
- provides a mandatory exemption relating to the disclosure of
personal information to an individual other than the individual to
whom the information relates, except in the circumstances specified in
this section. It provides an exemption from the disclosure of personal
information in response to a formal request under the Act.
- is one of the keystone provisions of the Act. It balances the
public's right of access to records and the individual's right of
privacy respecting personal information .
- requires the institution to refuse to disclose personal information,
unless one of the circumstances listed in 21(1)(a) through (f) FIPPA /
s.14(1)(a) through (f) MFIPPA apply.
Subsections 21(2)(a) through (i) FIPPA / s.14(2)(a) through (i) MFIPPA:
- lists circumstances which should be considered in determining
whether a disclosure of personal information constitutes an
unjustified invasion of personal privacy.
Subsection 21(3) FIPPA / s.14(3) MFIPPA:
- sets out circumstances where disclosure is presumed to be an
unjustified invasion of personal privacy.
Subsection 21(4) FIPPA / s.14(4) MFIPPA:
- lists when disclosure does not constitute an unjustified invasion of
personal privacy.
Subsection 21(5) FIPPA / s.14(5) MFIPPA:
- permits an institution to refuse to confirm or deny the existence of
a record if its disclosure would constitute an unjustified invasion of
privacy.
Where an institution has reason to believe that a disclosure might
constitute an unjustified invasion of personal privacy, s.21 FIPPA / s.14
MFIPPA directs an institution to give notice to the person to whom the
personal information relates disclosing the record. This person must be
given the opportunity to make representations about the disclosure. See
Notices to Affected Third Parties in Chapter
3 (Access Procedures).
This exemption is subject to the public interest override in s.23 FIPPA/
s.16 MFIPPA. Where this exemption applies, the head must consider whether
or not the public interest outweighs the interest in privacy. Prior to
releasing information in the public interest, the head must follow the
notification requirements in s.28 FIPPA/ s.21 MFIPPA.
Section 49 FIPPA/ s.38
MFIPPA is the relevant section when deciding the disclosure of personal
information to the person to whom it pertains.
Note that certain records containing labour relations and
employment-related information are excluded from FIPPA/MFIPPA. (See
Exclusionary Provisions in Chapter
3 of this Manual)
Personal Privacy
s.21(1) FIPPA / s.14(1)
MFIPPA
This subsection requires the institution to refuse to disclose personal
information to someone other than the person to whom the information
relates, unless one of the circumstances or exceptions listed in 21(1)(a)
through (f) FIPPA / s.14(1)(a) through (f) MFIPPA applies.
Consent
s.21(1)(a)
FIPPA / s.14(1)(a)
MFIPPA
Personal information may be disclosed to someone other than the
individual to whom the information relates with the prior request or
consent of the individual. The record must be one to which the individual
is entitled to have access.
The request or consent should be in writing and be received before the
personal information is disclosed. It is good practice to confirm the
identity of the person giving consent.
Compelling Circumstances
s.21(1)(b)
FIPPA / s.14(1)(b)
MFIPPA
Personal information may be disclosed to someone other than the
individual to whom the information relates in compelling circumstances
affecting the health or safety of an individual, not necessarily the
individual to whom the information relates.
Circumstances are "compelling" when either there is no other
way to obtain personal information affecting health or safety, or there is
an emergency situation where the delay in obtaining the information would
be injurious to someone's health or safety. The determination of when
compelling circumstances exist is left to the discretion of the head.
Where personal information is released under this subsection, upon
disclosure, notification must be mailed to the last known address of the
individual to whom the information relates. If the institution does not
have the address, it should attempt to find out the address of the
individual from the person who made the request.
Public Records
s.21(1)(c)
FIPPA / s.14(1)(c)
MFIPPA
Personal information may be disclosed to someone other than the
individual to whom the information relates if the personal information is
collected and maintained specifically for the purpose of creating a record
available to the general public.
A public record refers to a collection of personal information to which
all members of the public have equal access. In order to satisfy this
exception, it must be shown that the personal information was collected
and maintained "specifically" for the purpose of making it
available to the general public. See Chapter
5 (Privacy Protection) for further discussion of public records.
Public records are created to allow the public, in specific circumstances,
access to personal information which would not normally be available. The
public's "need to know" must outweigh the privacy protection
rights of the individuals to whom the information relates.
Personal information is usually maintained in public records for the
following reasons:
- To allow for the proper administration of programs, activities and
services, (e.g. list of electors, assessment roll).
- To promote government accountability, by providing information
relating to the issuance of licences, permits, government contracts,
etc.
- To promote informed choice and consumer protection, (e.g. by making
available records such as land registry records, assessment rolls,
bills of sales registration, personal property security registration
system, records of holders of specific licences and permits etc.).
- To allow for the fair determination of rights.
Key Features of Public Records
1. The record must be equally available to all members of the public.
A collection of personal information to which only some people have
access while others do not, would not qualify as a public record as
contemplated in the Act.
2. Public availability does not mean the information is necessarily
accessible free of charge. There are a number of existing public records
which require the payment of fees for access.
3. When a public record of personal information is created or
maintained, public availability does not have to be the only purpose for
collecting and maintaining the information. For example, the land tax
register is used for the administration of the property taxing program,
but the information contained in these records is also needed by
individuals for a number of business-related purposes.
4. Access to a public record does not necessarily mean it is readily
available without some identifying information. There are situations
where an individual must provide the institution with specific details
or identifiers to allow the institution to retrieve the record. The fact
that existing systems for access are not as convenient or as cost
effective to a requester does not mean that the records are not publicly
available.
5. Personal information appearing in a public record in one context
does not necessarily render the information public in another context.
For example, personal information relating to criminal convictions may
be publicly available through court records, but a record of criminal
convictions in a personnel or security file would not thereby be a
public record.
6. There can be instances where only certain elements of a collection
of personal information are maintained as a public record, while other
parts are not available to the public.
How Public Records Are Created
In many jurisdictions, public records of personal information are
created and maintained through specific statutes or regulations. However,
in Ontario, public records can be created either by:
(a) Statute; or
(b) Policy Decisions by Institutions.
(a) Statute
Statutes, regulations or by-laws designating public records generally
contain terms and conditions regarding the administration of the
information. Often, the authority to charge fees, times and location of
access, are prescribed in the legislation.
(b) Policy Decisions by Institutions
There are situations where public records exist without a legislative
basis. The institution, through its dealings with the public, may
determine that there is a legitimate "public need to know" which
outweighs the privacy rights of the individuals to whom the information
relates. In such cases, the institution may establish a policy designating
the record public. The major factors in this decision would be the privacy
protection rights of individuals and whether or not release of the
information can be treated as a "justified" invasion of personal
privacy.
Factors to Consider
The following are some of the factors to consider in the creation and
maintenance of public records:
- Does the public "need to know" outweigh the privacy rights
of the individuals concerned?
- Will the release of the information foster informed choice?
- Will the information be accessible to everyone?
- Does the public need the information to assist in the conduct of
business?
- Would the public availability of the information constitute an
unjustified invasion of personal privacy?
- Is the personal information particularly sensitive?
- Is the information relevant to the fair determination of a
requester's rights?
While the Act is silent on statutory requirements governing the
creation and maintenance of public records, the balance between the need
for disclosure and the right of individuals to privacy must be carefully
weighed. In such circumstance the balancing test (see personal privacy
section of the Act) outlining the criteria in determining whether a
disclosure of personal information constitutes an unjustified invasion of
personal privacy, can play an important role in helping an institution
decide if a collection of personal information will, or will not, be
available as a public record.
Disclosure Expressly Authorized by Statute
s.21(1)(d)
FIPPA / s.14(1)(d)
MFIPPA
Personal information may be disclosed to a person other than the
individual to whom it relates where a statute of Ontario or Canada
expressly authorizes the disclosure.
The authority to disclose must be stated in the statute and not simply
be an administrative policy of the institution.
For example:
Section 14 of the Business Practice Act permits information
gained during an inspection or investigation to be disclosed to inform a
consumer of an unfair business practice and any information relevant to
the consumer's rights.
Research Agreements
s.21(1)(e)
FIPPA / s.14(1)(e)
MFIPPA
When certain conditions are met, personal information may be disclosed
to someone other than the individual to whom the information relates if
the disclosure is for a research purpose. "Research purposes"
are distinct from administrative, operational or regulatory uses of
personal information in that research uses do not directly affect the
individual to whom the information relates and do not relate to the usual
administration of a program. Program audits, evaluations and operational
reviews are not research for the purposes of this section.
"Research" means a systematic investigation into and study of
materials and sources in order to establish facts and reach new
conclusions and an endeavour to discover new or to collate old facts by
the scientific study or by a course of critical investigation.
This provision covers disclosures in response to access requests from
researchers receiving grants, consultants conducting contractual research
and independent researchers. Access to personal information by researchers
who are employees of an institution is not covered by this subsection but
rather by s.41 FIPPA / s.31
MFIPPA and s.42(d)
FIPPA / s.32(d) MFIPPA.
The institution must determine that conditions are appropriate for the
disclosure of personal information for a research purpose. The following
conditions must be met:
- the disclosure must be consistent with the conditions or reasonable
expectations of disclosure under which the personal information was
provided, collected or obtained. If the information was provided with
a reasonable expectation of confidentiality, access should not be
granted without the consent of the individual;
- the research purpose for which the disclosure is to be made cannot
be reasonably achieved unless the information is provided in a form
which allows individuals to be identified. The head must be satisfied
that the objective necessitates individual identification;
- the researcher must comply with conditions relating to security and
confidentiality prescribed by regulation.
See Appendix VIII for a
sample research agreement.
Unjustified Invasion of Personal Privacy
s.21(1)(f)
FIPPA / s.14(1)(f)
MFIPPA
Personal information may be disclosed to someone other than the
individual to whom the information relates where the disclosure does not
constitute an unjustified invasion of personal privacy. This provision is
an exception to the mandatory exemption. Sections 21(2)(3) and (4) FIPPA /
s.14(2)(3) and (4) MFIPPA provide guidance in determining whether
disclosure of personal information would constitute an unjustified
invasion of personal privacy. Where one of the presumptions in s.21(3)
FIPPA / s.14(3) MFIPPA applies to the personal information found in a
record, the only way such a presumption against disclosure can be overcome
is if the personal information falls under s.21(4) FIPPA / s.14(4) MFIPPA
or where a finding is made that s.23 FIPPA / s.16 MFIPPA applies to the
personal information.
If none of the presumptions in s.21(3) FIPPA / s.14(3) MFIPPA apply,
the head must consider the application of the factors listed in s.21(2)
FIPPA / s.14(2) MFIPPA, as well as all other relevant circumstances in the
case.
Factors to be Considered
s.21(2)
FIPPA / s.14(2) MFIPPA
If none of the presumptions in s.21(3) FIPPA / s.14(3) MFIPPA apply,
the head must consider the factors listed in s.21(2) FIPPA / s.14(2)
MFIPPA. This list of factors is not exhaustive. Any other relevant
circumstances should be considered by the institution before a decision on
disclosure is made. For example, one unlisted factor favouring disclosure
of personal information may be ensuring or restoring public confidence in
an institution.
Public Scrutiny
s.21(2)(a)
FIPPA / s.14(2)(a)
MFIPPA
One factor in determining whether disclosure of personal information
constitutes an unjustified invasion of privacy is whether disclosure is
desirable for subjecting the activities of government institutions to
public scrutiny. In such cases, access to information and internal
scrutiny of the internal workings of government will prevail over the
protection of individual privacy. When invoking this provision,
institutions should consider the broader interests of public
accountability. There must be a public demand for scrutiny of the
institution, not one person's personal view or opinion. The requester must
demonstrate that the activities of the institution to which the record
relates have been publicly called into question.
Public Health and Safety
s.21(2)(b)
FIPPA / s.14(2)(b)
MFIPPA
In determining whether disclosure constitutes an unjustified invasion
of personal privacy, the head must consider whether access to the personal
information may promote public health and safety.
For example:
The identification of the location of a discharge or emission or some
other potential danger to the environment may necessitate the disclosure
of personal information.
Informed Choice
s.21(2)(c)
FIPPA / s.14(2)(c)
MFIPPA
In determining whether disclosure of the personal information
constitutes an unjustified invasion of personal privacy, the head must
consider whether the disclosure will promote informed choice in the
purchase of goods and services.
For example:
Disclosure of an evaluation of a supplier's or consultant's performance
could disclose personal information.
Fair Determination of Rights
s.21(2)(d)
FIPPA / s.14(2)(d)
MFIPPA
In determining whether the disclosure constitutes an unjustified invasion
of personal privacy, the head must consider whether the personal
information is relevant to a fair determination of rights affecting the
requester. There may be instances where the requester requires access to
personal information about his / her own rights.
In order for this section to be relevant, the following factors must be
established: 1. the right in question is a legal right, which is based in
common law or statute; 2. the right is related to a proceeding which is
either existing or contemplated; 3. the personal information which the
appellant is seeking access to has some bearing on or is significant to
the determination of the right in question; and 4. the personal
information is required in order to prepare for the proceeding or to
ensure an impartial hearing.
Unfair Exposure to Harm
s.21(2)(e)
FIPPA / s.14(2)(e)
MFIPPA
The head must consider whether the individual to whom the information
relates will be exposed unfairly to pecuniary or other harm. Other
provisions of the Act exempt records on the basis that disclosure may
threaten someone's life, health or safety (s. 14(1)(e) FIPPA/ s.8(1)(e)
MFIPPA). The words "other harm" should therefore be interpreted
narrowly to mean injury of a similar nature to pecuniary harm, such as
harm to business interest.
This consideration is relevant only where there is evidence that unfair
pecuniary or other harm will result from the disclosure.
Highly Sensitive Information
s.21(2)(f)
FIPPA / s.14(2)(f)
MFIPPA
The head must consider whether the personal information is highly
sensitive to the individual to whom it relates. In order for information
to be "highly sensitive", the institution must establish that
release of the information would cause excessive personal distress to
persons other than the requester, this includes the violation of personal
security. The fact that an individual may be embarrassed by a disclosure
of personal information is not sufficient to make this factor a relevant
consideration.
Information Inaccurate or Unreliable
s.21(2)(g)
FIPPA / s.14(2)(g)
MFIPPA
In this circumstance, the head must consider whether the personal
information is unlikely to be accurate or reliable. This factor weighs
against disclosure of personal information. Where there is sufficient
reason to question the accuracy or reliability of the records, it may be
an unjustified invasion of personal privacy to release it. For this factor
to be relevant, it must be shown in specific ways that the information
received is inaccurate or unreliable.
Subsection 40(2)
FIPPA / s.30(2) MFIPPA
requires institutions to take reasonable steps to ensure that personal
information is not used unless it is accurate and up to date.
Information Supplied in Confidence
s.21(2)(h)
FIPPA / s.14(2)(h)
MFIPPA
The head must consider whether the personal information has been supplied
to the institution in confidence by the person to whom it relates. This
section does not apply to personal information supplied in confidence by
one individual about another.
For example:
Complaint information was sent by concerned citizens regarding an
alleged trespass to property was expected to be kept confidential and as
a result, this provision was a relevant factor.
Damage to Reputation
s.21(2)(i)
FIPPA / s.14(2)(i)
MFIPPA
The head must consider whether disclosure of the personal information
may unfairly damage the reputation of any person referred to in the
record. Damage to a reputation may not always be considered unfair.
For example:
The IPC found that releasing an investigation which probed the
appropriateness of a senior official's foreign currency trading
activities, would not "unfairly" damage the official's
reputation.
Presumed Invasion of Privacy
Subsection 21(3) FIPPA / s.14(3) MFIPPA provides that disclosure of
certain types of personal information is presumed to be an unjustified
invasion of personal privacy. The main characteristics of these types or
classes of personal information are that they concern intimate, sensitive
details of personal life or they give rise to a strong expectation that
privacy will be protected. Where one of the presumptions in this
subsection applies to the personal information found in a record, the only
way the presumption against disclosure can be overcome is if the personal
information falls under s.21(4) FIPPA / s.14(4) MFIPPA or where a finding
is made that s.23
FIPPA / s.16 MFIPPA
applies to the personal information.
Health Record
s.21(3)(a)
FIPPA / s.14(3)(a)
MFIPPA
Disclosure of information that relates to a medical, psychiatric or
psychological history, diagnosis, condition, treatment or evaluation is
presumed to constitute an unjustified invasion of personal privacy.
Violation of Law
s.21(3)(b)
FIPPA / s.14(3)(b)
MFIPPA
Disclosure of personal information compiled as part of an investigation
into a possible violation of law is presumed to constitute an unjustified
invasion of personal privacy. The phrase "violation of law"
includes offences under federal or provincial statutes and regulations and
municipal by-laws.
For example:
Personal information relating to discrimination investigations compiled
by, or on behalf of, the Ontario Human Rights Commission are records
compiled as part of an investigation into a possible violation of law.
The presumption applies to investigations into possible violations of
law; as a result, there is no need for criminal charges to be laid or for
proceedings to have been commenced for the presumption to apply. This
exemption does not apply where disclosure is necessary to prosecute the
violation or to continue the investigation. Disclosure of personal
information qualifying for this exemption may take place in the absence of
an access request under the conditions found in s.42
(f )& (g) FIPPA / s.32(f)
& (g) MFIPPA.
Section 14 FIPPA/ s.8 MFIPPA provides an exemption for records relating
to law enforcement activities. That section is complemented by this
subsection, which protects the privacy of an individual who has been
investigated for a possible violation of law but whose case has not yet
been disposed of by a court. This section may also protect the privacy of
individuals interviewed with respect to an investigation.
Eligibility for Social Programs
s.21(3)(c)
FIPPA / s.14(3)(c)
MFIPPA
Disclosure of information that relates to eligibility for social
service or welfare benefits is presumed to constitute an unjustified
invasion of personal privacy.
Employment or Educational History
s.21(3)(d)
FIPPA / s.14(3)(d)
MFIPPA
Disclosure of information that relates to an individual's employment or
educational history is presumed to constitute an unjustified invasion of
personal privacy. This presumption does not apply to employee expense
claims. See also s.65(6)
FIPPA / s.52(3) MFIPPA
Tax Return
s.21(3)(e)
FIPPA / s.14(3)(e)
MFIPPA
Disclosure of personal information obtained on a tax return or gathered
for the purpose of collecting a tax is presumed to constitute an
unjustified invasion of personal privacy.
Financial History
s.21(3)(f)
FIPPA / s.14(3)(f)
MFIPPA
Disclosure of most types of personal information describing an
individual's finances, income, assets, liabilities, net worth, bank
balances, financial history or creditworthiness is presumed to constitute
an unjustified invasion of personal privacy.
Personal Recommendations and
Evaluations
s.21(3)(g)
FIPPA / s.14(3)(g)
MFIPPA
Disclosure of personal information consisting of personal
recommendations or evaluations, character references, personnel
evaluations is presumed to constitute an unjustified invasion of personal
privacy.
Race, Ethnic Origin, Religion or Sexual
Orientation
s.21(3)(h)
FIPPA / s.14(3)(h)
MFIPPA
Disclosure of personal information which reveals an individual's racial
or ethnic origin, sexual orientation, religious or political beliefs or is
presumed to constitute an unjustified invasion of personal privacy.
Exceptions to the Exemption
Section 21(4) FIPPA/ s.14(4) MFIPPA places certain limits on the
presumption of invasion of personal privacy created by s.21(3) FIPPA/
s.14(3) MFIPPA. Disclosure of the types of personal information mentioned
in s.21(4)(a) through (c) FIPPA/ s.14(4)(a) and (b) MFIPPA does not
constitute an unjustified invasion of personal privacy. Therefore, a
record that fits within those subsections must be disclosed under
s.21(1)(f) FIPPA/ s.14(1)(f) MFIPPA.
Salary Range and Benefits of Employees
s.21(4)(a)
FIPPA / s.14(4)(a)
MFIPPA
Disclosure of the classification, salary range and benefits, or
employment responsibilities of an officer or employee of an institution,
or a member of the Minister's staff, is not an unjustified invasion of
personal privacy. Note that the provision refers to "salary
range", not specific salary.
Officer or employee includes appointed officials and those persons who
work for an institution, or who perform their duties under a contract of
employment.
Note that the Public Sector Salary Disclosure Act provides for
public disclosure of salaries and benefits of employees who earn a salary
of $100, 000 or more. See s.21(4)(b) FIPPA / s.14(4)(b) MFIPPA below for
factors to consider when determining if an individual is an employee or
independent contractor.
Personal Service Contracts
s.21(4)(b)
FIPPA / s.14(4)(b)
MFIPPA
Disclosure of the financial or other details of a contract for personal
services between an individual and an institution is not an unjustified
invasion of privacy. A contract in which an individual, not a company, is
hired to perform professional services in respect of a particular problem
or project would be included.
For example:
A contract in which an individual is hired to perform professional
services for an institution in respect of a particular problem or project
would be included.
Usually, the more control an institution exercises over an individual
with respect to such matters as place of work, hours of work and vacation
entitlements, the more likely a relationship is one of employer and
employee. In order to determine whether a contract is a contract for
personal services as opposed to an employment contract, the following
factors must be considered:
1. the level of control and supervision exercised by the employer
with respect to a) how the work is performed, b) where the work is
performed, c) the hours of work and d) what is produced;
2. the ownership and provision of the equipment used for the job;
3. the economic dependence of the worker on the employer;
4. whether the worker is entitled to undertake alternative work while
engaged by the employer;
5. whether the worker is obliged to follow the employer's
organizational policies;
6. whether the worker bears any risk of loss by entering into the
agreement;
7. whether the work which the individual performs is a necessary and
integral component of the employer's operations.
Licences or Permits
s.21(4)(c)
FIPPA
Disclosure of details of a licence or permit or a similar discretionary
financial benefit conferred on an individual by an institution or a head
is not an unjustified invasion of privacy under certain circumstances.
The purpose of this limitation on the presumed invasion of privacy is
to ensure that the public has access to information about licensing or the
granting of benefits where the licensee or recipient of the benefit
represents a significant proportion of the total number of persons in
Ontario who are similarly licensed or who have received a similar benefit.
The granting of a licence or permit or a financial benefit, at an
institution's discretion, may give a significant economic advantage to one
individual over others who are in the same business or other activity.
Where an individual represents one per cent or more of all persons and
organizations who have received this type of economic advantage, and if
the value of the benefit to an individual is one per cent or more of the
total value of similar benefits to other persons and organizations,
disclosure of details of the benefit is not an invasion of the
individual's privacy.
The "value of the benefit" and the "total value of
similar benefits" would be determined by dollar value where feasible.
Refusal to Confirm or Deny
s.21(5)
FIPPA / s.14(5) MFIPPA
Where the head refuses to give access to a record on the grounds of an
unjustified invasion of privacy, the head may also refuse to confirm or
deny the existence of the record. Where the head refuses to confirm or
deny the existence of a record in response to a request, notification to
the requester under s.29(2) FIPPA /s.22(2) MFIPPA is required.
For example:
Confirmation that an institution was in possession of a record relating
to the treatment of an individual for an illness could be an unjustified
invasion of privacy, even if access to the record itself was refused.
In order to use this provision, an institution must provide detailed
and convincing evidence that disclosure of the mere existence of the
requested records would convey information to the requester, and that the
disclosure of this information would constitute an unjustified invasion of
personal privacy.
This subsection is similar to s.14(3) FIPPA/ s.8(3) MFIPPA relating to
law enforcement records. Notification to the requester under s.29(2) FIPPA/
s.22(2) MFIPPA would be required.
Public Appointments
The IPC has found that members of the public often wish to know some
information about elected officials and appointees to public positions on
boards and committees. Thus, institutions are encouraged to prepare brief
biographies and make them available to the public upon request.
Institutions should alert the elected official or appointee concerned
before publishing the biography. Please see Appendix
V for a sample biography.
|
OCIPO 
