Investigation into pardon services company finds no evidence of alleged disclosure of youth criminal record, but reveals lack of privacy policy

PIPEDA Report of Findings #2014-005

April 25, 2014


In 2010, a complainant engaged a pardon services company to conduct a criminal record check and verify whether a youth criminal charge appeared on his record, prior to commencing a new job. The company's review confirmed there was no record of his past charges.

In mid-2011, a new employee began working for the pardon services company. She happened to be the spouse of the complainant's supervisor.

During a visit by the pardon services employee to her husband's place of work in late 2011, the complainant alleged that the pardon services employee's demeanor toward him changed, from warm and friendly to rude, abrupt and condescending. Moreover, the complainant alleged that starting in late 2011, his supervisor and his co-workers began making offensive and abusive remarks about him, which the complainant believes were in direct reference to his youth criminal record.

In early 2012, the complainant accused the pardon services employee of disclosing his personal information to her spouse, causing him to be treated unfairly at work. The complainant also alleged that this disclosure occurred because the pardon services company did not have appropriate safeguards in place and lacked the policies and procedures to maintain personal information in strict confidence.

In its representations to our Office, the pardon services company provided sworn declarations from the complainant's supervisor, the pardon services employee and office manager. These declarations stated that the services provided to the complainant were completed and his file archived before the employee started working there and that the employee worked on different types of files which were stored separately. As such, the employee would have had no reason to access any information contained in the complainant's file. Furthermore, the employee denied accessing or disclosing any information about the complainant.

Following its investigation, our Office found that: (i) there was no evidence the company had disclosed the complainant's personal information; (ii) the company has appropriate safeguards in place; and (iii) while the company had some policies, procedures and employee training in place to give effect to the principles of Schedule 1 of the Act, it lacked a privacy policy. During the course of this investigation, the company developed a privacy policy, which is now posted on the homepage of its website.

Accordingly, our Office concluded that the matters related to the disclosure and safeguarding of the complainant's personal information were not well-founded while the matter related to the pardon services company lacking a privacy policy was well-founded and resolved.

Lessons Learned

  • There must be actual evidence to support an allegation that an individual accessed and disclosed an individual's personal information.
  • Every organization subject to the Personal Information Protection and Electronic Documents Act (PIPEDA) is required to make information available to individuals about its personal information management policies and practices. A good privacy policy is one of the important ways in which an organization can meet this obligation, foster public trust and strengthen customer loyalty. Some tips for being more transparent with respect to an organization's privacy practices are available in the document Ten Tips for a Better Online Privacy Policy and Improved Privacy Practice Transparency.

Complaint under the Personal Information Protection and Electronic Documents Act (the "Act" or "PIPEDA")

  1. The complainant alleges that a company providing pardon services (the Respondent) disclosed his personal information without consent. Specifically, when engaging the services of the Respondent to conduct a criminal record check, the complainant alleges that an employee of the Respondent (the Employee) disclosed information about his youth criminal charge without his consent to the complainant's supervisor (the Supervisor). The Supervisor is the spouse of the Employee.
  2. The complainant also alleges that the Respondent failed to safeguard his personal information. Specifically, the complainant alleges that this disclosure occurred because the Respondent does not have the appropriate safeguards in place and lacks the policies and procedures to maintain his personal information in strict confidence.
  3. In its representations, the Respondent stated that the services provided to the complainant were completed and his file archived, before the Employee started working for the Respondent; as such, the Employee would have had no reason to access any information contained in the complainant's file. Furthermore, the Employee denies accessing or disclosing any information about the complainant.
  4. Following its investigation, our Office found that: (i) there was no evidence that the complainant's personal information was disclosed by the Respondent; (ii) the Respondent has appropriate safeguards in place; and (iii) while the Respondent had some policies and procedures in place to give effect to the principles of Schedule 1 of the Act, it lacked a privacy policy. During the course of this investigation, the Respondent developed a privacy policy, which is now posted on the homepage of its website.

Summary of Investigation

Timeline

  1. The complainant engaged the services of the Respondent in mid-2010 to conduct a criminal record check and verify whether a youth criminal charge appeared on his record, prior to commencing a new job.
  2. The Respondent advised the complainant in 2010 that no criminal record was found through the Royal Canadian Mounted Police ("RCMP") check. Also in 2010, the Respondent further advised that there was no criminal record found through the local police services check and concluded that no pardon was required.
  3. In a letter, the Respondent informed the complainant that there was no record of his past charges, stating "As you were a youth at the time, these records are not available or disclosed to anyone".
  4. In mid-2011, the Employee began working for the Respondent.
  5. Starting in late 2011, the complainant alleges that the Supervisor and his co-workers began making offensive and abusive remarks about him, which the complainant believes were in direct reference to his youth criminal record.
  6. When the Employee visited the Supervisor at her husband's workplace, the complainant also alleges that the Employee's demeanor toward him changed, from warm and friendly to rude, abrupt and condescending in late 2011.
  7. In early 2012, the complainant accused the Employee of disclosing his personal information to the Supervisor, causing him to be treated unfairly at work.
  8. Following consultation with the complainant's mother, the Respondent's owner and the complainant met with the Supervisor in early 2012 and advised the Supervisor that the complainant did not have a criminal record.
  9. In early 2012, at the complainant's request, the Respondent provided the complainant with the documents in its possession. There is some discrepancy as to which documents were initially given to the Respondent by the complainant, returned to the complainant and remained in the possession of the Respondent.
  10. The complainant alleges that he has suffered significant loss and damage due to the offensive and abusive remarks in his workplace on account of this alleged disclosure without his consent.
  11. From mid-2012 to early 2013, attempts were made to resolve this matter. In mid-2012, the Respondent responded by denying the allegations made by the complainant.
  12. In early 2013, our Office accepted a complaint filed on behalf of the complainant.

Information from the Complainant

  1. According to the complainant's mother, the complainant provided the Respondent with a copy of his youth criminal charge at his initial meeting with the Respondent on May 20, 2010. The Respondent's owner does not recall receiving such a document from the complainant.
  2. A review of the complainant's completed checklist, the Respondent's form, revealed the following:
    1. "checkmarks" for signed forms, Police Check, RCMP prints and ID;
    2. the abbreviation "ass't" which, according to the Respondent, indicates that it was conducting an assessment to determine whether a pardon was required;
    3. a local police services check was requested on a particular date;
    4. fingerprints were sent to the RCMP on a particular date;
    5. the RCMP record check was received with no record found;
    6. "[date] talked to [complainant's mother], [name of local police criminal record check] ordered, nothing on federal";
    7. "[date] [name of local police services] - no record - called [employee of local police services] - she said no record - cannot divulge to anyone but him ? no [pardon] to apply for, no record anywhere".
  3. Our Office's review of this document revealed that there is no indication that a copy of the youth charge was provided by the complainant to the Respondent.
  4. During the course of this investigation, the complainant provided our Office with his completed questionnaire, the Respondent's form.
  5. Our Office's review of this document revealed that the Criminal History section of the questionnaire was completed and contained information about the complainant's previous youth criminal record, including offense, date and that it was a youth charge.
  6. The complainant further alleged that when visiting the Supervisor at his workplace, the Employee made the following comment to the complainant on more than one occasion: "Oh, you should know, I work with criminals all day". The complainant drew our Office's attention to the use of the word "you" in this statement as evidence that the Employee was aware of his youth criminal record. The Employee did not deny making a similar comment to the complainant, explaining that she was referring to the fact that she works with criminals.
  7. The complainant provided our Office with the contact information of two co-workers of the complainant who were present during one instance when the Employee directed the above comment at the complainant. As the Employee did not deny making a similar comment and provided a valid explanation for her comment, our Office did not contact the complainant's two co-workers.

Information from the Respondent

  1. The Respondent advised that it became aware that the Employee was married to the Supervisor when the complainant made allegations against Respondent in early 2012.
  2. According to the Respondent, the Employee started working for the Respondent in mid-2011, after the Respondent had completed work for the complainant; therefore, the complainant's file would have been in a filing cabinet for archived files, separate from active and American files. As explained by the Respondent, the Employee works on files for American clients, not Canadian clients, and therefore would have no reason to consult the complainant's file.
  3. As part of this investigation, our Office conducted a site visit at the Respondent's office. This site visit confirmed that all filing cabinets are equipped with key operated locks and different files (Canadian, American, active and archived) are kept in different areas of the office. Our Office also confirmed that the Respondent's office is equipped with an alarm system.
  4. According to the Respondent, there were no documents within the complainant's file which the Employee could have consulted to inform herself of the complainant's criminal history. The Respondent was unable to confirm whether information about the complainant's criminal history had been completed in the Criminal History" section of the questionnaire as it had returned this document to the complainant. As noted above, our review of the questionnaire confirmed that this section contained information about the complainant's youth charge.
  5. The Respondent advised that to the best of its knowledge, the completed questionnaire and the criminal record check documents obtained by the Respondent were returned to the complainant upon his request in early 2012 (after the alleged disclosure). Copies of the complainant's identification were either destroyed by the Respondent or also returned to the complainant upon his request. The Respondent further advised that it only retained a copy of the completed checklist in the complainant's file to document the services provided by the Respondent.
  6. The Respondent further advised that if it had known about the youth charge during its initial meeting, it would have advised the complainant that a youth charge would not appear on his criminal record. In our view, this is a contradictory statement given that the complainant's completed questionnaire clearly indicated a youth charge.
  7. The Respondent also advised our Office that the complainant accused the local police service of disclosing his personal information, namely, his criminal youth charge, to a member of his family. The Respondent investigated this accusation and was advised by a clerk at the local police service that this was not possible.
  8. Our Office confirmed that the questionnaire includes a notation about this accusation and the Respondent's inquiry into this accusation with the local police service.
  9. According to the Respondent, when meeting with the complainant and the Supervisor in early 2012, the Supervisor expressed his belief that any correlation between the comments in the complainant's workplace and any incident in the complainant's history was purely coincidental, noting that the complainant was a willing participant in this type of behavior with his co-workers. The Respondent believed that the Supervisor had no knowledge or information of any offense in relation to the complainant.
  10. The Respondent advised that files are kept for a minimum of seven years. Files older than seven years and any other information that is deemed unimportant is shredded with a local shredding company on a monthly basis.
  11. The Respondent also advised that its computers are not interconnected (i.e. documents on one computer are not accessible on another computer) and it does not retain electronic records, as it operates in an industry that relies on paper documents. Accordingly, the Respondent confirmed that the electronic version of the letter of August 31, 2010 to the complainant was deleted immediately after it was printed and would not have been accessible on the computers of other employees of the Respondent.
  12. Our Office was provided with copies of the Confidentiality Agreement and an acknowledgement for handling confidential records [title redacted] ("Acknowledgement"), signed by all employees of the Respondent. The Acknowledgement outlines an employee's responsibilities to safeguard all information and to not disclose information to any unauthorized persons.
  13. According to the Respondent, all employees signed the Confidentiality Agreement when they started working for it and subsequently signed the Acknowledgement at a staff meeting as a result of this investigation. The Respondent also advised that these documents are reviewed with each employee during semi-annual performance reviews and revisited during bi-weekly staff meetings.
  14. Our Office confirmed that the Employee signed the Confidentiality Agreement in mid-2011 and the Acknowledgement in mid-2013.
  15. Upon request, the Respondent advised that the owner of the Respondent is its Privacy Officer but was unable to provide a copy of its privacy policy. During the course of our Office's investigation, the Respondent developed and posted a Privacy Policy on the homepage of its website and confirmed that the Privacy Policy would be given to clients.
  16. Our Office's review of the Respondent's Privacy Policy confirms that it outlines what personal information it collects and why, how it will use personal information collected, under what circumstances it will disclose personal information, how personal information can be corrected or deleted, who the privacy officer is and how the privacy officer can be contacted.

Information from the Employee

  1. While our Office was originally provided with a written statement signed by the Employee, our Office was subsequently provided with the commissioned sworn solemn declaration of the Employee as well.
  2. The Employee swore that she was verbally advised of the importance of keeping information confidential during her initial interview with the Respondent in mid- 2011 and later signed a Confidentiality Agreement. Our Office was able to confirm that she signed the Confidentiality Agreement on a particular date in mid-2011.
  3. The Employee swore that she never located or came upon the complainant's file at the Respondent. She further swore that she was not aware the complainant was a client of the Respondent as he had engaged the services of the Respondent and his file had been archived, before she began working for the Respondent.
  4. She swore that she was not aware of the complainant's last name until he made allegations against her. She further swore that she never shared information with her husband or anyone else outside of her work. She confirmed that she knew the complainant by his first name as she saw him at her husband's workplace and the complainant had helped her move in the fall of 2011.
  5. She confirmed that she works strictly on files for American clients and has no involvement with Canadian files unless other staff members are busy and a Canadian client calls. She further confirmed that her contact with Canadian clients is very limited.
  6. The Employee was willing to submit to a polygraph test to attest to the facts in her written statement and sworn solemn declaration, but our Office did not pursue this.

Information from the Complainant's Supervisor

  1. While our Office was originally provided with a written statement signed by the Supervisor, our Office was subsequently provided with the commissioned sworn solemn declaration of the Supervisor as well.
  2. The Supervisor swore that the owner of the Respondent and the complainant met with him in early 2012. In response to the complainant's allegation that the Supervisor had released the complainant's personal criminal record information in the workplace, the Supervisor produced a copy of the complainant's criminal record, which the complainant had provided when he was hired, showing no criminal record.
  3. The Supervisor further swore that he had no idea of any possible involvement that the complainant may have had with the police based on the clear criminal record provided by the complainant. The Supervisor confirmed that a past co-worker, who had worked with the complainant at another company, had suggested some involvement between the complainant and the police.
  4. The Supervisor also swore that his wife, the Employee, never disclosed information from her work or about her clients and she was not aware of the complainant's last name until after the allegations were made against her.
  5. The Supervisor was also willing to submit to a polygraph test to attest to the facts in his written statement and sworn solemn declaration, but our Office did not pursue this.

Information from Others

  1. Our Office was also provided with short statements from several employees from the workplace of the complainant and the Supervisor.
  2. In general, these confirmed that the criminal records of other co-workers were not discussed, as well as the fact that they were not aware that the complainant had a criminal record. These statements were provided in support of the Supervisor.
  3. Our Office was further provided with the signed statement of the Office Manager for the Respondent (the "Office Manager").
  4. The Office Manager supported the Respondent's submission that confidentiality documents are signed by all employees and reviewed at staff meetings. She further confirmed that during his initial meeting with the Respondent, the complainant alleged that the local police service disclosed his youth criminal record to a family member.
  5. The Office Manager advised that she was present for the interview of the Employee and the explanation of the Confidentiality Agreement by the owner of the Respondent to the Employee. The Office Manager confirmed that she witnessed the Employee sign this document. Our Office was able to confirm this by inspecting the signed Confidentiality Agreement of the Employee.
  6. The Office Manager confirmed that she was the primary case worker on the complainant's file and that the Employee would have had no reason to look at the complainant's file. It was also the belief of the Office Manager that the Employee never had any knowledge that the complainant was a client of the Respondent or that a file existed for him.

Application

  1. In making our determinations, we applied Principles 4.1, 4.3, 4.5 and 4.7 of Schedule 1 of the Act.
  2. Principle 4.1 states that an organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization's compliance with the following principles. Specifically, Principle 4.1.4 states organizations shall implement policies and practices to give effect to the principles, including: (a) implementing procedures to protect personal information; (b) establishing procedures to receive and respond to complaints and inquiries; (c) training staff and communicating to staff information about the organization's policies and practices; and (d) developing information to explain the organization's policies and procedures.
  3. Principle 4.3 states that the knowledge and consent of the individual are required for the collection, use or disclosure of personal of personal information, except where inappropriate.
  4. Principle 4.5 states that personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law.
  5. Principle 4.7 states that personal information shall be protected by security safeguards appropriate to the sensitivity of the information. Specifically, Principle 4.7.1 states that security safeguards shall protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification and more sensitive information should be safeguarded by a higher level of protection. Principle 4.7.4 also states that organization shall make their employees aware of the importance of maintaining the confidentiality of personal information.

Findings

  1. This investigation involves highly sensitive personal information, namely, the youth criminal record of the complainant. Our Office acknowledges that this information has the potential to severely impact an individual's life. Our Office does not dispute the evidence provided by the complainant with regard to his workplace environment and its effects on him. The role of this Office is to determine whether the complainant's personal information, namely, his youth criminal record, was disclosed by the Employee to the Supervisor, a disclosure for which the Respondent would be accountable under Principle 4.1.
  2. It is unnecessary for our Office to make a finding as to the exact documents in the possession of the Respondent.
  3. Our Office finds that the complainant's file with the Respondent clearly documented the complainant's youth criminal record on account of the completed questionnaire and as such, someone coming into contact with the complainant's file at the Respondent from mid- 2010 until early 2012 would conclude that the complainant had a criminal record.
  4. However, our Office finds that there is no evidence that there was a disclosure of the complainant's personal information by the Respondent, as provided for in Principles 4.3 and 4.5. This finding is made despite the fact that the Employee could have accessed the complainant's file and disclosed this information to her spouse, the Supervisor.
  5. A disclosure by the Employee to the Supervisor about the complainant's youth criminal record is not the only possible explanation for how the complainant was treated by others in his workplace. It is difficult for our investigation to even comment on whether the complainant was treated this way because others had knowledge of his criminal youth record.
  6. Our Office further finds that the Respondent does have appropriate security safeguards to protect personal information, as required by Principle 4.7 and 4.7.1. The Respondent provided our Office with information about how its files are protected and how duties are divided among its employees.
  7. Our Office also finds that the Respondent made its employees aware of the importance of maintaining the confidentiality of personal information, as required by Principle 4.7.4. This was demonstrated by the signed Confidentiality Agreements, as well as the subsequently signed Acknowledgements, of all of the Respondent's employees and the ongoing review of the obligations within these documents by the Respondent with its employees.
  8. While the Respondent did have policies and practices in place to give effect to the principles of Schedule 1 of the Act, our Office finds that the Respondent did not have a privacy policy at the time our investigation was commenced, in contravention of Principles 4.1 and 4.1.4. During the course of this investigation, the Respondent developed a Privacy Policy and has made it available to customers on the homepage of its website and in person.

Conclusion

  1. Accordingly, our Office concludes that the matters related to the disclosure and safeguarding of the complainant's personal information are not well-founded.
  2. Our Office also concludes that the matter related to the Respondent's Privacy Policy is well-founded and resolved.
Date modified: