Guide to FOIP-Chapter 2

Office of the Saskatchewan Information and Privacy Commissioner. Guide to FOIP, Chapter 2, Administration of FOIP. Updated 7 March 2023. 45 that offers guidance and templates for applicants, government institutions, local authorities and third parties to assist in preparing and writing a submission for the Commissioner. Applicants are not required to submit evidence or arguments in the form of written representations (submission) in a review because the Commissioner can decide as to whether the government institution correctly applied FOIP without an applicant’s submission. However, applicants are always invited to provide submissions. There may be circumstances where the Commissioner may need an applicant to provide evidence or argument such as where an applicant claims a party has waived legal privilege, that information should be disclosed in the public interest or that an applicant is unable to pay a fee. For more on the applicant’s submission see IPC blog, But I’m the Applicant – how can my submission help? IPC Findings In Review Report F-2006-005, the Commissioner considered a submission from SaskTel and found that SaskTel had not met the burden of proof in demonstrating that subsection 12(1)(b) of FOIP applied. The Commissioner determined that a restatement of SaskTel’s decision and paraphrasing the statutory provision was insufficient for the Commissioner to assess the appropriateness of the decision. The Commissioner found that without particularizing the reasons for the decision SaskTel failed to discharge the burden of proof. Who has the Burden of Proof Where FOIP does not explicitly state which party has the burden of proof, the Commissioner will determine where the burden lies. When making that determination, the Commissioner will consider: • Who raised the issue. • Who is in the best position to meet the burden of proof.76 Privacy breaches: FOIP does not define burden of proof in a breach of privacy investigation. Since a complainant raises the issue, the complainant has the initial burden to establish that a privacy breach has occurred involving the complainant’s personal information. If a collection, use or disclosure is proven, the burden then shifts to the government institution to justify its authority under FOIP for the data transaction.77 Only the government institution would have 76 Service Alberta, FOIP Bulletin No. 9, Burden of Proof, November 2009 at p. 4. 77 Service Alberta, FOIP Bulletin No. 9, Burden of Proof, November 2009 at p. 4.

RkJQdWJsaXNoZXIy MTgwMjYzOA==