Re The Crown in right of Ontario (Workplace Safety and Insurance Board) and Canadian Union of Public Employees, Local 1750
[Indexed as: Ontario (Workplace Safety and Insurance Board) and C.U.P.E., Loc. 1750 (Re)]
File No. 0950/03 Ontario Crown Employees Grievance Settlement Board M. Nairn
Heard: June 20, 2003 Decision rendered: July 3, 2003 Reasons issued: September 2, 2003
POLICY GRIEVANCE concerning exclusion of position from bargaining unit. Grievance allowed.
I. Thompson, for the union. E. Kosmidis, for the employer.
AWARD
Further to a decision dated July 3, 2003, the following sets out the reasons for reaching the conclusion that the persons in the position of Privacy Officer employed by the Workplace Safety and Insurance Board (the "WSIB") are employees within the bargaining unit represented by CUPE Local 1750. That bargaining unit is described as an "all employee" unit and the Privacy Officers are not specifically excluded by that description of the bargaining unit. The employer asserted that the Privacy Officers were properly excluded from the bargaining unit based on an alleged conflict of interest between the work they perform and their role as bargaining unit members were they to be included in the bargaining unit. The parties were agreed that I had the jurisdiction to interpret and apply not only the provisions of the relevant collective agreement but also the relevant legislation, including the Labour Relations Act, 1995, S.O. 1995, c. 1, Sch. A, and, more particularly, the Crown Employees Collective Bargaining Act, 1993, S.O. 1993, c. 38. I will first review the nature of the position. Then I will review the applicable law. Finally I will outline the reasons for my earlier conclusion in light of those facts and legal considerations. Ms. Laurisa Tkachenko testified as to the nature of the work performed by the persons in the position of Privacy Officer and to the Privacy Office as a whole. Certain documents were also filed in evidence. The Privacy Office is a relatively new component of the WSIB. Advances in technology, changes to the Freedom of Information and Protection of Privacy Act, R.S .0. 1990, c. F.31 ("FIPPA"), and Ministry expectations and requirements regarding privacy of information, have all resulted in substantially increased attention to privacy issues. Ms. Tkachenko was invited in the fall of 2001 to put together a privacy group with the mandate to develop a capacity within the WSIB to perform privacy impact assessments. She had been working in the WSIB internal audit department dealing with systems development issues.
That group quickly realized that a host of privacy issues stemmed from the operational structure and business of the WSIB. In the course of its work receiving and determining claims on behalf of injured workers and in its necessary dealings with employers, the WSIB collects a vast array of personal and business information. A pilot project was begun and approximately six months later in July 2002, the Privacy Office was established as a new branch within the WSIB. The Office has become an important contributor to the effective work of the WSIB in light of this enhanced attention to privacy concerns.
Ms. Tkachenko, now Director of the Privacy Office, is responsible for strategic and operational leadership, to ensure that the WSIB is a "privacy compliant" organization and to ensure that the Chair's obligations under FIPPA are fulfilled. Ms. Tkachenko anticipates two types of entities providing further strategic direction and oversight in respect of privacy management issues. Steering Committees have been established which typically include a representative of management, a representative from CUPE, and perhaps other members as well. A Privacy Council is not yet in place.
In terms of organizational structure, the Privacy Office falls within the Legal Services Division of the WSIB and Ms. Tkachenko reports directly to the General Counsel of the WSIB, who in turn, reports to the Chair. She also reports to the Policy & Regulatory Committee which is responsible for the WSIB's compliance with legislation. Ms. Tkachenko testified that the Privacy Office reports to General Counsel in order to minimize any perceived conflict of interest arising from the fact that the office may have to report on an operational area. There is no dispute that Ms. Tkachenko is properly excluded from the bargaining unit. The parties have also agreed that the Freedom of Information (FOI) Coordinator, also a member of the Privacy Office, is properly excluded from the bargaining unit. Five Privacy Officers have been working in the position and Ms. Tkachenko anticipates that more may be required. All report directly to Ms. Tkachenko. Three were recruited from the bargaining unit and have remained members of the bargaining unit during their tenure in the position. Two were recruited from outside the bargaining unit. Initially the position was titled Privacy Advisor. A recent job description, developed in conjunction with the persons working in the position, titles the position Privacy Officer due, according to Ms. Tkachenko, to the compliance component that is included in their duties. That job description summarizes the work of the Privacy Officer position as ensuring WSIB compliance with applicable privacy legislated obligations and corporate privacy objectives and to provide proactive leadership and service delivery in order to position and maintain the WSIB as a recognized leader in privacy management.
The major duties and responsibilities of the position are described as follows: 1. Develop privacy corporate policy, standards and guidelines to ensure organizational compliance with applicable legislative requirements.
Research authorities and confidentiality provisions in federal and provincial statutes, regulations, codes and agreements to ensure corporate policies and programs are consistent with these authorities.
Ensure new business programs and technology solutions are compliant with applicable privacy legislation and corporate privacy requirements through a review of legal authorities, contractual agreements, security safeguards, data flows and business processes.
Develop workable solutions that will overcome privacy-related barriers in the implementation of electronic service delivery strategies.
Develop and deliver corporate privacy education and awareness programs to WSIB employees and external stakeholders, such as but not limited to the SWA s, HSAs and private sector business partners.
Lead and implement privacy integration activities across the organization, including enforcement of privacy requirements while focusing on the long-term WSIB goals and objectives. Provide appropriate direction to program and project management.
Respond independently to sensitive and contentious issues arising from employee complaints over privacy matters while maintaining confidentiality. This may include:
— Providing a privacy advice to management on labour relations issues. — Take a position in advocating change which may impact employees within the WSIB.
— Defending the WSIB's position and or the actions of its employees against privacy breach allegations and complaints before the IPC.
Conduct privacy impact assessments on key strategic projects including significant investments in technology and in support of Memoranda of Understanding undertaken with other government ministries and agencies such as MOHLTC, MOL, CCRA and other data-sharing initiatives requiring approval by the Lieutenant Governor in Council or the Information and Privacy Commissioner/Ontario [IPC].
Prepare formal reports ultimately going to senior management and the Policy & Regulatory Committee on privacy compliance issues, including WSIB employee workplace privacy, with specific recommendations to senior management for organizational adoption.
- Maintain current knowledge of the Workplace Safety and Insurance Act, FIPPA and other applicable privacy legislation and objectives, including the IPC orders and Management Board directives. Maintain awareness of
advancements in privacy enhancing technologies and changes in legislation or its interpretation through ongoing research and networking.
Receive, investigate, and resolve all privacy complaints concerning the organization's policies and procedures in coordination with other similar functions and, when necessary, legal counsel. This includes WSIB management, employees, customers, clients and external stakeholders such as the IPC to ensure compliance with the IPC's requirements and safeguarding of WSIB's public image.
Promote and model customer focused relationships throughout the organization and with external customers and stakeholders.
Ms. Tkachenko described the work. Although some corporate confidentiality policies have already been developed, the Privacy Officers will continue to develop and to review policies in light of new circumstances and on an ongoing basis. They are to remain current with legislation and any authorities in order to assist them in this ongoing review and are to remain current with new technologies that may enhance privacy. The Privacy Officers deal primarily with issues surrounding maintaining the confidentiality of the information collected by or on behalf of the WSIB. By contrast, and although the issues are not exclusive, the FOI Coordinator tends to focus on issues of external access to that information. She holds the delegated authority from the Chair of the WSIB under the FIPPA legislation to make decisions regarding access to information. Regular requests for information have been identified and are dealt with by bargaining unit employees. However the FOI Coordinator is responsible for responding to unusual access requests. This work is relatively reactive when compared to the more proactive work of the Privacy Officer in seeking to ensure that the organization works in a manner that is privacy compliant. However, the work is complementary and the members of the Privacy Office work as a team. The Privacy Officers' core work is to perform privacy impact assessments which review operational components of the WSIB and, working with staff, help to develop privacy solutions. Ms. Tkachenko summarizes all privacy impact assessments. Following that, one or more assurance reports identify whether the operational component of the business meets privacy needs and if not, the Privacy Office makes recommendations as to how systems or other operational tasks may be altered to meet the privacy concern. They
also review contracts with external vendors or relationships with other Ministries regarding, for example, data sharing, in order to ensure that privacy issues are appropriately addressed. They provide training to co-workers in the WSIB regarding privacy issues. The goal of the Privacy Officer's work is to ensure, on an ongoing basis, that information collected by the WSIB, whether it be from injured workers, employers, outside service providers, or employees of the WSIB, is only the information required and, that the information collected remain confidential, even within the WSIB, except as is necessary to perform the business of the WSIB or as may otherwise be appropriate. Much of this work involves detailed analysis of information flow through all areas of the WSIB, and requires a thorough understanding of the business, detailed knowledge of privacy issues and legislation, and substantial expertise in the use and function of information technology systems. A common thread underlying the work involves changing the workplace culture at all levels of the WSIB, including senior management, in order that ultimately, all instinctively respond to the privacy considerations at play in any operational task or strategic decision making.
A Privacy Officer is responsible for identifying any data collection issues and bringing them forward to the project team which includes operations personnel for the area under review. The majority of information collected relates to injured workers. It includes, but is not limited to, personal information, claims history, medical reports and payment records. If the team indicates that the information is needed for a particular purpose, the Privacy Officer may advise on any limitation on access that then may be appropriate. There was no suggestion that if there is any dispute between an operational area and the Privacy Officer as to whether certain information is required or how it is to be maintained that the Privacy Officer has the authority to impose any decision on the operational area. The Privacy Office is currently working on issues relating to Loss Retirement Income, electronic bill presentment and payment, and certain data-sharing initiatives. There was no suggestion that any of this information related to collective bargaining and no other potential conflict of interest with being a member of a bargaining unit was identified regarding the Privacy Officers' involvement in this kind of
work. The Privacy Officers are largely although not exclusively dealing with the myriad of privacy issues that the use of advanced technology raises. For example, one is currently working on a process for handling a privacy breach. Once a set of guidelines has been developed, Ms. Tkachenko is contemplating a review by senior management and CUPE, and input from the Information and Privacy Commissioner (the "IPC"), the external arbiter of privacy issues under FIPPA. Any decision would rest with senior management. It is anticipated that the Privacy Officers will investigate complaints (referred to in point 11 of the job description). Complaints that privacy has been inappropriately breached are generally complaints about information relating to an injured worker and typically come from an injured worker who asserts that personal data has been inappropriately collected, disclosed, or utilized. Ms. Tkachenko testified that with the number of claims that the WSIB handles, it is expected that there will be a certain number of inappropriate disclosures. A complaint may go to the IPC under FIPPA. In that case, a Privacy Officer will investigate and a report will be submitted to the IPC. The Privacy Officer would typically identify what steps management had taken in response to the complaint. If the complaint is brought directly to the WSIB, it is investigated and an internal report would be prepared that would identify any breach, the reasons for the breach (for example, whether it appears to have been caused by an individual or is systemic to an operational component of the business). The report will analyze the situation and make recommendations. Although Ms. Tkachenko testified that those reports could include recommendations regarding discipline to employees, to date, no recommendations regarding any consequences to any employee have been made. Nor has Ms. Tkachenko ever been advised that she or the Privacy Officers have any authority to make disciplinary recommendations regarding employees. According to Ms. Tkachenko only a "very very small" portion of the Privacy Officers' time is actually spent looking at privacy breaches. At the moment one Officer receives any complaints. That person is a member of the bargaining unit. Five disclosures have been logged since the Office began. None have led to any disciplinary action against an employee. There were two other examples of investigations. One related to a privacy review of the operation of
an anonymous tip line used by the Regulatory Services Division of the WSIB. Its mandate is to investigate fraud activity. Ms. Tkachenko assigned that investigation to a Privacy Officer excluded from the bargaining unit. There was no indication in the evidence that the activity or actions of any employee of the WSIB were at issue. Section 181(1) of the Workplace Safety and Insurance Act, 1997, S.O. 1997, c. 16, Sch. A, as amended ("WSIA") provides that: 181(1) No member of the board of directors or employee of the Board and no person authorized to make an inquiry under this Act shall disclose information that has come to his or her knowledge in the course of an examination, investigation, inquiry or inspection under this Act. Nor shall he or she allow it to be disclosed. [Emphasis added.]
While there is an exception for the authorized release of information, the WSIA makes it an offence under s.150(2) for employees of the WSIB (among others) to contravene s. 181(1). In the second example, one employee was investigated under the WSIA for an alleged inappropriate disclosure of information. The FOI Coordinator conducted that investigation.
In describing the first point under paragraph 7 of the job description (providing privacy advice to management on labour relations issues), Ms. Tkachenko identified that this has included mapping the collection, usage and storage of employee personal information. According to Ms. Tkachenko it was intended as a proactive report to highlight to senior management the areas needing to be addressed in order to be privacy compliant, that is, to ensure that employee data was properly kept confidential (also noted in point 9 of the job description). The decision as to what information is collected and who and how it may be accessed is that of management although the Privacy Office exists to provide advice in that regard. The Privacy Office has also reviewed the e-learning system which allows for online tutorials. Ms. Tkachenko anticipated review of appropriate access to online employee performance reviews. She also identified as a labour relations issue the tracking of employees' travels electronically. Although it does not appear that the Privacy Officers have performed this work yet, Ms. Tkachenko anticipated that the Privacy Office would have input concerning an appropriate balance between tracking employee use of the internet (and presumably e-mail) and their privacy interests.
In Ms. Tkachenko's words, advocating change which may impact WSIB employees refers to the notion of changing the workplace culture; to ask people, whether bargaining unit or management, to do things differently, with a focus on the collection and use of information on a "need to know" basis. That includes information in the human resources areas as well, such that employee data is protected from unnecessary disclosure.
The Privacy Office has no involvement in collective bargaining. Ms. Tkachenko identified that her office, during a privacy audit, might identify staff who are accessing information not required for their job and that they would report that. The Privacy Officers have not been involved in any disciplinary process, collective bargaining, or any investigation with the Regulatory Services Division. As noted at the outset the union has bargaining rights for "all employees". Unless specifically excluded from the scope of that description or otherwise excluded by operation of law, the Privacy Officers properly fall within the bargaining unit. The onus is on the employer to establish such exclusion. There is no specific exclusion of Privacy Officer from the bargaining unit description. That leaves the issue of whether or not they are otherwise excluded by law. The Crown Employees Collective Bargaining Act ("CECBA") is the operative legislation and provides that persons may be excluded from the bargaining unit where those persons have duties and responsibilities that "constitute a conflict of interest with their being members of a bargaining unit" [s. 1.1(3), para. 15]. Historically that provision mirrored what is now s. 1(3) of the Labour Relations Act, 1995 ("LRA") which references conflicts of interest that are described as arising from 1) the exercise of managerial functions or 2) being employed in a confidential capacity in matters relating to labour relations. The provision in CECBA now allows consideration of a conflict of interest in a somewhat wider context. However it is not any conflict of interest that will be considered. It is a conflict of interest relating to being a member of the bargaining unit. Because historically the issues were the same under both pieces of legislation, it is useful to review some of the earlier decisions to understand the nature of the conflict of interest at issue.
The approach to determining whether someone exercises managerial functions has been described in a number of decisions but is summarized in Re Thunder Bay (City) and C. U.P.E., Loc. 87, [1981] O.L.R.B. Rep. August 1121 (MacDowell), a decision of the Ontario Labour Relations Board beginning at para. 4: There is no litmus test which is universally applicable and dictates the result in every situation, and in assessing each case, the Board must have regard to the nature of the industry, the nature of the particular business, and [an] individual employer's organizational scheme. There must, of course, be a rational relationship between the number of superiors and subordinates, consultation or "input" should not be confused with decision-making, and neither technical expertise nor the importance of an employee's function can be automatically equated with managerial status. On the other hand, there may be individuals whose nominal authority appears to be limited, and who have no formal managerial position or title, but who nevertheless make recommendations affecting the economic destiny of their fellow employees which are so frequently forth-coming, and consistently followed by superiors, that it can be said that, in fact, the effective decision is made by the challenged individual. It is this type of recommendation which the Board has characterized as an "effective recommendation" and the inclusion of these persons in the bargaining unit would raise the very kind of conflict of interest which section1(3)(b) was designed to avoid. Persons making "effective recommendations" of this kind are regarded as part of the "management team", and are excluded from the bargaining unit.
In each instance, the Board seeks to determine the nature and extent of the individual's authority as well as the extent to which that authority is actually exercised. It is not sufficient if an individual has only "paper powers" contained in a job description or a "managerial" job title, if managerial functions are not actually exercised. Even the performance of certain coordinating functions may not be determinative. Where numbers of people work at a common enterprise (especially in the white collar — service sector) many persons may be engaged in co-ordinating activities which are largely routine, carried out within a pre-established framework of rules and policies, and subject to real managerial authority which is actually exercised from above. In addition, persons who perform technical functions or exercise craft skills which have been acquired through years of training and experience, will necessarily have a considerable influence over unskilled employees or less experienced "jour-neyman" or technicians. These experienced personnel will commonly supervise the work of those who are less experienced, and it is part of their normal job function to train and direct such persons and to instill good work habits. Often, it is only the most senior or skilled employees who will fully understand the technical requirements of the job and the tools and material required, and accordingly, it is they who will allocate work between themselves and the other employees in order to accomplish the task in a safe and efficient
manner In such circumstances, it is inevitable that they will have a special place on the "team" and will have a role to play in coordinating and directing the work of other employees; but this does not mean that the exercise managerial functions in the sense contemplated by section1(3)(b) and must therefore be excluded from the ambit of collective bargaining — especially when most of their time is spent performing functions similar to those of other individuals and the bargaining unit and there is little or no evidence of the kind of conflict which section1(3)(b) is designed to avoid.
It should always be remembered ... that the Labour Relations Act is intended to extend collective bargaining rights to employees, and it is incumbent upon any party seeking to exclude employees from the scheme of the Act, to come forward with affirmative evidence that they exercise managerial functions.
"Effective recommendations" affecting the economic destiny of fellow employees incorporates two aspects. It refers to the making of recommendations, for example, regarding the nature of the disciplinary consequence which ought to flow for inappropriate workplace behaviour, or recommendations as to who to hire, and secondly, that those recommendations are implemented by management without further scrutiny.
In Re United Community Fund of Greater Toronto and Office & Professional Employees, [1979] O.L.R.B. Rep. December 1292 (MacDowell), the second aspect of the conflict was described as follows: The purpose of section 1(3)(b) of the Act is to ensure that persons who are within a bargaining unit do not find themselves faced with a conflict of interest, as between their responsibilities and obligations as persons who "exercise managerial functions or are employed in a confidential capacity in matters relating to labour relations" and their responsibilities and obligations as members of the unit. Collective bargaining, by its very nature, requires an arm's length relationship between the "two sides" whose interests, objectives and priorities are often divergent. Persons employed in a confidential capacity relating to labour relations are regularly involved with information in matters which, if disclosed, would adversely affect the collective bargaining interests of the employer. Section 1(3)(b) ensures that the employer need not be concerned that such persons will have "divided loyalties [sic]".
Section 1(3)(b) involves three separate criteria: the disputed individual must be employed in a confidential capacity; the material with which that individual works must be confidential; and the material must be related to labour relations.
... The handling of collective bargaining information must be at the core of the disputed individual's job functions. An occasional or peripheral involvement is insufficient to justify his exclusion.
An employer cannot "sprinkle" duties or tasks that may involve the exercise of a managerial function or employment in a confidential capacity in matters relating to labour relations or other conflict of interest with being a member of a bargaining unit in order to justify an exclusion from the bargaining unit. The exclusion requires: ... a regular and material involvement with sensitive labour relations information which is confidential because its disclosure would adversely affect the collective bargaining interests of the employer, he will not be excluded under section 1(3)(b) ... One must remember that a denial of collective bargaining rights is something the employer must clearly sustain on the evidence ... [Re Dunnville (Town), unreported, decision of the OLRB dated May 27, 1985.]
The approach to these criteria was summarized in a case under CECBA; Re York University and York University Staff Assn., [1975] O.L.R.B. Rep. December 945 (Kates) at p. 951: The Board must be satisfied of "a regular, material involvement in matters relating to labour relations" to justify a finding excluding a person from the operation of the Act ... mere access to confidential information that may pertain to labour relations, standing alone, is no reason for excluding employees from the bargaining unit ... nor is mere knowledge of matters that may be deemed "confidential" in the sense that the employer would not approve of disclosure of such information by his employees sufficient to justify a positive finding under section 1(3)(b) ... the important test is whether there is a consistent exposure to confidential information on matters relating to labour relations so as to constitute such exposure an integral part of the employee's service to the employer's enterprise.
And in Re Fanshawe College of Applied Arts & Technology and O.P.S.E.U., [1991] O.L.R.B. Rep. September 1044 (Surdykowski), another case under CECBA, it was noted [para. 11]:
This "confidential" exclusion enables an employer to better ensure that knowledge of its confidential internal labour relations strategies or communications is restricted to persons whose loyalty is more likely to be undivided. A person's involvement with such information must be more than an occasional or a peripheral one to justify a finding that s/he is not an "employee" ... Similarly, access to information which may be sensitive or confidential in some business or general sense is not, by itself sufficient to justify a finding that a person is not an "employee ". In that respect, for example, access to personnel information is to be distinguished from access to confidential labour relations information. It is the labour relations content or potential for use [in] collective bargaining.
See also Re Metropolitan Toronto Library Board and C. U.P.E., Loc. 1582, [1991] O.L.R.B. Rep. March 339 (Surdykowski), and Re Gananoque (Town) and C. U.P.E., Loc. 1701, [1981] O.L.R.B. Rep.
July 1010 (M.G. Picher). Collective bargaining or labour relations information includes confidential budget material (for example, how much money is available for wage increases and benefits) and information concerning what strategies and priorities the employer will bring to the bargaining table opposite the union. One example of the application of this test is found in Re Frito-Lay Canada Ltd. and Retail Clerks, Loc. 206, [1978] O.L.R.B. Rep. September 831 (Carter), which prompted the following conclusion: While the evidence indicates that the payroll clerks have regular access to a certain amount of confidential information, the Board is not convinced that this type of information is integral to the conduct of collective bargaining by the respondent ... access to such information does not make them privy to the respondent's industrial strategy, and the Board must conclude that these employees are not employed in a confidential capacity in matters relating to labour relations".
It is also necessary that the information with which the disputed employee works is "confidential" so that its disclosure would undermine the employer's industrial relations position vis-à-vis his employees. In Holophane Co. Ltd., [1972] O.L.R.B. Rep. Dec. 999 the Board found the switchboard operator, who had access to the absenteeism and disciplinary records of employees was not employed in a "confidential capacity" because the employees knew, or should have known, the contents of those records. And in Daal Specialties Ltd. [1973] OLRB. Rep. Nov. 592, the Board concluded that a switchboard-receptionist who types replies to grievances was not employed in a confidential capacity since these replies were obviously known to trade union officials to whom they were sent and were in no sense "confidential".
In Re Innisfil (Town) and C.E.P., [1994] O.L.R.B. Rep. January 76 (Nairn), the OLRB concluded at para. 14:
Similarly, access to confidential information relating to labour relations must be distinguished from access to other information that may well be confidential to the employer but be irrelevant for collective bargaining purposes. The Board has also distinguished between personnel information and information relating to labour relations, particularly where the personnel information is known to the employee or is information that would be required to be disclosed in bargaining. It seems necessary to say that being an employee within the meaning of the Act does not diminish the trust and loyalty of employees in the performance of the work of the employer. That decision also described the nature of participation in investigations or the making of recommendations and whether such constituted the exercise of managerial functions and at para. 32 stated:
Similarly the fact that he raises mistakes in performance with the employees or with the Director, in the absence of evidence of some greater involvement in a disciplinary process, only suggests that he is conscientious with respect to the performance of the work in his department.
Similarly in Re Bannerman Enterprises Inc. and U.S.W.A., [1994] O.L.R.D. No. 4056 (QL) (O'Neil) [reported [1994] O.L.R.B. Rep. November 1489], decision dated November 8, 1994 [para. 23]: ... when Ms. Rutetzki made sure the last person out of the office balanced the cash when trying to track the cash float of another employee, counsel argued these were instructions which are the mark of a managerial employee. We consider it rather part of her cash tracking duties which were essentially reporting duties and not decision making or effective recommendations. As indicated above, she had no discretion whether to report or not, nor any control over what happened as a result of the information she provided.
(Emphasis added throughout.) Thus, in approaching the provision in CECBA one may ask, is the person exercising managerial functions and/or is the person employed in a confidential capacity in matters relating to labour relations? Both those matters have been found to constitute a conflict of interest with the person being a member of a bargaining unit. An affirmative answer in either case will warrant the exclusion of that person from the bargaining unit. However if the answer to both is in the negative, one must further consider whether there is some other conflict of interest that arises in the particular circumstances that warrants a finding that the person is properly excluded from the bargaining unit.
The provision in CECBA is now, as noted, somewhat broader. It is, however, still modified. It is not any conflict of interest that results in exclusion. It is one that represents a conflict of interest with the person being a member of the bargaining unit. There must be clear evidence of a conflict of interest that would jeopardize the employee's ability to perform their duties for the employer because of conflicting loyalties arising because of their membership in the bargaining unit. The review of the case law informs the nature of that concern.
The employer relied on this assertion that the persons in the position of Privacy Officer had duties and responsibilities, the performance of which constituted a conflict of interest with their being members of the CUPE bargaining unit. It relied on the evidence
regarding the Privacy Officers' involvement in those matters referred to in paragraph 7 of the job description and their involvement in investigations and compliance. Certain of this evidence reflected an assertion of a conflict of interest that would be caught under the narrower test, reflecting on whether the Privacy Officers either exercised managerial functions or were employed in a confidential capacity in matters relating to labour relations. For example, Ms. Tkachenko suggested that investigation reports could include recommendations as to discipline. However there was no evidence that any such recommendations have been made, nor had any of the Privacy Officers ever been told that they had this kind of authority. There was no evidence from which to properly conclude that the Privacy Officers are members of management, nor was that specifically asserted by the employer. Similarly, it was not specifically asserted that the Privacy Officers were employed in a confidential capacity in matters relating to labour relations. Notwithstanding that the job description stipulates that the Privacy Officers provide privacy advice to management on labour relations issues, there was no suggestion that the Privacy Officers had a regular and material involvement in matters affecting the employer's industrial strategy and collective bargaining efforts.
Ms. Tkachenko referred to a number of matters under the first bullet point under paragraph 7 of the job description. Ms. Tkachenko described that the Privacy Office has mapped the collection, storage, and use of/access to employee personal data. The mapping of that personnel information does not give rise to a conflict of interest with being a member of the bargaining unit. She anticipates review of appropriate access to online employee performance reviews. That too does not generate a conflict. In both cases the information is not confidential in the required labour relations sense. Ms. Tkachenko also anticipates that the Privacy Office will assess and make recommendations regarding monitoring of employees through their technology use. Tracking or monitoring of employees through the use of the employer's technology gives rise to a potentially controversial issue and one where the interests of the employer may diverge from those of the union and its members. However, there was no evidence that the Privacy Officers have been involved in making any recommendations.
In any event, assessing and making recommendations does not equate to decision making. In each case Ms. Tkachenko indicated that the role of the Privacy Office was to advise management. There was no evidence that the employer has adopted recommendations of a Privacy Officer without further review and consideration by management. There was no evidence to suggest that the Privacy Officers would have any role in formulating, or be aware of, the employer's collective bargaining strategy based on any assessment they provided. One must also distinguish between what is "possible", what may be required by law, and what is "recommended". The former is a technical research function. The second is an assessment and advice based on specific expertise. It is the scope of the latter that may give rise to the kind of conflict sought to be avoided. Finally, in all these examples, any report or recommendations made would be available to the union in the event of a dispute either in collective bargaining or in the course of grievance proceedings. Ms. Tkachenko described "advocating change which may impact employees" as reflecting potential changes to processes and, more broadly, changes to the workplace culture to give more priority to privacy issues. She sees the Privacy Office as a "change agent", having the potential to affect employees and management alike. Defending employees before the IPC creates no conflict of interest with being a member of the bargaining unit. Their interests are the same. Neither of these functions gives rise to any conflict of interest with a Privacy Officer being a member of the bargaining unit.
All of this work relates to an assertion of a conflict of interest arising out of involvement in labour relations issues. Any asserted conflict of interest is however, either speculative, does not involve confidential labour relations information, does not relate to the employer's collective bargaining or labour relations interests, or is at best, only peripheral to those interests. It does not represent evidence of duties and responsibilities that would warrant exclusion under either a managerial exclusion or being employed in a confidential capacity in matters relating to labour relations. No other conflict of interest with being a member of a bargaining unit was asserted. Such work cannot therefore found the basis for concluding that it constitutes a conflict of interest for the Privacy Officer to be a member of the bargaining unit.
Ms. Tkachenko's assertion that compliance plays a significant role in the work of the Privacy Officer falls within similar considerations. The evidence indicates that the Privacy Officers are not responsible for ensuring compliance. While they may provide direction and advice, the resolution of any dispute between an operational area and the Privacy Office regarding the scope or implementation of the privacy concern remains the role of management.
The employer also focused attention on the fact that the Privacy Officers will be required to investigate complaints of a privacy breach and in the course of those investigations may have to investigate members of the bargaining unit and report on their findings. In fact the Privacy Officers may be in the position of investigating members of management as well. The first circumstance that must be noted regarding this issue and this particular workplace is the existence of s. 181(1) of the WSIA quoted earlier. The effect of that section is to charge every member of the bargaining unit and every member of management with the same obligation and interest as the Privacy Officers; the protection of privacy interests. If an employee is aware of a potential breach or inappropriate disclosure s/he has a statutory obligation not to allow the disclosure. Employees are required to report breaches of confidentiality. This duty extends to information collected in the course of the work of the WSIB. In terms of complaints and resulting investigations, most, if not all, relate to the asserted inappropriate disclosure of that class of information. The difference between the obligations is that a Privacy Officer may have more involvement in the investigation of a privacy breach. However as noted earlier they have no role in determining any consequence to any employee and any report of any investigation would be available to and subject to scrutiny by both the employer and the union as part of any grievance proceeding. Conducting an investigation and/or reporting as required reflect the conscientious performance of one's responsibilities. It may become a matter of issue as between the employer and the union as to what to do with the information obtained through the investigation but in the absence of further involvement it does not pose a conflict of interest for the Privacy Officer to being a member of the bargaining unit. Many classes of employees (for example, health care workers) have
professional responsibilities that may require them to report inappropriate conduct on the part of a co-worker. That reporting function has not precluded them from being a member of a bargaining unit. The interests of the bargaining unit are not in conflict with the maintenance of professional conduct. Further, the evidence discloses that of the investigations handled since the Office began, five disclosures were logged and none has led to discipline. They were all dealt with by one Privacy Officer. That Privacy Officer was a member of the bargaining unit and no difficulties were identified from this fact. One matter involving an employee charged under s. 150(2) of the WSIA for breaching s. 181(1) of that Act was handled by the FOI Coordinator. Finally, this investigative function (in response to complaints) does not represent a significant portion of the Privacy Officers' time. Ms. Tkachenko spoke of the need to be perceived as unbiased. I understood this to refer both internally and externally. Internally, having the Privacy Office report through Legal Services may reduce a perceived conflict in an operational area being seen to investigate itself. From an organizational point of view, the Privacy Office is not responsible for any particular operational area. It is responsible for all areas and has therefore been made responsible to the organization as a whole. The compliance component of the Privacy Officers' work is directed at ensuring that the facets within the WSIB are privacy compliant. Those efforts are not directed at employee discipline, although that issue may arise as a result of the Privacy Officer's work. The compliance component of the Privacy Officer's work however does not create a conflict of interest with their being a member of the bargaining unit absent their ability to make those decisions which have an economic impact on employees.
Ms. Tkachenko was also concerned that the Privacy Office be perceived as unbiased to those external to the WSIB in its handling of complaints. Implicit in her concern is again the notion that one ought not to be charged with investigating itself. But any danger of such a perception arises not because a Privacy Officer may be a member of a bargaining unit but because they are a member of that Office and, more specifically, because they are employed by the institution under investigation. Any such potential for perceived bias arises because the Privacy Office is internal to the WSIB.
This inquiry reflects the work performed by the persons employed in the position of Privacy Officer. Reliance on the position description reflects an agreement that each of the Privacy Officers performs essentially the same work. One does not consider the Privacy Office in its entirety. There are currently two persons employed in that office who are excluded from the bargaining unit. There must be some rational relationship between superiors and subordinates in a working group such as the Privacy Office. Working as a team and flat-line reporting structures do not equate to managerial status, or, by themselves, a conflict of interest with being a member of a bargaining unit. Access to information which may be particularly sensitive from the employer's perspective and is to remain confidential, but which is not information which generates a conflict for that person between his/her obligations to the employer and their loyalties to the union, does not warrant their exclusion. As noted in Town of Innisfil, supra, being a member of a bargaining unit does not diminish the trust and loyalty of employees in their performance of the work of the employer. The matters relied on by the employer do not give rise to the kind of conflict of interest that the legislation contemplates. There is no doubt that the persons working in the position of Privacy Officer are highly skilled and have a varied and substantial expertise. They are also able to work with little direct supervision and function well as a team. They provide a valuable service to the organization in an area of relatively new concern. Being highly skilled, motivated, and an independent worker however is not inconsistent with being a member of a bargaining unit.
Having regard to the evidence and submissions of the parties, it was my finding that the duties and responsibilities of the persons working in the position of Privacy Officer do not constitute a conflict of interest with their being members of a bargaining unit. I found therefore that they are properly included in the bargaining unit represented by CUPE Local 1750.