Confidentiality and Government Procurement
Is Your Business Information Adequately Protected?
By Kathryn Frelick, Miller Thomson LLP

In recent years, a number of high profile government spending controversies has lent public scrutiny to government procurement processes. In 2005, the Information and Privacy Commissioner/Ontario (IPC) Annual Report called for greater transparency in government procurement and contracting. It was the IPC’s view that the right of access to government records is essential to holding public officials accountable, and this should not be lost when the government uses external individuals or organizations to develop, produce or provide government services. The IPC called on government to make it clear to consultants and contractors that the default position should be that financial and other pertinent information relating to a contract will be made publicly available, except in rare cases

Recent decisions by the IPC and the courts relating to public access requests through the Freedom of Information and Protection of Privacy Act (IPPA) and Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) legislation, have demonstrated a shift towards greater transparency in government procurement processes, particularly with respect to the disclosure of government contract documents. These decisions have examined the basis for exclusion under this legislation for certain types of third part information that has been supplied in support of the procurement process.

Most consultants and contractors who take part in government procurement processes (including bidding and tendering and RFP processes) assume that the information that they submit as part of their bid, and where successful, contract terms, will be kept confidential. Indeed, the accepted basis for an exemption relating to third party information is that organizations that provide information to government institutions should be allowed to protect their commercially valuable “information assets.” Although one of the central purposes of the legislation is to shed light on the operations of government, the exemption serves to limit disclosure of confidential information of third parties that could be exploited by a competitor in the marketplace.

In this respect, disclosure of business secrets through freedom of information requests would be contrary to public interest for several reasons. Disclosure of information acquired by the business only after a substantial capital investment had been made could discourage other firms from engaging in such investment. Further, it is in the best interests of the public to encourage businesses to invest in creating better facilities, operations and models of care, and to improve how services are provided. The disclosure of confidential business information could result in a loss of confidence in the process and discourage organizations from competing.

FIPPA and MFIPPA set out a three part test for determining whether information provided by a third party to government ought to be exempt from disclosure to the public under the third party information exemption:

  (1) Type of Business – The record must reveal information that is a trade secret or scientific, technical, commercial, financial or labour relations information.
  (2) Supplied in Confidence – The information must have been supplied to the government authority in confidence, either implicitly or explicitly; and
  (3) Harms – The prospect of disclosure of the record must give rise to a reasonable expectation of harm, specifically, prejudice to competitive position, public interest risk that information will no longer be provided to the government institution or risk of undue loss or undue gain. There is a need to provide detailed, convincing evidence in order to demonstrate the potential harms.

The main issue of recent orders has focussed on whether the information was “supplied in confidence” to the government institution. It has been emphasized that contract documents, for example, are the product of negotiation and therefore do not contain information that was supplied in confidence. Further, to the extent that a tender or bid is incorporated into a contract, this information may not be protected from disclosure. In contrast, there tends to be a greater expectation of confidentiality relating to information provided as part of bidding, tendering and RFP process, however, the third party must still satisfy the “supplied in confidence” test and each situation is examined individually.

There are strategies that organizations can employ during the procurement process in order to try to balance the need to protect their confidential informational assets, while at the same time allowing government institutions to be accountable to the public:

  •  The organization should be specific as possible about information that is being “submitted in confidence” and such information should be clearly labelled and identified when submitted to the government institution.
  •  Broad assertions of confidentiality and trade secrets are generally not of assistance. Courts have held that exceptions to the right of access should be “limited and specific.” Protection should not be sought for information that is otherwise public available.
  •  There is also the ability to sever information from a document which is considered to be confidential or proprietary, and this information, if submitted in confidence should be identified.

Public access requests may stem from procurement projects that date back a number of years. The parties may have had different expectations relating to the confidentiality of that information. With the trend towards greater transparency, organizations are encouraged to be proactive in developing strategies to identify information that fits within one of the protected types of information and to ensure that they assert protection for that information from the outset.
I