ORDER PO-3663

Appeal PA15-440

Treasury Board Secretariat

October 27, 2016

Summary: The appellant made a request under the Freedom of Information and Protection of Privacy Act  (the Act ) to the Treasury Board Secretariat (the Treasury Board) for access to a copy of a benchmarking report prepared by a third party. After consulting with the third party, the Treasury Board granted partial access to the report, with portions withheld in reliance on the mandatory exemption for third party information at section 17(1)  of the Act . The appellant appealed the Treasury Board’s decision. In this Order, the adjudicator finds that the information at issue is not exempt under section 17(1) as disclosure could not reasonably be expected to result in any of the harms set out in that section. As a result, she orders disclosure of the information at issue to the appellant.

Statutes Considered: Freedom of Information and Protection of Privacy Act , R.S.O. 1990, c. F.31 , as amended, section 17(1) .

BACKGROUND:

[1]  The appellant made a request to the Treasury Board Secretariat (the Treasury Board) under the Freedom of Information and Protection of Privacy Act  (the Act ) for access to the following records:

1. A copy of a report entitled ITS Infrastructure Tower Benchmarking: Final Results prepared by a named consulting firm in 2012.
2. A copy of a report entitled Progress Report: IT Rationalization, prepared by the Ontario Ministry of Government Services, I&IT Infrastructure Technology Services in 2013.

[2]  The Treasury Board located the two records and, after notifying the consulting firm as an affected party, issued a decision granting partial access to the first record, with information severed in reliance on the exemption for third party information at section 17(1)  of the Act . Full access was granted to the second record.

[3]  The appellant appealed the Treasury Board’s decision to this office on the grounds that section 17(1) does not justify the redactions made to the first record.

[4]  Since mediation did not resolve the appeal, the file was moved to the adjudication stage of the appeal process, where an adjudicator conducts an inquiry under the Act . I sought and received representations from the Treasury Board and the consulting firm (referred to in this order as the third party), followed by the appellant. The Treasury Board and the third party filed representations in reply.

[5]  In this order, I find that the exemption at section 17(1) does not apply to the information at issue, and I order the Treasury Board to disclose the information to the appellant.

RECORD:

[6]  The record at issue is a report entitled ITS Infrastructure Tower Benchmarking: Final Results dated March 22, 2012 (the “report”). The information at issue is the information that was withheld from the report, referred to in this order as the withheld information, the redacted information, or the information at issue.

ISSUE:

[7]  The only issue in this appeal is whether the mandatory exemption for third party information at section 17(1)  of the Act  applies to the information at issue.

DISCUSSION:

Background

[8]  The following background is taken from the parties’ representations and my review of the disclosed portions of the record, and is important context for an understanding of the issues in this appeal and the parties’ arguments on those issues.

[9]  The third party is in the business of carrying out research and advising its clients on all areas of information technology (IT). The third party describes the report as a benchmarking study, which involves using peer data to assess an organization’s IT efficiency and effectiveness.

[10]  The report was prepared by the third party with the stated objectives of identifying areas of opportunity to improve aspects of Ontario’s infrastructure performance, comparing costs and pricing with those of similar enterprises, and establishing a baseline for IT services and spending levels to provide an indication of where improvements are possible. The stated time frame for the analysis is the fiscal year 2010-2011. Four main functional areas were analyzed: enterprise computing, storage, end-use computing, and the IT service desk.

[11]  In order to compare Ontario’s costs and pricing with those of similar enterprises, the third party used its benchmarking peer data. The third party explains that its benchmarking data has been assembled over its approximately 20 years of providing IT-related services.

[12]  The analysis methodology section of the report (which was disclosed to the appellant) explains that independent peer groups were selected for each IT functional area based on workload characteristics. The spending and support profile for each peer group was used to simulate what the comparator group would spend to support the same workload as that of the functional area in question. The results are displayed in the report in comparison with three peer group reference points: “Peer-Average”, representing the average for the comparator group; “Peer-Pctl_25^th”, representing the lower quartile (most efficient) for the comparator group, and “Peer-Pctl_75^th representing the highest quartile (least efficient) for the comparator group. For example, to compare total costs, an organization’s (here, Ontario’s) workload is multiplied by the peers’ average unit cost. If an organization has 5,000 devices, and the peer group average cost per device is $1,200, then the peer group average cost to support the organization’s devices is the product of those two numbers, or $6,000,000. This number can then be compared to the organization’s actual costs.

[13]  For example, in a chart entitled “Total Spending by Functional Area”, the report sets out, for each of the four functional areas, Ontario’s spending, the peer average spending, the peer lowest quartile’s spending, and the peer highest quartile’s spending. Each chart also sets out the peer demographics for the peer groups used by the third party.

[14]  The information at issue (that is, the information in the report that has been withheld from the appellant) consists of two main types of information. First, the peer spending information has been redacted from each chart, leaving only the actual spending information for Ontario. Second, some information relating to peer demographics has been redacted.

[15]  The Treasury Board and the third party submit that the information at issue was properly withheld on the basis of sections 17(1)(a), (b) and (c), which provide as follows:

A head shall refuse to disclose a record that reveals a trade secret or scientific, technical, commercial, financial or labour relations information, supplied in confidence implicitly or explicitly, where the disclosure could reasonably be expected to,

(a) prejudice significantly the competitive position or interfere significantly with the contractual or other negotiations of a person, group of persons, or organization;

(b) result in similar information no longer being supplied to the institution where it is in the public interest that similar information continue to be so supplied;

(c) result in undue loss or gain to any person, group, committee or financial institution or agency; or

[16]  Section 17(1) is designed to protect the confidential “informational assets” of businesses or other organizations that provide information to government institutions. ^[1] Although one of the central purposes of the Act  is to shed light on the operations of government, section 17(1) serves to limit disclosure of confidential information of third parties that could be exploited by a competitor in the marketplace. ^[2]

[17]  For sections 17(1)(a), (b) or (c) to apply in this case, the Treasury Board and/or the third party must satisfy each part of the following three-part test:

1. the record must reveal information that is a trade secret or scientific, technical, commercial, financial or labour relations information;
2. the information must have been supplied to the institution in confidence, either implicitly or explicitly; and
3. the prospect of disclosure of the record must give rise to a reasonable expectation that one of the harms specified in paragraph (a), (b) or (c) of section 17(1) will occur.

Part 1: type of information

[18]  The types of information listed in section 17(1) have been discussed in prior orders:

Commercial information is information that relates solely to the buying, selling or exchange of merchandise or services. This term can apply to both profit-making enterprises and non-profit organizations, and has equal application to both large and small enterprises. ^[3] The fact that a record might have monetary value or potential monetary value does not necessarily mean that the record itself contains commercial information. ^[4]

Financial information refers to information relating to money and its use or distribution and must contain or refer to specific data. Examples of this type of information include cost accounting methods, pricing practices, profit and loss data, overhead and operating costs. ^[5]

[19]  The third party argues that the information at issue is commercial information, as it consists of benchmarking data that it collected, aggregated, and analyzed using proprietary processes, and that the information is essential to the provision of the third party’s services to its clients.

[20]  The third party also submits that the information is financial information, as it relates to money and its use or distribution, and contains or refers to specific data. It submits that the information contains the dollar value of various expenditures made by organizations that the third party has collected over the years, aggregated and analyzed, and used as a metric for the purpose of its benchmarking services. It submits that the information is also financial information in that it reflects the operating costs of clients, provided to the third party in confidence.

[21]  The Treasury Board also submits that the information at issue is commercial and financial information.

[22]  The appellant disputes that the information is commercial or financial information for the purposes of section 17(1). The appellant submits that the basis of the assertion by the Treasury Board and the third party that the redacted information constitutes commercial information is that it has potential commercial or monetary value. However, the appellant notes that this office has rejected this premise, holding that the fact that a record might have monetary or potential monetary value does not necessarily mean that the record itself contains commercial information. [6] The appellant submits that the fact that the third party's redacted information might have commercial value is not relevant in determining whether the record contains commercial information.

[23]  The appellant notes, further, that the third party’s own documents make clear that the redacted information is "scaled"; that is, it only reflects a simulation of what the peer groups would have spent had they supported the same workload as Ontario. As such, the redacted information does not reflect actual commercial transactions or operational costs, but hypothetical projections of those costs. The appellant submits that this is not the kind of information that section 17(1) was designed to protect. [7]

[24]  The appellant submits in the alternative that even if the information is commercial or financial information, it is the information of the individual organizations whose information has been aggregated into anonymized peer groups, and not the information of the third party. Therefore, the appellant submits, it is not protected by section 17(1). [8]

[25]  In reply, the third party submits that the informational asset that is protected by section 17(1) is not the raw data of the peers but rather the aggregate IT benchmarking data created by the third party from raw data by means of the third party’s proprietary methodologies. The third party submits that this anonymized and aggregate data is an essential tool used by the third party to provide its benchmarking services.

[26]  The Treasury Board, in reply, points out that the IPC's prior orders simply state that considerations of commercial value are not "in themselves determinative" of whether information is commercial information for the purpose of section 17, but that this is not to say that those considerations are "not relevant" at all. In any event, the Treasury Board submits, the information at issue plainly fits the definition of "commercial information" in that it relates solely to the buying of particular merchandise or services. In other words, it is the essential character of the benchmarking data, and not just its potential commercial value, which renders it commercial information for the purpose of section 17.

[27]  I have reviewed the record as a whole and the information at issue in particular. The withheld information is, as noted above, information relating to peer demographics, as well as notional spending amounts arrived at by combining peer costs with Ontario’s device count. This information relates to unidentified peer groups, aggregated by the third party in order to carry out its benchmarking analysis for Ontario. None of the peer groups or entities that make up the peer groups are identified and no financial information relating to any particular entity is set out. Rather, the withheld information represents what the average, bottom quartile and top quartile costs would be for the peer groups selected by the third party for the item in question.

[28]  I note the appellant’s argument that the information is that of the individual organizations whose information has been aggregated into anonymized peer groups, and that section 17(1) cannot be claimed for information that is not that of the third party. In my view, however, the information at issue represents the commercial information of the third party. Although it is derived from the financial or commercial information of other entities, that information has been manipulated by the third party for the purposes of providing benchmarking services to its customers. I find that in this context, the information is the commercial information of the third party. I agree with the Treasury Board that it is the essential character of the benchmarking data, and not just its potential commercial value, that renders it commercial information for the purpose of section 17(1). [9]

[29]  I conclude that Part 1 of the test under section 17(1) has been satisfied.

Part 2: supplied in confidence

Supplied

[30]  The requirement that the information was “supplied” to the institution reflects the purpose in section 17(1) of protecting the informational assets of third parties. ^[10] Information may qualify as “supplied” if it was directly supplied to an institution by a third party, or where its disclosure would reveal or permit the drawing of accurate inferences with respect to information supplied by a third party. ^[11]

[31]  The appellant did not argue that the information was not “supplied” to the Treasury Board. From my review of the record and the representations before me, it is clear that the report was supplied to the Treasury Board.

In confidence

[32]  In order to satisfy the “in confidence” component of Part 2 of the section 17(1) test, the parties resisting disclosure must establish that the supplier of the information had a reasonable expectation of confidentiality, implicit or explicit, at the time the information was provided. This expectation must have an objective basis. ^[12]

[33]  In determining whether an expectation of confidentiality is based on reasonable and objective grounds, all the circumstances of the case are considered, including whether the information was

• communicated to the institution on the basis that it was confidential and that it was to be kept confidential
• treated consistently by the third party in a manner that indicates a concern for confidentiality
• not otherwise disclosed or available from sources to which the public has access
• prepared for a purpose that would not entail disclosure. ^[13]

[34]  The third party submits that it supplied the report with a reasonable expectation of confidentiality. It points out that the cover page of the report contains a notice to the effect that the report, including supporting materials, is owned by the third party and provided for the sole use of the intended client. The notice expressly provides that the report may contain confidential, proprietary or otherwise legally protected information and that copying, distribution or public displaying of the report is prohibited without the express written permission of the third party.

[35]  The third party also submits that its services agreement for the benchmarking study contains an explicit confidentiality provision which prohibits the direct or indirect disclosure or exploitation of any confidential vendor information (except if required by order of a court or tribunal) without the written consent of the third party. Under this agreement, except where otherwise expressly provided, the third party has and retains all right, title and interest in and to all of its data, including benchmarking data. The agreement requires the institution to keep third party information confidential and to limit access to such information to those of its advisors, agents and personnel who have a need to know and have been authorized to receive the information.

[36]  The third party submits, further, that it maintains its benchmarking data in a secured database that uses technological safeguards to prevent unauthorized access, including external firewalls, authentication software and passwords. Even within the third party, access to the database is limited to a relatively small group of employees who have been given special software that is required to access the database. All employees are required under a code of conduct to maintain the confidentiality of the third party's non-public business information. Employees are also required to sign a confidentiality agreement which contains extensive non-disclosure provisions intended to safeguard the confidentiality of business information of the third party and its clients.

[37]  Finally, the third party submits that even if none of the above-described safeguards were used by the third party, a reasonable person would understand the withheld information to have been supplied in confidence from the nature of the report and services provided by the third party.

[38]  The Treasury Board also submits that the withheld data was provided in confidence, noting the confidentiality notice appearing on the report and the safeguards taken by the third party to protect its benchmarking data. The appellant did not make any representations on whether the report was supplied in confidence.

[39]  Having reviewed the report itself and the parties’ representations, I find that the report, including the information at issue, was supplied to the Treasury Board in confidence. It has been treated consistently by the third party in a manner that indicates a concern for confidentiality, such as by including the confidentiality notice on the report. Further, there is no evidence to suggest that the report has been otherwise disclosed or is available from sources to which the public has access. I conclude that Part 2 of the test has been satisfied.

Part 3: harms

General principles

[40]  Parties relying on section 17(1) to resist disclosure must demonstrate a risk of harm that is well beyond the merely possible or speculative, although they need not prove that disclosure will in fact result in such harm. How much and what kind of evidence is needed will depend on the type of issue and seriousness of the consequences. ^[14] Parties should not assume that the harms under section 17(1) are self-evident or can be proven simply by repeating the description of harms in the Act . ^[15]

[41]  Here, the third party and the Treasury Board argue the application of sections 17(1)(a), (b) and (c), referred to above. For convenience, I repeat those sections here:

A head shall refuse to disclose a record that reveals a trade secret or scientific, technical, commercial, financial or labour relations information, supplied in confidence implicitly or explicitly, where the disclosure could reasonably be expected to,

(a) prejudice significantly the competitive position or interfere significantly with the contractual or other negotiations of a person, group of persons, or organization;

(b) result in similar information no longer being supplied to the institution where it is in the public interest that similar information continue to be so supplied;

(c) result in undue loss or gain to any person, group, committee or financial institution or agency; or

Representations of the third party

Section 17(1)(a) – harm to competitive position and interference with negotiations

[42]  The third party submits that disclosure of the redacted information would significantly prejudice its competitive position. It submits that it earns revenue by collecting, aggregating and analyzing data and selling the product of its analysis to its clients. It submits that the withheld information is its pre-existing asset that has economic value to the third party for the very reason that it is not available to other suppliers of similar services and would be difficult for them to create. The third party submits that the withheld information would have great value to its competitors in that it would permit them access to more and better benchmarking data. It could be exploited by a competitor in the marketplace and by others, including IT service vendors for the purpose of determining their pricing when submitting proposals to the Ontario government, and by unions in connection with the collective bargaining process.

[43]  The third party goes on to argue:

The Third Party would lose a significant competitive advantage in bidding for and securing IT benchmarking work if the Redacted Information were disclosed. The Third Party derives significant competitive advantage from its IT benchmarking database, because it is the world's largest such database. The Third Party started providing benchmarking services in about 1995-96 and has been assembling data and augmenting its database ever since. In the IT benchmarking business, certain kinds of analyses (identifying trends, for example) require historical data.

The disclosure of the Redacted Information would permit the Third Party's competitors to use to their great benefit, for the cost of making an access request, an asset that took the Third Party approximately 20 years and a very significant financial investment to build.

The IPC and the courts have taken into consideration the specialized expertise and experience of an organization in concluding that it is reasonable to expect that the disclosure of confidential information supplied by the organization to an institution would prejudice significantly the organization's competitive position (Order PO-2676), including because the information could be exploited by a competitor (Order PO-2018).

As the IPC has noted, there is no authority for conditional disclosure under [the Act ] so that disclosure is considered "disclosure to the world" (Order PO-2018).

[44]  The third party also submits that disclosure of the withheld information would significantly interfere with its negotiations with potential clients or existing clients for new projects, by undermining the value of its benchmarking data and its services, increasing its own costs by permitting competitors to use an asset that cost the third party a great deal to create for next to nothing, and permitting competitors to appropriate corporate opportunities of the third party.

Section 17(1)(b) – information no longer supplied

[45]  The third party submits that it cannot provide its services without giving its clients access, on a confidential basis, to its benchmarking data, and that it must have confidence that its benchmarking data will be kept confidential in order to provide benchmarking services.

Section 17(1)(c) – undue loss or gain

[46]  The third party submits that disclosure will result in undue loss to it through the appropriation and use of a valued and protected commercial asset and more generally, damage to its business as a result of the loss of the exclusive use of its asset. It submits that it has invested heavily and over an extended period in the development and maintenance of the specialized knowledge and skills needed to provide high quality benchmarking services, including financial acumen, strong analytical and mathematical skills, and sales abilities, as well as its benchmarking data and database.

[47]  The third party further submits that the benchmarking data used for any particular project is created from select peer data that the third party has rendered anonymous. The third party retains ownership of the benchmarking data used for particular projects and controls its use. It submits that the disclosure of the withheld information could reasonably be expected to result in undue loss to the third party and undue gain to competitors and others who have their own uses for the information.

Representations of the Treasury Board

[48]  The Treasury Board submits as follows:

As [the Treasury Board] understands the matter, the benchmarking data is a crucial informational asset of the third party which it has acquired through great effort, skill, and expenditure. If this data were ordered disclosed, and thereby made public, competitors of the third party could take it and use it to gain an undue competitive advantage in the IT benchmarking industry.

Past IPC orders suggest that these facts are more than sufficient to establish that the harms test has been met. [16]

Representations of the appellant

[49]  The appellant submits that the redacted information is aggregated, simulated, anonymized data and that there is no way for the appellant, a competitor, or any other interested organization to reverse-engineer the data in order to access the third party's proprietary data. It submits that the data has been so significantly transformed that there is no way to identify the underlying data which the third party has collected in its proprietary database. It points out that, in previous orders, this office has been skeptical of claims to harm by an institution or third party where the information at issue is in aggregate. [17] It submits that the third party has not explained how its competitors could reverse-engineer the redacted information to reveal raw benchmarking data that could be useful in generating, for an entirely different client, an analysis similar to that contained in the report.

[50]  The appellant also argues that the data in the report has been selected and manipulated specifically in order to draw relevant comparisons for the particular client for whom the third party has prepared this analysis, and submits that this information is of little or no interest to competitors or other potential clients. It submits that preparing an analysis for a different client would require data from differently constituted peer groups. It submits that even if a competitor used the exact same peer groups, the redacted information does not reveal the raw data of each of these respective peers and so it would not be possible for the competitor to produce the necessary data projections needed for comparison purposes.

[51]  Further, the appellant points out that it is not a competitor of the third party, but a bargaining agent representing employees of the Ontario government. It states that it has no interest in using the redacted information to damage the commercial interests of the third party, even if this were possible.

[52]  The appellant argues, in the alternative, that if some of the redacted information is in fact raw benchmarking data, it is not credible to suggest that its disclosure could significantly undermine the integrity or value of the third party's benchmarking database, causing the kind of harm that section 17(1) is meant to protect against. It points out that the third party states in a case study from 2007 that its benchmarking database is the "largest in the industry", representing some 1,400 organizations and 17,000 benchmarks, whereas the redacted information relates to only a handful of these organizations.

[53]  Finally, the appellant submits that the redacted information is dated, dating back to 2011 at the very latest. Given the rapidly developing world of information technology, the appellant submits that it is unlikely that information about the expenditure of organizations on IT resources, that is over five years old, is useful or relevant for any competitor or other party. It submits that it is not plausible that access to a relatively small amount of anonymized, aggregated, simulated benchmarking data from half a decade ago would cause harm to the third party.

Third party’s reply

[54]  The third party submits that the appellant has misunderstood the IT benchmarking process and that there are six key aspects of that process. It submits that, in carrying out the benchmarking process, the third party:

• collects and analyzes client raw data (including labour, software, hardware and facilities costs and service levels) using the third party's proven and proprietary data collection tools, templates and definitions, to determine client workload (volume of work performed with IT) and complexity (types of work performed with IT);
• validates the client’s raw data to ensure consistency with its IT benchmarking methodology and definitions;
• selects relevant peer group data from its repository of benchmarking data (data of peers having a similar workload and complexity to the client);
• conducts a gap analysis between client efficiency levels and the peer data (which is analogous to making a 'kilometres per liter’ comparison between different automobiles);
• generates recommendations to improve client efficiency; and
• documents its results in a report.

[55]  The third party submits that the gap analysis could not be performed without the benchmarking data and that the quality of the analysis increases with the volume and quality of the benchmarking data. It submits that allowing competitors of the third party access to the data would be the equivalent of giving competitors of an automobile manufacturer its design for a more efficient, greener engine. It submits that there is a great deal of highly valuable information about vendors and other components of the IT cost in each set of benchmarking data.

[56]  The third party further submits that the appellant is mistaken that disclosure of the benchmarking data would not cause the third party the types of harm described in section 17(1). The third party reiterates its argument that the disclosure of the benchmarking dated would allow:

• competitors to appropriate a key asset developed and used by the third party to provide services that generate an important part of its revenue; and
• IT producers and vendors to adjust their pricing, among other strategic decisions, which could reasonably result in market distortions including higher IT costs to clients which would also be harmful to the third party’s reputation and business. More specifically, the benchmarking data could be used to distort a fair and competitive procurement process for IT as well as IT benchmarking services. In addition to being detrimental to the third party, harm to the competitive process would negatively impact the price of IT and IT services to clients.

[57]  Finally, the third party submits that benchmarking data does not lose value over time and that some projects require the use of older benchmarking data.

The Treasury Board’s reply

[58]  The Treasury Board submits that the identity of the appellant is irrelevant in determining whether the section 17(1) test is met because, as this office has held on many occasions, disclosure of a record under the Act  is "disclosure to the world” because this office cannot place restrictions on a requester’s use of a record.

Analysis and findings

[59]  I have reviewed the parties’ representations and the record, including the information at issue. For the following reasons, I find that Part 3 of the test has not been satisfied. As a result, I find that section 17(1) does not apply and I order disclosure of the information at issue.

[60]  Broadly speaking, the third party’s arguments are twofold. As summarized in its reply, the third party argues that disclosure of the information at issue could reasonably be expected to:

1. Allow competitors to appropriate a key asset developed and used by the third party to provide services that generate an important part of its revenue; and
2. Allow IT producers and vendors to adjust their pricing, among other strategic decisions, which could reasonably result in market distortions.

[61]  I will first address the third party’s arguments about appropriation of its asset, then turn to its argument about market distortions.

[62]  To put the withheld information in context, it is helpful to briefly review the steps in the benchmarking process. From my review of the record and the third party’s representations, in particular its reply, I understand the benchmarking process to entail the following:

• Client raw data is collected and analyzed to determine client workload and complexity;
• Client raw data is validated to ensure consistency with the third party’s IT benchmarking methodology and definitions;
• Relevant peer group data is selected from the third party’s repository of benchmarking data;
• The third party conducts a gap analysis between client efficiency levels and the peer data, generates recommendations to improve client efficiency, and documents its results in a report.

[63]  As noted above, the withheld information is comprised of two main kinds of information. First, the charts included in the report have been redacted to withhold the peer spending figures (average, 25^th and 75^th percentiles). Examples of the charts include “Total Spending by Cost Category”, “Total Spending by Sourcing Type”, and “Total Spending by Functional Area”. Most of the charts indicate spending by dollar amounts, but a few of them indicate spending in terms of FTEs (presumably this refers to Full Time Equivalents), for example “Total Adjusted FTEs by Functional Area”. Peer spending information has been redacted from all charts.

[64]  Second, some information about the demographics of the selected peer groups has been redacted.

[65]  The third party’s repository of benchmarking data does not appear in the report. The peer groups that the third party selected as being relevant for its gap analysis are also not identified in the report. What appears in the report are the aggregate peer spending amounts arrived at by using select peers from the benchmarking data.

[66]  While the third party argues strenuously that the disclosure of the withheld information could reasonably be expected to result in the harms listed under sections 17(1)(a), (b) and (c), it has not provided me with sufficiently convincing information to explain how these harms may come about. While I accept that the third party’s repository of benchmarking data is a valuable asset, the third party has not explained how disclosure of the withheld information would enable a competitor to make use of its benchmarking data repository. I have not been provided with information that would enable me to conclude that, in the hands of a competitor, the withheld information would allow the competitor to exploit the benchmarking data repository to provide services in competition with those offered by the third party.

[67]  In its representations, the third party explains that the benchmarking data used for any particular project is created from select peer data that the third party has rendered anonymous. In the copy of the report that was disclosed to the appellant, a general description of the peer groups whose data was used for a particular chart appears beside the chart. Further information about the peer demographics has been redacted. However, the report contains no information that identifies the particular peers used by the third party for its analysis. Moreover, no individualized information particular to any one peer is set out. In other words, only aggregate information about the group of anonymous peers (typically 8 organizations) appears in the report.

[68]  It not self-evident how this aggregate, anonymized information could be used by a competitor to provide its own benchmarking services in competition with the third party. Moreover, the third party’s representations have not provided me with an explanation of how a competitor could exploit the information at issue. Beyond asserting that the information is valuable and that it could be exploited by a competitor, the third party has not explained how a competitor could make use of the information as it appears in the report. In this regard, I accept the appellant’s argument that the third party has not explained how its competitors could reverse-engineer the redacted information to reveal raw benchmarking data that could be useful in generating, for an entirely different client, an analysis similar to that contained in the report.

[69]  I also consider it relevant that, as pointed out by the appellant, a handful of peers (typically 8) were selected for each analysis, whereas the third party’s actual repository of peer data represents well over 1,400 or more benchmarks. [18] Even if it were possible to reverse engineer the withheld information to generate raw data about particular peers, this information represents a small fraction of the entire database.

[70]  I have reviewed the previous orders of this office relied on by the third party and the Treasury Board in support of their arguments on Part 3 of the section 17(1) test, among them Orders PO-2676, PO-2018, MO-2262, PO-2158 and PO-1860. None of these orders are of assistance to the third party and the Treasury Board. An assessment of the potential harms arising from disclosure of information is a highly fact-specific and contextual exercise. None of the records or circumstances described in those orders are similar to those before me in this appeal.

[71]  I conclude that it is not reasonable to expect that the disclosure of the withheld information will result in the exploitation of the third party’s repository of benchmarking data.

[72]  I now turn to the third party’s arguments regarding market distortions. The third party submits that disclosure of the information at issue could be exploited by IT service vendors for the purpose of determining their pricing when submitting proposals to the Ontario government, and by unions in connection with the collective bargaining process. It submits that disclosure will encourage IT producers and vendors to adjust their pricing, which could reasonably result in market distortions including higher IT costs to clients, which would also be harmful to the third party’s reputation and business. More specifically, the third party asserts, the information at issue could be used to distort a fair and competitive procurement process for IT as well as IT benchmarking services. In addition to being detrimental to the third party, harm to the competitive process would negatively impact the price of IT and IT services to clients.

[73]  I have considered these arguments, but find that they amount to mere speculation. The third party has not provided me with enough information to conclude that it is reasonable to expect that the harms listed will come about if the information at issue is disclosed. For example, the third party has not explained why the harms could reasonably be expected to result from the disclosure of the information at issue, but not from the disclosure of Ontario’s own actual spending on IT services, which has already been released to the appellant.

[74]  For the above reasons, I am not satisfied that disclosure of the withheld information could reasonably be expected to (a) prejudice significantly the competitive position or interfere significantly with the contractual or other negotiations of the third party; (b) result in similar information no longer being supplied to the institution where it is in the public interest that similar information continue to be so supplied; or (c) result in undue loss or gain to any person, group, committee or financial institution or agency.

[75]  I conclude, therefore, that Part 3 of the test has not be made out. As a result, the information at issue is not exempt under section 17(1)  of the Act .

ORDER:

1. I allow the appeal, and order the Treasury Board to disclose the information at issue to the appellant by sending a copy of it to the appellant. This disclosure is to take place by December 2, 2016 but not before November 25, 2016.

Original Signed by:		October 27, 2016
Gillian Shaw
Adjudicator