Board of Directors
Types and Uses of Information
Balancing transparency with privacy and confidentiality can be a tough act for nonprofit boards. Board directors often experience some degree of inner conflict between serving the public good and fulfilling their duty of loyalty, which requires them to conduct board business in confidence.
The governance of non-profit organizations sometimes requires the board to deliberate on sensitive matters. This can include personnel items such as salaries, the evaluation of staff or volunteer members, the awarding of a contract, the handling of conflict of interest situations, or legal issues.
It is a Board's responsibility to balance sharing information with it's stakeholders, while not placing the Board and it's Directors in a compromising position or in legal jeopardy.
Registered non-profit organizations have reporting obligations under the Canada Not-for-profit Corporations Act (NFP Act).
The league is an incorporated non-profit organization, that values transparency and shares information willingly. Exceptions are when it may harm an association or individual, or violate the legal duties required to protect privacy and confidentiality. Such violations could place the Board, its' Directors or members in legal jeopardy. Information that is private or confidential will only be shared when necessary to comply with law.
Mandatory (League Performs)
- Filing an annual return every year (internal only)
- Maintain a current address
- Maintain a current list and register of Board of Directors
- File financial statements (internal only)
- Maintain articles of incorporation
- Maintain governance documents
- Keeping corporate records, including minutes and resolutions
Voluntary (League Performs)
- Host a public Annual General Meeting
- Open calls for volunteers before appointing positions
- Visible complaints process
- Description of products and services offered
- List of staff or volunteers
- Record of Board of Director governance training
Increases Legal Risk (League Does Not Perform)
- Opening meetings to non-Directors
- Making Board minutes public
- Releasing details of disciplinary matters
Other Voluntary (League Does Not Perform)
- Maintain a Board an independent from members (Associations are the Board)
- Audit financial statements
- Record and report conflicts of interest
- Provides means for whistleblowers
- Report any wages or salary amounts (not applicable)
Individuals have a legal right to privacy and to not have personal information disclosed or distributed. Canada has two federal privacy laws that are enforced by the Office of the Privacy Commissioner of Canada:
- the Privacy Act, which covers how the federal government handles personal information;
- the Personal Information Protection and Electronic Documents Act (PIPEDA), which covers how businesses handle personal information.
While PIPEDA does not apply to non-profit organizations, non-profit status does not auotmatically exempt an organization depending on their actions. Therefore the league voluntarily complies with this law as part of it's Risk Management activities. And the Board and its Directors are careful not to violate privacy, even in the spirit of transparency.
This reduces the risk that the Board or the individual Director may be held legally liable for violating privacy law.
Personal information is data about an “identifiable individual”. It is information that on its own or combined with other pieces of data, can identify you as an individual. The definition of personal information differs somewhat under PIPEDA or the Privacy Act but generally, it can mean information about your:
- race, national or ethnic origin,
- religion,
- age, marital status,
- medical, education or employment history,
- financial information,
- DNA,
- identifying numbers such as your social insurance number, or driver’s licence,
- views or opinions about you as an employee.
What is generally not considered personal information can include:
- Information that is not about an individual, because the connection with a person is too weak or far-removed (for example, a postal code on its own which covers a wide area with many homes)
- Information about an organization such as a business.
- Information that has been rendered anonymous, as long as it is not possible to link that data back to an identifiable person
- Certain information about public servants such as their name, position and title
- A person’s business contact information that an organization collects, uses or discloses for the sole purpose of communicating with that person in relation to their employment, business or profession.
- Government information. This is different from personal information.
Maintaining confidentiality is one of the fiduciary responsibilities of all Directors. In order for boards to function effectively, directors must feel comfortable expressing their views on matters honestly and freely, without concern that their conversations will be made public. Confidentiality rules protect the organization and its Directors in performing their duties.
Directors’ have legal obligations with respect to confidentiality. Confidential board information includes significant, non-public information, which is regulated by laws or by organizational policies, but it also includes sensitive boardroom discussions that have both personal and business implications.
Confidential, non-public information falls generally into three categories:
- proprietary information that is of competitive, commercial value to the organization;
- inside information about the organization‘s finances, operations, and strategy; and
- sensitive information regarding board proceedings and deliberations.
Breaching Confidentiality
A breach of confidentiality can happen for a variety of reasons. Three of the most common ones are: the disclosure of confidential information discussed at a board meeting, the disclosure of personal information and disclosure to organizations with conflicts of interest.
Harm to the Organization
Leaks of sensitive board information can be highly damaging to an organization. Unauthorized disclosures of proprietary or inside information could imperil an organization’s competitive advantage or success. Unauthorized disclosures of sensitive information may be disruptive or embarrassing to the organization. If the corporation were harmed by the disclosures, the director likely would be found to have breached his or her legal Duty of Loyalty.
Harm to the Board
When any confidential information is publicly disclosed, there is also harm to the functioning of the board of directors. An effective group of directors trusts and relies on each other, encourages discussion and debate, and can tolerate even strongly-held dissenting views. When trust has been undermined, board effectiveness will be seriously compromised.
Legal Ramifications
There are legal ramifications for some breaches of confidentiality. Disclosure of material, non-public information can result in civil or criminal charges. A damaging leak of confidential material could in certain circumstances amount to a breach of the duty of loyalty, which could result in personal liability for damages and limit the director’s legal protections against such liability. Typically, when a serious breach of confidentiality occurs, the board asks for the offending director’s resignation.
In extraordinary circumstances, where confidentiality is paramount, the Board may go "in-camera" to discuss sensitive information to protect an individuals privacy and rights. In the context of board meetings "in-camera" means "in private" session or meeting, where:
- protecting an individuals privacy and rights are paramount,
- discussing sensitive matters like discipline, criminal proceedings or personal health
- one or more of the people normally in attendance are excused
- separate minutes are taken, and not included in the minutes of the regular meeting
In camera sessions are to be used only in extraordinary circumstances, that is tied to the need for confidentiality, and not for secrecy. While confidentiality is a fundamental duty for good board governance, secrecy can undermine it.
The motivation to keep information confidential is to protect a person or organization; whereas the motivation to be secret is to achieve an outcome that would not be possible under transparency. For example, in the case of disciplinary matters, confidentiality protects the accused, while secrecy protects the accuser.
Confidentiality:
- Prevents undue harm to the organization and its assets, including volunteers, board members and staff.
- Is reconcilable with transparency; in effect, stakeholders are allowed to know enough.
- Is reconcilable with accountability, wherein stakeholders can question the processes and the outcomes.
- Requires, but does not strain, trust.
Secrecy:
- Attempts to protect someone or something from scrutiny.
- Cannot be reconciled with transparency.
- Attempts to prevent accountability.
- Demands, and then misuses, trust.
Directors have to be aware of what they say and when. The same conversations in a different context can have very different repercussions and could result in organizational or personal liability.
While in the context of a Board meeting, Directors have a Duty of Diligence which requires them to speak honestly and forthright with each other. That duty also includes being well informed and diligent in exploring the business of the Board. Sometimes this business is sensitive, private or confidential, such as disciplinary matters. In the context of a Board meeting, such discussions are "business" of the Board, and Directors benefit from legal protections through incorporation and insurance.
Outside of the Board meeting, Directors may not benefit from the same protections. Discussing or sharing the same sensitive information in a public forum may no longer be "business". And may breach privacy laws, or breach confidentiality that the law requires under the Duty of Loyalty.
If the public conversation includes the private or personal information of other individuals (i.e. a name) then a Director may be accused of gossiping. While not illegal, gossip can be hurtful to the individual and harm the Board's reputation. And gossiping is only one accidental or misspoken phrase away from defamation of character, including slander and libel, for which a Director can be personally libel for under Tort Law.
Confidentiality rules are in place to safeguard the organization and its Directors. Adhering to it is the best way for a Director to ensure that they are not accused, or guilty of, gossip or defamation of character.
There's always a delicate balance between one person's right to freedom of speech and another's right to protect their good name. It is often difficult to know which personal remarks are proper and which run afoul of defamation law.
Tort law surrounding defamation law does not directly curb your right to free expression; it is not illegal per se. Rather, defamation is generally about paying damages to people that have been harmed by your speech. You can still say whatever you want, but you may have to pay for it (and you may have to pay a lot).
The following provides an overview of defamation torts and defamation claims.
Defamation Law: The Basics
The term "defamation" is an all-encompassing term that covers any statement that hurts someone's reputation, also called defamation of character. If the statement is made in writing and published, the defamation is called "libel." If the hurtful statement is spoken, the statement is "slander." Defamation is considered to be a civil wrong or a tort. A person that has suffered a defamatory statement may sue the person that made the statement under defamation law, which would be called a defamation case.
Defamation law walks a fine line between the right to freedom of speech and the right of a person to avoid defamation. On one hand, a reasonable person should have free speech to talk about their experiences in a truthful manner without fear of a lawsuit if they say something mean, but true, about someone else. On the other hand, people have a right to not have false statements made that will damage their reputation. Determining what is a statement of fact and what is a lie is called "absolute defense" and will end the case once it is proven. Then, the winning side may sue for punitive damages depending on the types of defamation.
Elements of a Defamation Lawsuit
Defamation changes per state laws, but there are some accepted standards that make laws similar no matter where you are or who you are suing. Generally, in order to win your lawsuit, you must show that:
- Someone made a statement;
- The statement was published;
- The statement caused you injury;
- The statement was false; and
- The statement did not fall into a privileged category.
These terms and details are further defined below:
The Statement - A "statement" needs to be spoken (slander), written (libel), or otherwise expressed in some manner.
Publication - For a statement to be published, a third party (someone other than the person making the statement or the subject of the statement) must have seen, heard or read the defamatory statement.
Injury - To succeed in a defamation lawsuit, the statement must be shown to have caused injury resulting from hurting the reputation of the subject of the statement.
Falsity - Defamation law will only consider statements defamatory if they are, in fact, false. A true statement is not considered defamation. Additionally, because of their nature, statements of opinion are not considered false because they are subjective to the speaker.
Unprivileged - Lastly, in order for a statement to be defamatory, it must be unprivileged. You cannot sue for defamation in certain instances when a statement is considered privileged. For example, when a witness testifies at trial.
Social Media and Defamation Law
Due to social media, it's now easier than ever to make a defamatory statement. That's because social media services like Twitter and Facebook allow you to instantly "publish" a statement that can reach millions of people. Whether it's a disparaging blog post, Facebook status update, or YouTube video, online defamation is treated the same way as more traditional forms, meaning that you can be sued for any defamatory statements you post online.
Not all types of discussions surrounding sensitive information will be conducted at the Board table. Personal grievances about other associations, teams or individuals will not be placed on the agenda, nor accepted from the meeting floor. The proper process for bring such complaints to the Board is through the Disciplinary Committee and the formal Complaints Process.
Following proper procedure will allow the Board to
- establish a committee of unbiased peers,
- fairly and objectively review the complaint,
- ensure that breach of procedures is not grounds for appeal, and
- protect the privacy of the complainant and defendant.
These are all legal requirements that must be met by the Board and its' Directors. Thus the formal process also protects the Board and the Directors from any legal proceedings that may result from their decisions
Circumnavigating this process will make it difficult for the Disciplinary Committee to investigate and render decisions on the issue. Violation of process may also be considered to be willful negligence by the Board, which may void insurance protection.
In short, airing grievances at the Board table will make it virtually impossible for a fair and reasonable outcome to be made. Which will increase the risk of legal liability to the Board and it's Directors for any decisions rendered.
Complaints received from one member against another member will be investigated, and a decision rendered, by the Disciplinary Committee. In disciplinary matters, the Board takes a cautious approach to balancing the "right to know" with the defendant's right to "privacy". As such, only the committee members will be privy to the private and confidential information resulting from the process, which includes but is not limited to:
- the original complaint,
- the defendants rebuttal,
- all evidence submitted and reviewed,
- discussions and deliberations, and
- any notes or reports
Only outcomes will be reported at the Board meeting, and that report will take place during an "in-camera" session. The minutes will read that a "Disciplinary Committee Report was received", and that report will be submitted in writing to the Secretary for record keeping, though it will not be included in the minutes of the regular Board meeting to ensure it does not enter into a public forum.
The Disciplinary Committee Report will record only outcomes of the decisions, including
- name of team or person
- indicate affect on good standing
- the sanction applied
The report may additionally request to ask the President to uphold provincially at PWSA sanctioned events, in which case the PWSA will be provided:
- what the suspension is
- if the appeal has been exhausted or waived