Industry committee  Actually, in a way I would echo Mr. Lawford. In particular, as regards breaches, there has been extensive voluntary compliance because industry does actually see their security safeguard obligations requiring notification to individuals. Maybe the only little piece that Bill S-4

Industry committee  From the CBA's perspective, we totally understand the movement from investigative bodies to the regime that's proposed in Bill S-4, which is similar to B.C. and Alberta, as you just stated. Because of the concern we had been hearing in the media and others, when you read the word

Industry committee  No, you're right. When Mr. Israel referred to the different thresholds, I think the only thing that we're agreeing on is that there should be two thresholds, but not that more should be reported to the OPC.

Industry committee  Thank you, Jean. I will limit my opening remarks to just two areas regarding the breach notification regime. The first one is thresholds for reporting to the Privacy Commissioner, and then the second area will be record-keeping. As you may know, unlike its predecessor, Bill C-1