Well, I think it's fine. I think it's a good idea to have reasonable grounds. I think there is a place, however, for spot audits, like randomized spot checks, if the commissioner has the resources to do that, where it doesn't have to be a company against which there have been several complaints. That's one reason.
Another reason is that it seems to be...I mean, the commissioner's being taken to court right now by Equifax for not having reasonable grounds for a particular audit when apparently there were four complaints and a preliminary investigation. It just seems like a tremendous waste of resources to allow that kind of litigation when the Privacy Commissioner is extremely unlikely to engage in that kind of audit without reasonable grounds in any case.