Thank you, Mr. Chair.
Ms. Seigel will deliver our presentation, but I would like to say a few words first to put it into context.
Our association represents Canadian information and communications technologies, or the ICT industry, including everything to do with computers, software and telecommunications from equipment to service.
This industry is highly interested in every aspect of privacy protection, and has been for quite some time.
In 1996, when I was chief privacy officer at Bell Canada, we were already operating under an extensive set of regulations that dated back to 1955 in matters of privacy protection. But the industry as a whole, the broader industry, also saw at that time, as the Internet was about to explode in terms of usage, that privacy protection and confidence in the Internet and the e-economy was absolutely critical to our future. Therefore, our industry was really the first proponent of tackling the issue with legislation. We also had to consider that we couldn't take a regime that applied to a heavily regulated industry, like telecom was at the time, and transpose that holus-bolus to the whole economy in matters of privacy protection.
We were very happy to evolve a regime that was quite innovative and quite effective that involved a first layer of taking ten principles developed by the OECD in a multi-party manner, where they had consumers, businesses, and governments evolve these principles. They were taken, again, in a multi-party approach by the Canadian Standards Association, which developed a code on them. And the legislation reflects this, that we had a base of self-regulation on which we then imposed a government body, the Office of the Privacy Commissioner, in an ombudsperson role, and then the courts to do enforcement, if, as, and when required.
This mixed model, which, as I said, is quite innovative and quite effective, has been recognized worldwide as truly an effective way of tackling this, this made-in-Canada solution.
So I would say, when you hear suggestions, I would be very loathe to take on anything that changes the fundamental structure. There's really no reason to undo that very successful approach.
I have a final comment in terms of context.
The vast majority of the members of our association are small businesses and the vast majority of the businesses that are clients of our technology companies, who have to deal with these information protection measures, are small businesses. These businesses do not have the means to continually adapt to changes in their operating approaches.
They don't have in-house law departments; they don't have the resources to have a lot of legal advice to change the way they do things.
So I would say, again, as a general approach, our industry feels you should be very cognizant of the maxim that if it ain't really broke, don't fix it; don't change the legislation unless absolutely necessary.
I'll pass it on to Ariane.