Thank you.
Both Mr. Peterson and Mr. Tilson raised more or less the same point, that you seem to be more or less in agreement on things. I don't know if it's just me, but I detect a nuanced difference in your approach to what one calls breach notification and the other one calls duty to notify.
The banks say they do not believe that legislative requirements are needed, period, full stop, end of story. The credit unions support in principle the concept of duty to notify, but if the Government of Canada decides to legislate, there should be a reasonable threshold. That's not quite the same as saying there should be no legislative requirements. Am I right in that interpretation? Yes? Okay, thank you.
Mr. Dhaliwal.