Thank you.
I'd like you to talk more about the international aspect the chamber had referred to. I think you didn't want to hinder the economy and transborder transactions, and I couldn't agree more. But there are an awful lot of international transactions that go on with the United States, and other countries around the world, all over the world with computers and outsourcing of information. It's quite remarkable how it's expanded, actually. I quite concur with your observation. We have international insurance companies, companies whose head offices are in other countries. I'm not knowledgeable about that, but there's no question that there are insurance companies that cross borderlines.
On the issue of notification, of course different countries have different laws. Many of the states have different laws about notification. We had some witnesses here on Monday or Tuesday, the bank people. They said that unless there was some reasonable evidence of fraudulent activity, there didn't need to be any notification. There was a story a couple of years ago or a year ago, about some faxes from a bank ending up in a scrapyard in West Virginia. You may recall that story. There were social insurance numbers, home addresses, phone numbers, etc., and detailed banking information. We had a story just a few days ago about a whole bunch of information that just got lost. There's no evidence that it was stolen or used. But again, it included the same detailed information. Then we had the case of HomeSense and Winners--and I'm not criticizing those people--in which information was stolen. Hackers got in.
So my question to you is whether you agree with that philosophy of the banks who say that unless there's evidence of fraudulent activity, people don't need to be notified, or whether you think we need to go further than that. I appreciate that to notify a million people, the postage alone would drive a company crazy. Could both groups comment on that issue?