That is fair enough.
On the subject of data matching, in your June 2006 report you suggest that there should be some reforms to the Privacy Act with respect to data matching. You use the example of CBSA matching data from Human Resources and tracking down people who are making EI claims but are outside the country. Obviously, there are examples of fraud.
When a government has limited resources, and those resources should be targeted to legitimate beneficiaries, are you suggesting that this kind of data sharing between CBSA and Human Resources, in this example, should not be occurring? Should the government not be in a position to match this data to prevent fraud?
You also suggest that we should define some principles that would help guide how we are allowed to match this data. What are some of the principles you're thinking of or suggesting?