I can be very brief, but bells are going to ring at any moment.
Madam Stoddart, I'm still interested in section 10, the cross-border sharing of data and information. It strikes me that if the privacy of your personal information is compromised domestically, it might be inconvenient or you might even be ripped off in a credit card scam, but if your personal information is compromised internationally you might wind up in a Syrian jail being tortured and might be killed. It's really serious.
What struck me is that your office did a study, an overview, of 21 information-sharing agreements between Canada and the U.S. and found that two-thirds of them didn't have any kind of adequate protection in terms of the type of information to be shared or any third party controls. In other words, we could share that information with one agency, but there's no stated limitation on their sharing it with further agencies. So we lose control of it.
If we get your recommendations into the Privacy Act, will that move have, in your opinion, a ripple effect to add elements to those international agreements? Will we have primacy? Will the Privacy Act automatically permeate into those international agreements, or would they have to be renegotiated, in your view?