As I've said, I think the first step is transparency, getting them out in the open, and that would start by possibly a recommendation that they at least be authorized by legislation, and then listed, perhaps, in a regulation to the act. We do that for investigative bodies. It allows a certain level of transparency. It allows the public, and organizations representing the public, to at least go somewhere and see what these arrangements and agreements are.
So far we've found it impossible to gather. We've been trying to figure out to what extent Canadians' data, when they're held by, say, a foreign company in the States, are protected against privacy invasions, as compared to when they're held in Canada by a Canadian corporation. It has been extremely difficult to do that analysis.