Treasury Board has already issued guidelines to departments on breach notification--and I think the minister spoke to that--which does set a standard on data that is inadvertently disclosed.
I understand there is also a consultation taking place in the context of PIPEDA to look at that whole issue. I think we will wait and see what that consultation shows us, and then perhaps we can take a look.
I don't know if you've seen the guidelines from Treasury Board on that. You do have them? That would also be useful to take a look at, perhaps, to see what the standards are that have been set.