I have a couple of thoughts. First of all, in terms of the policy ownership of the Privacy Act, my understanding is that the Treasury Board and the Department of Justice are basically the key stakeholders, and the Privacy Commissioner is obviously central.
We are in the position of a lot of other operational departments in that we'll operationalize whatever scheme Parliament seems to put in place.
I would say in response to your question that CSC is a little bit of a different department in some ways. We don't keep specific track of the exact number of requests that come from various categories, but because we have a large number of folks who are inmates in our system, those individuals frequently file privacy requests, largely about what's on their case management file. We're mandated by our statute to capture a large amount of information about all offenders, and there is actually a provision in our act that says that when get a request in writing, it should basically be processed in accordance with the terms of the Access to Information Act and the Privacy Act.
In terms of CSC as an organization, we're always going to have a large number of privacy requests, given the nature of our operations. Information is really the lifeblood of our business in terms of making decisions about offenders. It's always got to be up to date and it's always got to be as comprehensive as possible. There are always going to be issues around that, and I suspect we'll always be near the top of the list in terms of both the number of requests that come in and the number of complaints.
In response to your specific question, the Privacy Commissioner is putting forward these ten quick fixes. I read them with great interest.
What I'd say in response is that I don't feel we're in a position to comment on what the Privacy Commissioner feels they need to do their job. We will operationalize whatever Parliament decides is the appropriate scheme.