My annual reports contain many examples of matters involving the government, but the reports often appear 18 months after the events have taken place. A very common example, one that concerns me a great deal, is the security of personal information within the government. We know that there are failures in the requirement for personal information to be kept confidential and that the failures can occur in different ways. In my annual reports, I have described incidents of laptop computers containing taxpayers' information being left in some employees' cars.
I have also reported on more structural matters in my audit reports, such as protection measures, or the lack of them. I reported, for example, on the passport office and our vulnerability, in some of our points of service overseas, with regard to the protection of personal information. It seems to me that the process, which is now instantaneous, could be updated a little. Everything is virtual now. There is something profoundly anachronistic about producing a report 18 months after the fact.