Mr. Chairman, I'm going to supplement my colleague's comments.
For a number of years now, we have urged the Government of Canada to adopt a cyber security policy. We clearly have to have such a policy. I believe that Canada is now one of the only OECD countries without a policy on its cyber infrastructure. That's quite serious.
I would like to point out to you that our office does not have an obligation to protect data. That's up to each department, agency and organization. However, we increasingly take the opportunity to remind them of their responsibility in both the private and public sectors. The two acts, that is to say the Privacy Act and PIPEDA, require that all data be protected from all threats so that it remains confidential. Where there is an attack, we can investigate and suggest remedies. We've done that in a number of cases.