That's good. It brings a new meaning to the words “destroy the key”. I guess we're going to have to be a little careful there. It was very comforting to know that my facial image was of little or no value, but I know you didn't mean it that particular way. I'm just being silly, of course.
Thank you for that explanation. I understand it perfectly well. It's how I suspected it was going to work.
I want to talk about the deletion of information. I was an Oracle database administrator. Whether it's a relational database or whether it's an object-oriented database, whatever the case may be, the data is stored in various forms, depending on the system being used. Very often, in the design of user interfaces and so on, information is collected, or sometimes we ask for our information to be taken out of a database, and the difference between deactivation and deletion is quite significant because we can deactivate records. We can make it look as if somebody is no longer a customer, no longer a client, but we still retain all the data for past transactions in the database.
We may be required to keep that information for tax purposes, for various legal or statutory reasons. But at some point in some of these transactions, where people's privacy is given up for the use of free application software on a mobile application, that's a completely different transaction.
I'm wondering if you, Dr. Cavoukian, or you, Ms. Denham, can speak about what you do when a user or a citizen requests the deletion of information. What can be done to better protect those Canadians?