I'm sure Ms. Brown will want to add detail to my answer, but that is correct.
At the time, the CRA was certainly monitoring privacy breaches, but we were doing it by monitoring and tracking centrally the number of investigations. At the time that question was asked, we had not centrally started to record within each investigation how many breaches had occurred and how many individuals had been affected.
Mr. Angus' question asked for that specific detail. In order to be able to produce it, we would have had to go back through many years of reports and manually cull that information from those reports.
With Mr. Angus' guidance, we've changed our process so that we now are able to centrally track both individuals and numbers of breaches within each investigation.