There are a number of different steps that need to be taken, and the first one, as you pointed out, is that Facebook needs to take responsibility. We hope that we have, and we need to continue to do work to make sure that people's information is safe on our platform. That's something we've invested in and that we have a responsibility to do, over and above the law. As Kevin mentioned in his opening comments, we have a responsibility to take a broader view of what we should do.
From my conversations about privacy regulation in Canada and around the world, I think taking a principles-based approach that provides strong privacy protections to Canadians and to people everywhere is important. That's something that exists in PIPEDA today.
I know this committee is undertaking a study and has published a report with recommendations regarding PIPEDA, and there's a lot in that study that's worth considering, but I think PIPEDA's fundamental principles-based approach and giving the Privacy Commissioner broad authority and discretion in how to apply that to new technologies and new situations is an appropriate model.