That's a good question. I don't grade the political parties. It's very difficult to do this on a common standard.
The experience in B.C., where political parties have had to comply with our legislation, which is pretty much based on the PIPEDA principles, has been quite encouraging. One of the things it forces parties to do is to consider internally all the different sources of personal information they have.
One of the difficulties with what I see at the federal level is that it is not clear what these privacy policies apply to. Some of them are based on data captured through the website, and some of them are more general.
To your point about smaller political parties, I actually think this is a way to level the playing field and allow smaller political parties into the game more effectively. This is one of the effects of social media as well. It should not be a costly compliance exercise.
Opposed to that argument, of course, is the cost of a data breach. Any organization that has suffered a major data breach will know that the costs of that, in terms of finance and reputation, are far in excess of the costs put in up front to develop a clear privacy code and some transparency for the Canadian electorate.
Mr. Masse, you asked an extremely good question. It needs far more analysis, but that would be my response at the moment.