Based on the core principles, no. The aspects that I'm zoning in on are, one, that you have personal ownership of your data and personal control over it, that you have awareness of what they're doing, and that you have what's called the right to delete and the right for portability.
The second thing, which we haven't had much discussion on, which is a very central part of the GDPR and this was a tremendous tug-of-war between Brussels and Washington over many years, is this element of safe harbour in routing. It is important to understand that no matter what we regulate in Canada, I've been told by experts that something akin to 80% and 90% of our data is routed through the U.S. Even if I sent you an email across this table, it's routing outside. It's called a boomerang effect. You have to understand that, per U.S. law, Canadian data has no rights whatsoever in the United States. You have no right to privacy; you have no right to anything. What the EU also did was manage the routing so that it never left the jurisdiction of what they prescribed as appropriate treatment of that data.
The GDPR is nuanced. It was the subject of many years of debate, from many perspectives. Using GDPR-like approaches is a minimum we should take in Canada, and then look at other forms of activities, such as the economic development opportunities for primary industries that Mr. McKay talked about, and many other aspects that we could extend beyond that.
It's also very important to remember, although it's not the purview of this committee, that in parallel the EU did a sustained set of studies and plans on competition behaviour for what's called the inherent asymmetry of data, where the big get bigger. If you want to promote economic advancement and prosperity, you also have to look at the competitive structures of that.
Competition and GDPR dance in harmony through pretty much a decade of work.