If digital government is the property of the government and if there was hypothetically a significant and serious data breach, a damaging data breach, involving the privacy of Canadian citizens or anyone in the digital government system, would you think it would be the Privacy Commissioner that would level penalties against those responsible for that data breach? How would that work if government is actually the corporate controller of that system?
On January 31st, 2019. See this statement in context.