Also, the working theory in Estonia is that the public or the citizens own the data. It's up to them how they dispense that data and who they allow it to be shared with.
If we go one step forward, if we start off with the public sector, obviously the private sector is going to have some involvement, whether it be bank information or other information. If the private sector has different technology and the public sector has different technology.... One of the examples that has been given is blockchain technology.
One entity is governed by PIPEDA and another entity is governed by the Privacy Act. How would you mesh both of them together? Where would the touchpoint be where you could allow the public sector and the private sector to maintain privacy but also to maintain their own jurisdiction?