Thank you all for being here. It's very interesting and much appreciated.
My first question concerns the necessity requirement that we find in section 4 of the act currently, which says that information collected must relate directly to an operating program or activity of an institution.
When we hear that the government has been snooping on the social media of Canadians and millions of records have been data-mined, so to speak, how do you conceive that we should narrow that necessity requirement? Are there specific suggestions you would make to us? What I've read from Mr. Therrien is a pretty broad suggestion. Are there examples around the world that you could point us to as we review the Privacy Act?
I'd start with Madam Austin.