That's a great question. I would emphasize the need for safeguards, which is an issue that is coming up in charter jurisprudence. That is partly why we are arguing for an improved accuracy obligation in the Privacy Act itself to set up some obligation to get those assurances.
I think what you need in these alliances and these international contexts is to protect each other's citizens through treaties that agree to extend certain kinds of rights. Then you have audit processes under them, so that people can go and take a look at the information practices. I don't think you can solve that through a privacy act.