I'd like to largely adopt the comments of my two colleagues and add one more example that gets a lot of attention and undermines public confidence and trust, and that's in the security context where we're getting increasingly large numbers and frequency of data breaches often with government-held data. This often leads to harm to individuals because it often leads to identity theft and other ancillary types of harm. It does erode public trust. Against the backdrop of this, this is information that citizens need to entrust to their government to participate in daily life.
In that particular subset of considerations, in addition to the ones mentioned by my colleagues, should be imposing and formalizing obligations for technical security safeguards so that the Privacy Commissioner's office can leverage the expertise it has in this field to ensure we adopt high levels of technical safeguards, imposing notification obligations so that individuals are uniformly notified when these types of breaches happen and are able to take remedial action. These types of things really are important moving forward because they're going to be more problematic down the road, not less.