That's an excellent question.
We think order making may actually lead to efficiencies because in the process that I've described currently with recommendation making, there is quite a bit of back and forth between us and departments during the investigative process and there's no real incentive for departments to respond to us quickly and completely. We think that amount of going back and forth would be reduced significantly with order making.
Concerning the requirement for privacy impact assessments, the obligation to have safeguards and breach notification, we recognize that this may increase costs for the government. Some departments actually have these practices, so for them, there would be no cost. However, for many, there would be an increase in costs. I don't think these increased costs would be large, but they would not be marginal. I would urge you to consider these costs as an investment to ensure that the public has trust in how the government deals with their personal information in a digital world.