In addition to everything Professor Wark just said, I would add that I think there are ways to improve the timing of assessments on necessity and proportionality, if those were adopted, and those would involve, I think, better training in government agencies that are going to be the recipients of these requests and that are not inherently national security agencies. You could train people within these agencies to identify this information or to become more familiarized with the standards that are required to make those assessments.
Necessity and proportionality are both very core operative principles that are used all the time in this context. They're not new ones that are just imposed here at random. They're the ones that CSIS currently operates under, as we heard, and they're the ones that other agencies operate under regularly.
Imposing those standards does not really limit the ability of the existing agencies to get information that they're not already getting—and we haven't heard that they're not getting enough information—but with sufficient training and resources, maybe you can get around the issues related to timing.
In addition, one of the outstanding recommendations from Commissioner Major of the Air India commission was to have a centralized national security entity to address information flows between security and policing and other types of agencies, and to have that type of entity or another agency, such as the Privacy Commissioner for Canada, with a better resource and more expansive mandate or a more expanded expert review body with additional operational capabilities, take a more active role in interacting with government agencies and helping them to make assessments around whether specific items of information are or are not necessary to achieve threats. I think having that type of capacity within government or within an entity within government to facilitate that type of information flow could address any of the timing concerns while maintaining the privacy standard that should be kept.