Thank you. It's an intriguing question. I may not be the best person to try to answer it. I think it is an important question. It was raised, if my memory serves me properly, with the Privacy Commissioner in the previous session.
The best I can do is to give you my quick understanding of this, which is that there is a distinction between an entity listed in SCISA possessing information, if possessed lawfully under provisions of its own mandate, and the flow of information through the SCISA system to the receiving institutions. My assumption about the question of where the warrant regime sits in SCISA is, in part, based on the analogy with part C of CSE's mandate for assistance to CSIS and other security and law enforcement agencies. In other words, if an entity in SCISA possesses information under its own lawful mandate, and it has the grounds, which according to the act are as overly broad as these grounds might be, to share that information with another entity, then the receiving entity—in this case, perhaps, CSIS or the RCMP—would be receiving that information under the lawful authority of the original collector. From its perspective, as long as those receiving agencies had an appropriate mandate to receive that information, then they wouldn't require a secondary warrant to acquire it.
It's a very complex scheme, and I think it feeds back into the suggestion you've heard from many of us who have testified on SCISA, that the problem is created by the nature of the principles underlying SCISA, their overbreadth, and in particular the definition under which the act is meant to operate.