I'm not sure that it was proven, when the statute was originally introduced, that it was so necessary, that there was something so wrong with the way that the Privacy Act worked in allowing information sharing among government departments.
We've certainly seen evidence of, and royal commissions referring to, the challenges of information sharing between government departments that exist and national security agencies. If you accept that as a premise, then the challenge is to come up with the appropriate tool. I think one of the big problems that we have overall is that this is using a sledgehammer when perhaps a ball-peen hammer or something more precise would do.
This statute provides licence for bulk data movement from one department to another. I don't have any concern, when it's justifiable and proportionate in the circumstances, with the RCMP and CSIS working on exactly the same file. I don't have a problem if, let's say, the employment insurance folks have reason to suspect that there is something sketchy going on, and they provide that information to the RCMP when it relates to national security. What I find particularly problematic is the scale at which information movement could take place, and the lack of accountability.