Thanks very much.
I wanted to begin with the recommendations of your predecessor with respect to PIPEDA. I want to start with enforcement powers, which you touched on.
There was no clear recommendation in Ms. Stoddart's view. She said there should be greater enforcement powers and that we were actually lagging behind other jurisdictions. Then she recommended statutory damages, the power to make orders, the power to impose administrative monetary penalties, or some combination thereof. She noted that, in 2013, the U.K. Information Commissioner's Office levied a £250,000 fine against Sony for a breach that affected millions of PlayStation users.
In your view, should we be looking at statutory damages? Should we be looking at giving you order-making powers, or should we be looking at giving you administrative monetary fining powers? What would be most effective?