May I just make a comment about the U.S. regime?
I think they have some significant challenges. They have used a mechanism described initially, I think, as a “safe harbour”, which is almost a self-certification system for U.S. companies doing business in Europe. That was challenged in court in Europe and in fact went down; it was ruled contrary to European law. They then developed a privacy shield, and I gather that there are challenges to that.
The United States has a very patchwork approach to privacy, and it's often sectoral. There might be a law for child protection; there might be a law through the Federal Trade Commission for unfair trade practices. They don't have a uniform, standard approach to these things.
Frankly, this may actually be a Canadian competitive advantage in dealing with our European colleagues.
I wouldn't overstate the differences among our Canadian jurisdictions. There's some similarity in the consent provisions. I think we would agree that on the mandatory breach notification, everybody is going to have to come up to that standard. Nonetheless, said, there is some degree of uniformity across the country, in addition to the fact, which we mentioned earlier, that there is cooperation among our offices across the country.