I'll give a partial answer due to time considerations because that's a huge issue. Here we're talking about regulation of personal information in relation to the private sector, not the government. This is not the Privacy Act; this is PIPEDA.
Regarding the agreement in question, its value is having a template that can be used by any country, any member of the international conference of privacy commissioners, who wants to use it as opposed to the previous scenario where agreements were bilateral. We had a number of bilateral agreements before. Now we have this global arrangement that is accessible by commissioners. We will give you the exact number of countries in writing after. At this point, there are around 10 countries, so it's certainly not the whole globe.
What do we do when information is at risk in a country where we have no agreement? We can negotiate an agreement with that country if need be. It would be a matter of whether the co-operation that we're seeking in these agreements is co-operation with another privacy commissioner or data protection authority. Depending on the country, that other commissioner may or may not have a system such that we really want to co-operate, so that would be one consideration. That's the international framework.
I'll leave it there. There's much more to say, but I'll leave it there.