In some of your submissions and in some of your preambles, you also mentioned data breach notification and how you wanted that to be self-regulating. Can you enlighten the committee on why it would be an advantage for that to be self-regulating as opposed to mandatory?
On May 11th, 2017. See this statement in context.