Thank you very much, Chair.
Mr. McKay, I think I'll just spend the three minutes with you.
You said that Google provides choice, transparency, control, and security to ensure that the people who use Google services have well-rounded protection. I just want to go back in time a little bit.
In 2014, the Privacy Commissioner found that Google had violated Canadian privacy laws through targeted online advertising. I think it had been based on a person's medical condition. Google's own privacy policy states that it will not target anything based on health, race, religion, or sexual orientation.
At the time, Google refused to comment publicly, but it did state that it had been working closely with the Office of the Privacy Commissioner and had resolved this issue. The Privacy Commissioner at the time noted that, “If an organization as sophisticated as Google had difficulty ensuring compliance with its privacy policy, surely others have the same challenges.”
You just stated that you're not in favour of any order-making power. Going forward, how does Google ensure that it will always be in compliance with these laws? Is it enough that the Privacy Commissioner raises this issue publicly, or do you favour an agreement where you're working together when these instances are raised? I just want to take note of how you take these emerging issues and prevent something like this from happening again.