I want to get back specifically to the PIAs. Do you have any way of knowing who has access to the information in the technology that you're reviewing? That's the first part.
Second, are there any current legislative or reporting mechanisms that would identify how often somebody's doing it? For instance, knowing that I have access to this type of, what I'll call, “digital voyeurism” is one thing, but not knowing how many times I'm using it is something completely different. In the case of CCTV, the voyeurism became a real thing when it became.... For police departments, there was evidence that they were using it to stalk women, to get information on their spouses or their ex-wives, and so on and so forth.
Do you currently have any mechanisms in place that would provide safeguards against this technology, which you may have approved in departments but for which you don't actually have oversight?