I saw the departments' responses. They've provided information about the types of programs they would use this for. There hasn't been anything that has worried me in terms of this being a completely inappropriate purpose or use. They're using this to fulfill their mandates as organizations, to apply their enabling legislation or to do some investigation.
What I'm concerned about is this: Has the privacy consideration been done well, was it done in time and have the risks been mitigated? Obviously, that's my purview. Specific questions about the legitimate authority they have or their mandates would be distinct and perhaps things this committee can ask.
My concern at this stage is that we need to consider the privacy impact in all situations where you can impact the privacy of Canadians. That's not always been done.