Thank you.
I'm going to ask all of you the following two questions.
First, in the case where you're using a tool on a mobile device or computer that your employees do access—this is just your opinion—do you think it would be judicious for your institutions to consult the OPC before deploying that use?
Second, would adding a legal obligation in the Privacy Act to conduct PIAs and to submit them to the Office of the Privacy Commissioner of Canada make the process clearer for your institution, and in particular, for government institutions in general—so both your department and all departments?
My asking these questions is not a gotcha. It's to hopefully have a report that provides us with clear recommendations to the government to improve the processes, so you don't have to be here again for these types of scenarios.