I'll just supplement that very briefly from a Treasury Board official's perspective. There are a number of different aspects of privacy, but I'll speak to two of them very briefly.
The first is technical. Technical requirements, technical standards and technical risks around privacy are changing rapidly as we transition from a server base to a cloud environment and other things. Treasury Board is taking a leadership role in trying to ensure that the privacy of Canadians' information that the government collects is as secure as it can be. That is technically very difficult and very challenging cutting-edge material. We hope to get that right, but it's an ongoing and significant challenge for us in working with other departments and other governments.
As well, there are the behavioural aspects that you were referring to directly in your question. We try to make sure, through the use of internal audit and our other regular functions, that we have a good understanding of what data or information we have that would fall under the protection of privacy principles. We make sure that individuals and teams within the Treasury Board public service are aware of their legal requirements—their oath of office—to protect the integrity of that information and take that information seriously.
There is both a knowledge and a behavioural aspect of ensuring that we follow up on that on a consistent basis.