With all due respect, having the opportunity to do work on it versus intentionally being given access to the personal information of Canadians are two separate things. A bad actor who has not been cleared by our intelligence services could build in future access. That's why it's so important that we have assurances about what risk mitigation was done and whether there have been any breaches. This is really important.
My mind is very much not at ease. We don't know how many times security clearance was waived. We don't know for whom security clearance was waived and we don't know if those folks who had it waived were ever even approved.
There are a lot of ways that foreign state actors can test our systems and our processes, and this looks like a great opportunity for them to do that. It's important to note that this information is not information that was exchanged between government officials. It was disclosed to a public individual—not a member of government—that they could work on our information management systems without having the clearance.
I'm not sure if you want to comment on that with my remaining time. My mind is very much not at ease because although not intentional, I think we're open to a lot of risk. The risk can't be overstated.