There are some good things in the bill. It requires immediate notification, which is very positive. The act that governs my duties, the Privacy Act, mentions sending a notice as soon as possible. I already recommended that it be strengthened, for example by saying that it must be sent within a maximum of seven business days. Here, we're talking about immediate notification. That's positive, and it also raises a question.
For example, if the Bank of Canada or other entities were involved, I could also receive a notification, because those entities would also be subject to the privacy regime. Therefore, we need to be able to work together. One of the themes I've been focusing on for a long time is that regulators should be able to share information among themselves when it helps them fulfill their respective mandates. The same theme arises when departments are victims of privacy breaches. Often, there is a slowdown because of the time it takes for the various sections to talk to each other, and it's the same thing for private businesses.
This is very important, and I think the bill is going in the right direction in that regard.