I'll just give you some thoughts. These are things that colleagues or other businesses have raised as well.
There are different ways to ensure that you have the sufficient AMPs; there is no doubt that the fines must be high. They must be significant or else they will just be viewed as a cost of doing business. There is no doubt that the $10 million is great to see, but who is going to apply to? There are different ways to ensure that the exposure to those kinds of penalties isn't faced by legitimate businesses. One of them is a narrower bill.
Another one is linking up, for example, unsolicited commercial e-mail with some of these other bad activities, so it's only if you send unsolicited commercial e-mail along with falsifying headers, or use inaccurate URLs where people go to visit, or accompany that with false information in the contents. You link it back to what is really the fraudulent behaviour, which is not just the sending of the e-mail; it's that business is trying to happen and I'm trying to obtain your personal banking information. If you link them to that and the AMPs are maybe attached more to those types of communications, that in and of itself already takes a lot off the table and definitely allows you to go after those 17 or 20 spammers here.
There are many different ways to do it, but the concept is to try to differentiate the exposure of the bad actors from legitimate Canadian business.