I think the requirement for that breach notification is a big part of it. The importance of this should not be underestimated. As I have said, and as we all know, breaches are a growing concern. With this requirement for organizations to advise both my office and individuals, we ensure, of course, that individuals are more regularly advised, and it will allow the office to analyze trends and to provide useful, practical, grounded advice to both organizations and individuals on how to reduce the risk of these data breaches. That's a big part.
Other than that, the compliance agreements will further enhance our ability to ensure compliance by organizations in a model without order-making power, but still it's a useful development to enhance these compliance mechanisms.
Consent is a big part of PIPEDA, and I think it's useful to have this clarification of what actually is consent. We obviously know that it is a huge challenge for organizations to properly advise individuals of the reasons they collect information and they use it, so any tool that enhances, that provides an incentive for organizations to be clearer, and to take into account the context of the individual or consumer I think helps Canadians.