There are provisions under clause 7 that provide exceptions, for example, for protecting for fraud, and it was discussed in the previous session. There is no provision to manage a cybersecurity hack, for instance. An example is the Waledac. It was a botnet that attacked large numbers of computers, and it had the ability to send 1.5 billion spam e-mails a day. The only way to counteract that is to collect information from those computers that are hacked and then provide advice to those individuals on how to solve that problem. It has to happen in a fairly short period of time; you wouldn't have time to collect the consent to do that. For businesses to operate and share information and collect information in real time, they do need some kind of exception to operate.
On February 17th, 2015. See this statement in context.