I think if it were possible to achieve that through legislation, then other places would have tried that. But I do think the committee might want to look at the obligations and responsibilities of major companies and major platform providers, which, in the United States, have already started undertaking some responsibility with respect to vulnerabilities in their area. Microsoft, for example, has a threat response centre that looks at and considers threats. Those are activities that I think are appropriate and for which they should take responsibility just because their software is so popular. It's not just Microsoft; you can talk about Facebook and the situations of social media and many other sorts of popular platforms.
On March 24th, 2015. See this statement in context.