I'll add to that.
Having had the opportunity to speak to some of the experts in the open banking or consumer-driven banking space in recent days, I'm comfortable sharing that when considering specific issues related to consent, authorization and authentication—which are each different steps in the value chain that all need to be appropriately managed for different purposes within the consumer-driven banking system—insisting that all financial data become sensitive information changes the calibration of the work that's under way there. I think it would be entirely reasonable to say that it's likely to slow down the advancement of the work that's currently being contemplated. There's an important distinction to be made between express consent when sensitive or personal information is being managed and elements that, while still being designated as personal information, may not attract a level of sensitivity given the context of the use or disclosure that's being made to enable open banking, which in some cases is about transferring information to enable services to be provided.
The point here is that's it's a bit like an iceberg. We need to understand that express consent is visible and available to all of us as consumers in the system, but there's a lot of work that needs to go on in the plumbing, if you will, to share data that wouldn't be sensitive given the context, in order to enable the provision of services that we see at the consumer level.