One way that the act can address the proper balance is by ensuring that you're capturing the right transactions in the mandatory pre-notification procedure. That requires that when you define “prescribed business activity”, you're focusing in on those areas and those transactions, so it's the acquisitions of businesses in sectors that are involved in certain activities that raise the most national security concerns.
Currently, we have national security guidelines. They have an annex that includes a list of factors. It's about 10 items long. They're very broad. They don't give a lot of guidance. They might just say “biotechnology” or “quantum computing”. I don't have the list in front of me, but it is extremely broad and gives very little guidance.
Another source of guidance might be looking at what other jurisdictions have done. The NSIA in the U.K. has quite a long description of the types of transactions that raise national security risks. CFIUS has a lot of information describing the types of sectors and activities that create national security risks. That's one angle.