I don't have much to add to what the other panellists shared.
I would say that, for example, when CFIUS conducts its review, although it would look to see if companies follow prescribed standards, in part to determine if they're trustworthy, it can look at issues beyond standards that may be set for different reasons. For example, privacy standards may be to protect individuals as opposed to protecting national security. It may be one thing that CFIUS considers, but certainly, CFIUS looks beyond that.