Thank you for that question.
I was trying to draw, in that statement, a distinction between harmonizational convergence, which is a harmonization of text ensuring that the statutes essentially say the same thing, and interoperability, which I think means something subtlely different. It means that if businesses have a requirement to do something in one province or one jurisdiction, such as a privacy impact assessment under Quebec's law 25, it will in fact be accepted by a regulator elsewhere. You can see that distinction in Canada among different provincial laws that have been worked out over time pragmatically, but it's also important to see it internationally through the GDPR.
That was the point I was trying to make. I'm not an expert on Quebec law, but I was trying to point out certain areas in Quebec's law where I think businesses would be required to do more under that law than they would under the current text of Bill C-27. Then you have to ask this question: What might be the economic impact of that across Canada if the CPPA is perceived to be lowering the standard within the Quebec legislation? That's the point I was making.
I think the particular provision on international data flows is an interesting example, because in the CPPA at the moment there's really nothing explicit for businesses on what to do when they are processing data offshore, and the vast majority of data protection laws that I know of.... This is also something that's of critical importance to the European Union when it comes to making a judgment about the adequacy, and the continued adequacy, of our laws in Canada. What happens when data on Europeans comes to Canada and then it is processed offshore elsewhere? Those are critical questions. I think there would be some concerns about that by our European friends when they come to make those judgments.
I hope that answers your question.