The other piece I want to ask about is the vulnerabilities equities process that exists within the NSA in the U.S. On the same topic of transparency, I'm wondering about this. More and more, especially with the existence of the centre, I'm assuming that there's going to be more work done to identify these vulnerabilities.
In Bill C-59, a lot of the pieces involve working with the private sector to identify the vulnerabilities and to, in some cases, even study them to a certain extent. I don't want to rehash the debate that we've had quite extensively at this committee, but is there a specific protocol that exists here, in the same way that the NSA has developed one, in order to disclose to the public and parliamentarians, etc., the existence of vulnerabilities in software and such?