Thank you, Mr. Chair.
Mr. Boucher, I didn't get a chance to ask you questions earlier.
My first question is about something your colleague Scott Jones said when he appeared before the committee as part of the other study we've been referring to a lot today. He said it was important that institutions and businesses report data breaches and thefts that affect them.
In its recommendation, the committee remained rather vague. Should it be mandatory to report such breaches to police in order to minimize the impact on the public and catch those responsible?
That brings me to two other questions. They're for you, Mr. Flynn.
Since the information remains online forever, should police treat these threats in the same way they do physical ones? If a murderer or someone else poses a physical threat, I imagine police investigations are conducted with a certain level of urgency. Should the same apply to cyberthreats? Desjardins contacted Quebec provincial police in December, if I'm not mistaken.
My last question is about background checks and ongoing security checks. Given how savvy individuals are these days, should these checks become the norm?
You can have the rest of my time to answer.