I would reinforce what Ms. Robertson said.
I think transparency is actually the ally of effective cybersecurity. A lot of mistakes get made when things are stored in the dark. Rather than allowing our security establishments to hoover up the maximum possible amount of information and sit on all of it, I think putting some limits in terms of retaining only information that is strictly necessary and deleting other information at a certain point helps minimize the risk of that information transfer.