If I'm clear from what you're saying, at least for CER-regulated industries, many of the practices for cybersecurity that are in this bill are already in practice. Just to summarize what you said, this bill is really just formalizing something that already exists. I think it wouldn't be a stretch to say that across a number of other sectors, including the CRTC, these practices, and in some cases regulations, already exist to ensure cybersecurity.
I'm concerned that the government is looking at formalizing this and also increasing its powers, when Canadians should be somewhat assured that, at least in your industry, there already is significant spending by the private sector on this.
Electricity Canada also said that there was a concern that this new, formalized legislation could create a chilling effect. Rather than having a very good relationship between, for example, yourself and the designated operators underneath you, where you have a very open dialogue about cybersecurity and what needs to be done, there could be a chilling effect where lawyers are advising companies to give the government only the information that's necessary under the act.
Can you comment on that chilling effect? Do you agree with Electricity Canada that there's a bit of a threat that this chilling effect could occur?