I'm not sure I'm the best one to answer all parts of that question, but let me take a first cut and then somebody can come in with a bit of fire support.
I think taking a half-step back might be helpful to talk about the data storage. There have been a significant number of questions from MP Kirkland and some others—really necessary questions—asking whether that increases the risk of the government mandating specific companies to retain extra data than they would have from a proprietary perspective for a set of reasons.
The first thing I would say is that many of these companies, but not all, retain a huge amount of data for all kinds of different reasons, data that goes far beyond what we're asking for in this bill. In many cases, that's for billing reasons. In other cases, it's for marketing reasons. It's for a whole range of different motivations, let's say. On this idea of the fundamental culture of how data is retained in this country, I think we're already there. The number of times we or folks we know hit “accept all” in any given day is really high and should be scary. This isn't the Rubicon that we're crossing with this bill. This is the data-driven world we have been living in for a while already.
In terms of the vulnerabilities around requiring additional retention of data, the half-step back I'd like to take might be to look at the financial sector as a parallel. It's not a perfect comparator, but it's one that's, let's say, a little less charged than what we're talking about here.
In the financial services world, more records and better records are seen as an inherently positive addition of robustness. Again, it is incredibly important—and we have been discussing that today, and it is at the heart of what we are trying to do—to ensure that we are not introducing unnecessary vulnerabilities. I have said a number of times that no technological system is 100% foolproof and unable to potentially be leveraged in certain circumstances.
I think what we're talking about here, though, is proportional. It's reasonable. It's limited, and it's for very clear applications, which are, again, in our case, highest-harm national security investigations. In the case of law enforcement, they are highest-harm criminal and transnational organized crime applications.
The parallel of the financial sector, where the same thing for different reasons is seen as a net positive—whereas in this case, it is seen or at least has been bandied about a little, as an unnecessary vulnerability—gives us a bit of perspective that could be helpful here.