I would say that we are proactive and reactive, depending on what it is we need to do. As far as audits are concerned, we are proactive. We decide to conduct an audit based on any risk we have identified. We decided to conduct an audit of the passenger protect program because we felt it posed certain risks to people's privacy.
On May 11th, 2010. See this statement in context.