You're correct. In fact, I would point to page 43 in the bill, where it speaks about the information that can be accessed by the railway company. It's proposed subsection 17.91(2), which is in clause 62. It indicates that the information can only be randomly selected. That precludes the day-to-day watching of an employee for how they're performing, so that they can't do that. Based on that information, which goes to the next subsection, if they were to find through the use of the information a threat to safety of railway operations and if in accessing that randomly selected data they found something that was considered a prescribed safety threat, which is defined in the act, then they could use that for disciplinary purposes, if that were the case. However, that would be, I'll say, a very rare and egregious situation.
There are limits as to how the data can be selected. We will be enforcing that. The regulations will have how the data has to be treated. Somebody mentioned the Privacy Commissioner. As part of the development of the regulations, we have to develop a privacy impact statement that would show how the regulations would impact the privacy of an individual. We are working with that and we are contacting the Privacy Commissioner, as we need to make sure that we're doing it properly.
There are limits as to how the data can be accessed, limits as to how the data can be used, limits as to how the data will be retained. There are a lot of controls for that data.