Information & Ethics committee  We would agree with that. I think that's a particularly important one from the provincial side. The B.C. model would be very good.

Information & Ethics committee  Absolutely.

Information & Ethics committee  There was actually a common law decision that said you can—

Information & Ethics committee  Yes, the Tournier case, in which it said you had the ability to take those steps. With PIPEDA coming in with the stricter sets of rules, it hemmed that in. So we're suggesting there should be an amendment that goes back to that common law standard.

Information & Ethics committee  In fact what we do now.... Obviously, PIPEDA applies, and we rely upon the implied consent provisions in the legislation. What we're suggesting is it would be more useful for greater clarity and certainty.... Is it Alberta or is it British Columbia that is the suggestion we have?

Information & Ethics committee  Section 22 of the Alberta provision we think is very specific. It happens now. We can work it under PIPEDA, but our sense is that for greater certainty and for clarity, section 22 in Alberta would be a useful one.

Information & Ethics committee  Let's go right back to what I was saying earlier. When there is a breach or an incident--let's call it an incident, you don't know if it's a breach yet--you don't know what the “it” is, and when you notify the police and the Privacy Commissioner, you have to do a fair amount of w

Information & Ethics committee  I take your point. This is very sensitive stuff, and it absolutely is the case that notification has to happen. We firmly believe that. We had two points. First of all, however you set the threshold, you have to set that threshold in a way that you are going to avoid two problem

Information & Ethics committee  I'm sorry, but I must answer in English. I mention credit cards as a particular instance. But no, if there's a problem with debit cards, if somebody has attained access to a card through identity theft or skimming, the customer is taken care of. The customer is made whole. Wh

Information & Ethics committee  Let's put this in context. Warren mentioned in his opening remarks that we have 11 million transactions a day. That's hundreds of millions of transactions a month, billions a year. We're aiming for perfection, but we're all people. Mistakes will occur, but they occur very rarely.

Information & Ethics committee  That's the basic principle; that is exactly the basic principle. Of course, what we try to do is to have systems in place that stop it before a fraud happens. We have systems that can detect unusual patterns, say, on your credit card; if there's a purchase in Toronto in the morni

Information & Ethics committee  Well, it's very difficult to speak for another part of the economy. You make a good point, in the sense that it's important to bear in mind that those breaches took place at retailers, but I think the point is, let's look at what has happened here. Nobody likes to see breaches,

Information & Ethics committee  Mr. Peterson, I'll look to see what my friends in the credit union industry have to say, but I think we're very consistent. As we've gone through the two recommendations, I think the overall view is that the legislation works well. We think it's a good base. We think it's working

Information & Ethics committee  There are a number of provisions. I know my colleague Mr. Law will want to talk about this. You can look through different kinds of products--for instance, on credit cards there's a zero-liability policy out there: if somebody gets your identity and uses your card fraudulently, y