Industry committee  We've issued a number of documents that seek to inform both organizations. We have given guidelines to organizations on this matter and also to individuals, so that exists. We're currently having discussions with stakeholders at the OPC in trying to establish new priorities for

Industry committee  I reiterate what I answered to Madam Nash, namely, yes, C-13 and S-4 on the issue of warrantless access to information create challenges and issues. The decision of the Supreme Court in Regina v. Spencer is extremely useful and sets good parameters. I think it would be useful t

Industry committee  One of the virtues of PIPEDA in my view is it is written in general terms, so it's conceivable that certain concepts like personal information, consent, or other concepts that are fundamental to PIPEDA might be further clarified. But on the whole I think it's better to have legis

Industry committee  I think you're referring to data brokers.

Industry committee  That is clearly an area of concern. When individuals, consumers by and large, provide information to companies, they do so on the basis that they will receive a direct service from the company, and the agreement between the individual and the organization is information provided

Industry committee  I think the requirement for that breach notification is a big part of it. The importance of this should not be underestimated. As I have said, and as we all know, breaches are a growing concern. With this requirement for organizations to advise both my office and individuals, we

Industry committee  We have approximately 180 employees.

Industry committee  Certainly, consent forms a significant part of the complaints we receive. Yes.

Industry committee  Yes. The number fluctuates, but it's roughly 60.

Industry committee  Yes.

Industry committee  The requirement in question would require organizations to keep records of data breaches of any kind. We will be able to review their records to determine whether or not appropriate breach notification has occurred, and it will allow us to determine trends generally on the issues

Industry committee  The corporations would have the obligation, and we would have the ability to review these records.

Industry committee  I believe you are probably referring to compliance agreements—

Industry committee  —so I'll ask my colleague Madam Kosseim to answer your question.

Industry committee  It's for two reasons, essentially. Point one, I totally agree that there needs to be provision in PIPEDA allowing organizations to address the issue of fraud or breaches of agreements that they may face. The question is how to do it. The current regime, I think, is preferable t