Information & Ethics committee  That's no problem. Thank you for having us.

Information & Ethics committee  They do. Sorry, was that your question?

Information & Ethics committee  What I do is I differentiate between open data strategies and proper open data practices. What we're seeing is that some countries are supporting open data activities, but those open data strategies are not necessarily effective. For example, you might have specific countries that are publishing datasets that they simply have no need for.

Information & Ethics committee  Sure, thank you for the question. What we find is that Europol, for example, is an organization that is obviously a law enforcement body, but it's one that is very, very connected with their equivalent in Asia. They have touch points in Canada as well. One of the things they do differently is they publicize a lot of their successes.

Information & Ethics committee  That's an excellent question. We're finding that the most meaningful research we're doing is at the enterprise level. It accounts for the vast majority of personal information breaches, and for the breaches that are in the tens or even hundreds of millions of victims. So in looking at how large organizations are handling data breaches, we're finding it entirely inadequate because there is a huge machine that kicks in.

Information & Ethics committee  I happen to be in Florida on vacation. I am based in Toronto and live in Toronto; however, I can still answer that question. That's why I didn't interrupt you.

Information & Ethics committee  It is my job to keep an eye on how legislation is effectively assisting with combatting cybercrime around the world. Because we're advising at the board level, we need to have that kind of visibility across not just sectors, but borders. What we're finding is that the rumours are true: Canada's privacy legislation and Australia's for the most part are very innovative and very effective in and of themselves; however, they're not being used effectively.

Information & Ethics committee  Thank you again for the opportunity. I appreciate being invited. My name is Claudiu Popa. I own a risk management consultancy in Toronto. We're focused on security and privacy consulting. We operate nationally across most sectors. We audit globally. We provide risk assessment services of a privacy and security nature, as well as business continuity and disaster recovery.