The Canadian Internet Policy and Public Interest Clinic (CIPPIC) recommended that the
Privacy Commissioner
of Canada should set up such a data base, and that all
breaches, however
slight, should appear in it.26 This would serve as an additional incentive for data holders to be prudent, to stay out
of the data base, and also provide a useful overview
of the state
of data security in the relevant jurisdiction.