Should we have the right to a reasonable expiration date on individually identifiable data that’s collected? Should we have the right to know what security/encryption standards are used to protect data that is collected?