How much do you value your digital privacy? What about the privacy of your children?
One of the reasons I am supportive of Internal Audit reporting to the city manager is that administrative details, like the one I brought to Council's attention last year and like the recommendations for risk management expected of Internal Audit, should not be handled by City Council or through governance decisions. Council's role in dealing with this type issue should be managed through broad policy statements directing administration to take all reasonable steps to safeguard the information of residents and users of city-operated facilities.
(I sound like this because I had a wicked cold! My favourite part is when Councillor Russell laughs!)