ICO claims EU data law is ‘showing its age’
By Nicole Kobie,
The European Data Directive is “showing its age” and needs an overhaul to meet modern data protection requirements, according to a report commissioned by the Information Commissioner's Office (ICO).
The 13-year-old directive sets out how private data must be handled in the European Union (EU) and therefore its member states. The report by RAND said the directive has had a largely positive effect on privacy across the EU, but needs to react to changes in how data is used – be it by individuals on social networking sites or companies for e-commerce.
“The directive is showing its age,” Information Commissioner Richard Thomas said in a statement, explaining that regulation must refocus on the real risks faced by people. “Massive technological advances, global trade and the need for personal information to cross international borders all signal the need for the law to evolve.”
The report claimed the directive was outmoded, costly to comply with and inconsistent, but praised the regulation for its neutral approach to technology.
While some interviewed for the report suggested scrapping the directive, the overall conclusion was that it needs to be tweaked. Shifting the “emphasis” of some concepts while better enforcing current rules would bring more value to the existing system.
Thomas warned that any new legislation must consider privacy. “Data protection law also needs to recognise that society as a whole suffers where the improper use of personal information results in unwarranted intrusion into private lives or excessive governmental or organisational power,” Thomas said.
Thomas added that data protection is an issue for everyone to consider, especially governments and businesses.
“Data protection is too important to be left to data protection specialists talking to each other,” he said, adding: “Safeguarding personal information has become a major reputational issue for businesses and governments. They must be held accountable if things go wrong.”
“Organisations must embed privacy by design and data protection must become a top level corporate governance issue,” he added.
The Data Protection Act in the UK, which is more than a decade old, has also faced calls for modernisation. Click here to read our top five data protection tips.
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
Do British police get cyber security?
Davey Winder listens to telephone conversations between the FBI and the Metropolitan Police, courtesy of Anonymous, and isn't impressed.
- Who to trust after the VeriSign hack?
- Striving to solve the security skills crisis
- Would you employ a hacker or malware writer?
- Q&A: Raj Samani, CTO McAfee
- Erase and rewind: the EU and privacy
- My email address is [CENSORED]
- Is there such a thing as a secure tablet?
- 2011: The year in news
- BYOD: Old or new, good or bad?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- Ubuntu vs. Windows 7 on the business desktop
- York researchers heat storage to speed up data
- BlackBerry Bold 9790 review
- OneNote hits Google?s Android
- O2 trials Olympic-scale remote working
- Will someone rid me of these troublesome Macs?
- Lenovo beats expectations again
- Who to trust after the VeriSign hack?
- Google to promise fairness after Motorola buy
- Report: Google cloud storage coming soon
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
