ICO blasts sluggish speed of EU data law reforms

Information Commissioner calls for sensible laws when it comes to personal data

Europe

Progress towards updating European data protection laws is moving at a "snail's pace", according to the Information Commissioner's Office (ICO).

The EU's current data protection measures are decades out-of-date, while lawmakers risk falling further behind with each new technological innovation around data, the watchdog warned yesterday.

In a speech at Liverpool John Moores University, Information Commissioner Christopher Graham pointed out that bodies like the ICO are forced to protect people's data armed with ancient legislation like the 1995 Data Protection Directive.

"Today that 20-year-old Directive is scarcely fit for purpose as the technology and the uses of data have raced further ahead of anything the law makers envisaged," he said.

"The institutions of the European Union are moving, but at a snail's pace, to reform the data protection regime with a new regulation which would apply uniformly across the single market."

That EU Data Regulation will replace the 1995 directive, aiming to give citizens more control over who uses their personal data, a right to be forgotten, and will also require companies to get people's explicit consent to use their data.

The regulation was due to be adopted into law this year, but EU countries keep hitting sticking points.

One objection raised was by the British Government last month, which called the explicit consent requirement "unjustified".

Graham said that while the regulation is debated, citizens' data is becoming increasingly at risk the more people use the internet.

"Whatever we do online, we are leaving a trail of personal data which can be analysed, linked, mashed, and crunched. And our privacy is more and more compromised," he said.

The commissioner said it was vital that citizens can trust those who wish to use their information.

He pointed to the example of the NHS's controversial care.data scheme, under which patient data will be shared between GP surgeries and hospitals, as a beneficial move undermined by a lack of trust.

The project was postponed after the public was inadequately consulted, and the director of patient information at the NHS, Tim Kelsey, said yesterday that the initiative was starting anew this year.

Graham said the project "depends crucially on citizen confidence which, following last year's botched communications exercise, is in short supply."

However, he said a balance could be achieved with "proportionate, risk-based enforcement".

"The laws have to be practical and realistic and not tie data protection authorities like mine up in knots attempting to enforce over-spec'd procedural obligations when the emphasis should be on promotion of good practice for data controllers and consumers," he added.

"Sensible laws and sensible citizens can protect privacy and still enable good things to happen online."

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Recommended

MPs turn on the ICO over contact-tracing fiasco
Information Commissioner

MPs turn on the ICO over contact-tracing fiasco

21 Aug 2020
ICO to relax GDPR enforcement during coronavirus economic downturn
General Data Protection Regulation (GDPR)

ICO to relax GDPR enforcement during coronavirus economic downturn

16 Apr 2020
What is the Information Commissioner’s Office (ICO)?
Information Commissioner

What is the Information Commissioner’s Office (ICO)?

15 Apr 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021
How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021
Ransomware operators are exploiting VMware ESXi flaws
ransomware

Ransomware operators are exploiting VMware ESXi flaws

1 Mar 2021