The British Information Commissioner has demanded that Europe take a "practical" approach to protecting the data rights of its citizens.
Christopher Graham warned the European Conference of Data Protection Authorities that the digital revolution was not waiting for the authorities to catch up.
Referring to research collated ahead of the conference, he noted that citizens were demanding control over their personal data, transparency at organisations that handle it, and security to protect it.
From regulators, citizens also want transparency, independence and consistency in how rules are enforced, as well as access to remedies in the event that data is mishandled.
"The point is that citizens and consumers attitudes to privacy are changing as they become accustomed to the digital deal," Graham said.
"Public attitudes and awareness may not be uniform. Tech savvy youngsters may not have thought through the implications of being quite so free with their data. Older people may not always understand quite what’s going on.
"But we have to understand what today’s data subjects understand about data – and what they expect of us as the guardians of their fundamental rights."
During the speech Graham discussed the impending update to EU data regulations, the most controversial provision of which is a mechanism that could allow regulators to fine companies up to 5% of global turnover.
Whilst he welcomed the measure, saying "it makes the punishment fit the crime – and fit the perpetrator", he also also said the top fine had to be used selectively to be effective.
At present the ICO is allowed to fine data controllers who flout their obligations up to £500,000, and the information commissioner argued that the simple fact it could do so had had a "big impact" even on businesses it had not fined.
Finishing his speech, Graham also said that data regulators must be appropriately funded in order to do their jobs. "Here it is worth challenging the politicians," he said. "Don’t legislate for what you are not prepared to fund."