View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
May 12, 2009

Data protection laws outdated: UK privacy tzar

Current law showing its age, report recommends rethink

By CBR Staff Writer

A report backed by the outgoing UK data privacy watchdog Richard Thomas has called for European legislation to be revised because the 1995 EU Data Protection Directive is flawed and needs to be updated.

Sponsored by The Information Commissioner’s Office, the Review of the European Data Protection Directive has outlined nine recommendations on how the law can remain valid in the face of new challenges.

“Although the flexibility of the Directive helps it to remain current, its effectiveness is undermined by the complexity of the cultural and national differences across which it must operate,” the report states.

The view is that increased globalisation, the ongoing march of technological capability and the changing ways that personal data is used need to be addressed by the legislation.

“The personal data agenda has become more acute. Data sharing and biometrics are increasingly regarded as valid tools for combating serious crime and international terrorism, and the creation of extensive databases of fingerprints is planned for the near future. Identity cards for the general public containing electronic fingerprints are already being rolled out in some countries, with several more planning to deploy such systems.”

Commissioned to examine the strengths and weaknesses of the European Data Protection Directive, the aim behind the study was to propose avenues for improvement. 

Content from our partners
Why food manufacturers must pursue greater visibility and agility
How to define an empowered chief data officer
Financial management can be onerous for CFOs, but new tech is helping lighten the load

Among its recommendations, the report proposes that the law should be clear about the outcomes it seeks; there should be stronger focus on the accountability of all organisations for safeguarding the information they handle; a more strategic approach to enforcement is needed; and improved arrangements are needed for the export of personal data outside the European area. 

Richard Thomas said, “The Directive is showing its age. Modern approaches to regulation mean that laws must concentrate on the real risks that people face in the modern world, must avoid unnecessary burdens, and must work well in practice.”

The report also noted that the way individuals are creating, using and storing personal data is contributing directly to how these factors play out. 

Large amounts of personal data are now stored on mobile phones, and social networking sites. Phones are now used as location-aware devices and interfaces to payment systems. Individuals can become publishers permitting audio-visual recording of personal data to be collected and transferred to the internet for limitless onward transfer and persistent storage. Web 2.0 technologies can also enable business activities such as behavioural advertising, which targets customers based on an in-depth understanding of their online browsing habits.

“This study is not meant to be an immediate blueprint for a new Directive. But we are hoping that its recommendations will stimulate debate and to encourage people to think about what 21st century data protection law should look like,” Thomas said.

The House of Commons Justice Committee has endorsed Christopher Graham’s appointment as the next Information Commissioner when Richard Thomas retires in June 2009.

Soon after the ICO requested this review, the European Commission apparently went on to publish its own request for a similar study.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU