The current European Directive on data privacy is no longer fit for purpose, the UK Information Commissioner Richard Thomas has said.
His criticisms, made today at the Privacy Laws and Business annual conference in Cambridge, were meant to spark debate in the wake of the launch of new research into European privacy law sponsored by the Information Commissioner's Office (ICO).
"European data protection law is increasingly seen as out of date, bureaucratic and excessively prescriptive," said Thomas. "It is showing its age and is failing to meet new challenges to privacy, such as the transfer of personal details across international borders and the huge growth in personal information online. It is high time the law is reviewed and updated for the modern world."
The European Commission (EC) implemented the current European Union (EU) Directive on the protection of personal data in 1995. But ICO is responsible for the UK legal equivalent Data Protection Act that was introduced three years later in 1998, as well as the Freedom of Information Act 2000, Privacy and Electronic Communications Regulations 2003 and Environmental Information Regulations 2004.
From this position, the ICO said it was taking the lead in an international debate about the future direction of EU data protection law. It announced that independent not-for-profit research organisation, RAND Europe had won a competitive tender to carry out a comprehensive assessment of the strengths and weaknesses of EU law and to identify recommendations for reform.
Thomas said: "This research will help identify ways we can make the law more straightforward and more effective in practice, but less burdensome for organisations."
The ICO research is also intended to complement a similar study recently launched by the EC into data protection directive reform to meet new technological and social challenges. The ICO study will be published in spring 2009.
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
ICO admits it's too slow dealing with complaints – so it's eying up automation to cut staff workloadsNews The UK's data protection authority has apologized for being slow to respond to data protection complaints, saying it's been overwhelmed by increased workloads.
-
AI recruitment tools are still a privacy nightmare – here's how the ICO plans to crack down on misuseNews The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data
-
“You must do better”: Information Commissioner John Edwards calls on firms to beef up support for data breach victimsNews Companies need to treat victims with swift, practical action, according to the ICO
-
LinkedIn backtracks on AI training rules after user backlashNews UK-based LinkedIn users will now get the same protections as those elsewhere in Europe
-
UK's data protection watchdog deepens cooperation with National Crime AgencyNews The two bodies want to improve the support given to organizations experiencing cyber attacks and ransomware recovery
-
ICO slams Electoral Commission over security failuresNews The Electoral Commission has been reprimanded for poor security practices, including a failure to install security updates and weak password policies
-
Disgruntled ex-employees are using ‘weaponized’ data subject access requests to pester firmsNews Some disgruntled staff are using DSARs as a means to pressure former employers into a financial settlement
-
ICO reprimands Coventry school over repeated data protection failuresNews The ICO said the academy trust failed to follow previous guidance, which caused a serious data breach
