Data protection rules need updating

EC study reveals current law not suited to protecting online transfer of personal data

Half of UK firms feel that current data protection legislation is not suited to protecting the increasing amount of personal information being transferred over the internet, a new study from the European Commission (EC) has revealed.

The EC questioned 300 UK data controllers – those responsible for processing data within companies – and found that 36 percent felt the Data Protection Act (DPA) was not very well suited to the current amount of information being exchanged. A further 14 percent said the DPA was not at all suited for this purpose.

Respondents also called for a more targeted approach to applying data protection rules. Almost a third felt that the requirements were only relevant for certain industry sectors, while two-thirds favoured the introduction of data protection legislation specific to each sector.

The study highlighted a lack of awareness among data controllers about current rules, however – something that would no doubt be compounded by any attempt to introduce different rules for different sectors. Eighty-three percent of UK respondents said they would like further clarification about the practical application of data protection law, while almost a quarter revealed that they were not familiar with their requirements under the DPA.