Euro bell tolls for UK's data protection regs

Deadline day for European review

The Ministry of Justice has said it has responded on time to the European Commission's request that it beef up British data protection to bring it into line with European law.

In June the Commission gave the UK government two months to strengthen protection for its citizens or go to the European Court.

The Ministry of Justice said today it had responded but it would be inappropriate to discuss it while negotiations were going on.

The UK needs to make its laws comply with the Data Protection Directive of 1995 so that UK citizens get the same protection as people in the rest of the European Community.

Major issues include the Information Commissioner's inability to investigate or randomly check companies or people who process data. Nor can the ICO enforce penalties on companies failing to properly protect data. The ICO also has no powers to investigate other countries' data protection practices.

Justice commissioner Viviane Reding said in June: "Having a watchdog with insufficient powers is like keeping your guard dog tied up in the basement."

The coalition government has already announced a longer-term review of data laws, which runs until October, and the ICO has long campaigned for stronger powers.

This week saw the biggest ever data loss fine - £2.3m, for Zurich Insurance - but that was imposed by the Financial Services Authority, not the ICO. The FSA is soon to be abolished and its powers handed to the Bank of England.

Maybe it is time to follow this example and make data protection a central part of every regulator's duties, leaving the ICO to rule on disputed Freedom of Information requests.

We've asked the European Commission for its response and will update this story should we receive it. ®

Sponsored: Today’s most dangerous security threats