Feeds

UK biz baffled by Reding's planned data protection law rewrite: ICO

'I've forgotten. What does right to be forgotten actually mean?'

Secure remote control for conventional and virtual desktops

A large number of British businesses are clueless about many of the main provisions detailed in the European Union's proposed data protection reforms, a new report from the Information Commissioner's Office has claimed.

Consultancy firm London Economics - which was commissioned to carry out the research (PDF) on behalf of the ICO - surveyed 506 companies in the UK and found that 87 per cent of them failed to estimate how much money the planned legislative overhaul might cost their biz.

Justice commissioner Viviane Reding tabled her draft data protection bill in January 2012. It is currently being scrutinised by the European Parliament. The British government has been scathing about many of the proposals laid out in the legislative rewrite, which could lead to a single law on information-handling with which every member state will need to comply.

National governments presently have a patchwork approach to EU data protection legislation based on the 18-year-old Data Protection Directive of 1995 and coordinated by many different watchdogs.

Reding wants to change that, but UK government ministers and Information Commissioner Christopher Graham have long argued that many of the provisions in the draft are overly prescriptive and unworkable on a national level.

Graham has previously described Reding's approach to data protection regulation as "anal".

The report found that 40 per cent of Brit companies are struggling to grapple with the 10 main provisions proposed in the draft bill.

It highlighted that a whopping 82 per cent of businesses surveyed in the report were unable to quantify how much they currently spend on data protection. Small firms were particularly baffled about the plans, while larger organisations with over 250 employees that process more than 100,000 records were better equipped to deal with data protection compliance.

"There has been much talk of ‘what is best for business’, but that must be based on valid evidence. This reform is too important for guesswork," said Graham, who was speaking at a conference in Berlin, Germany on Tuesday.

"[This] report is the latest contribution from the ICO to this debate. We’d urge the European Commission to take on board what it says, and to refocus on the importance of developing legislation that delivers real protections for consumers without damaging business or hobbling regulators."

The data watchdog's chief also urged British companies to continue to lobby the EU.

"Businesses and other stakeholders need to constructively engage with the debate about burdens and the importance of privacy rights, while the process can still be influenced," he said.

Reding's data protection regulation - if successfully passed by parliament - isn't expected to come into force until 2015 at the earliest.

In March, the commissioner's bill was savaged by at least nine member states after countries including Britain successfully argued that the proposed directive was too rigid and cumbersome for businesses operating within the 27 members' state bloc. ®

Intelligent flash storage arrays

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Internet Security Threat Report 2014
An overview and analysis of the year in global threat activity: identify, analyze, and provide commentary on emerging trends in the dynamic threat landscape.