The ICO said that Commissioner Richard Thomas would lead an
international debate on how the law could and should change. Data
protection laws across the EU are derived from the European
Directive on Data Protection.
"European data protection law is increasingly seen as out of
date, bureaucratic and excessively prescriptive," Thomas told a
Cambridge privacy law conference. "It is showing its age and is
failing to meet new challenges to privacy, such as the transfer of
personal details across international borders and the huge growth
in personal information online."
"It is high time the law is reviewed and updated for the modern
world," he said.
Research firm RAND Europe has been commissioned to carry out the
research which, Thomas hopes, will identify ways in which
compliance with data protection law can become less of an
administrative problem for business.
"This research will help identify ways we can make the law more
straightforward and more effective in practice, but less burdensome
for organisations," he said. "We are pleased that the European
Commission has recently announced a study of its own and we expect
our research to complement and strengthen the overall impetus for
reform."
The ICO said that once the research was conducted it hoped to
identify ways in which laws could be changed to help further
protect individuals' privacy at a time when changes to the way that
people and organisations work pose a threat to the protection of
their data.
