The ICO said that Commissioner Richard Thomas would lead an international debate on how the law could and should change. Data protection laws across the EU are derived from the European Directive on Data Protection.
"European data protection law is increasingly seen as out of date, bureaucratic and excessively prescriptive," Thomas told a Cambridge privacy law conference. "It is showing its age and is failing to meet new challenges to privacy, such as the transfer of personal details across international borders and the huge growth in personal information online."
"It is high time the law is reviewed and updated for the modern world," he said.
Research firm RAND Europe has been commissioned to carry out the research which, Thomas hopes, will identify ways in which compliance with data protection law can become less of an administrative problem for business.
"This research will help identify ways we can make the law more straightforward and more effective in practice, but less burdensome for organisations," he said. "We are pleased that the European Commission has recently announced a study of its own and we expect our research to complement and strengthen the overall impetus for reform."
The ICO said that once the research was conducted it hoped to identify ways in which laws could be changed to help further protect individuals' privacy at a time when changes to the way that people and organisations work pose a threat to the protection of their data.