The Information Commissioner’s Office (ICO) has called for an international debate on data protection laws in Europe.
The ICO has commissioned independent think tank RAND Europe to carry out a comprehensive assessment of the strengths and weaknesses of European Data Protection law to identify prospects for reform.
The current European Directive is "no longer fit for purpose" and European Data Protection law "needs to be modernised to meet the technological and social challenges of the 21st century," the ICO has said.
“European data protection law is increasingly seen as out of date, bureaucratic and excessively prescriptive, said UK Information Commissioner Richard Thomas at the Privacy Laws and Business conference in Cambridge.
"It is showing its age and is failing to meet new challenges to privacy, such as the transfer of personal details across international borders and the huge growth in personal information online. It is high time the law is reviewed and updated for the modern world."
The research will review how consumers’ rights can be improved in a "rapidly evolving information society". It will provide EU bodies, national governments and the data protection community with proposals for improving regulatory approaches to protecting privacy and personal information. One such amendment to the directive could include the introduction of a law that forces organisations to reveal data breaches.
Thomas said he hoped the UK government would support better regulation and practical approaches to international data protection.
The study, conducted by RAND Europe, will be made publicly available in Spring 2009.