In April 2010, the European Commission announced plans to prepare a new comprehensive legal framework for data protection by modernising the Directive which currently set out the EU’s data protection regime. This was part of a more general drive to protect citizens' rights in the “information society” in which we live. The objective of the review was to respond to new technological challenges and to put in place a harmonised framework across the EU for the protection of personal data.

On 27th February, the Information Commissioner's Office (ICO) produced an initial analysis of the European Commission's proposals.

The ICO’s view, put very simply, is that the proposals represent a positive contribution towards updating EU data protection law which, in the ICO’s view is definitely necessary.  

However, the ICO also expresses concern at the administrative burden the proposed Regulation will impose on businesses, largely because it believes that compliance will only increase (and therefore lead to enhanced protection for individuals) if “red tape” does not make it too difficult or expensive. With this in mind it suggests a number of amendments which would ease the burden on business and, in some cases offer a “best practice” target rather than a three-line whip, while leaving the increased protection for individuals intact. 

The main points of interest in the ICO's comments are summarised here. 

Caroline Redhead is Burnetts' information law expert. 

Contact Caroline > >

Read earlier InfoLaw articles > >

Find out about Burnetts events > >