You are here: silicon.com > Management > Law & Policy

UK firms ignoring data protection deadline

EC directive to press ahead though...

By Heather McLean

Published: 5 October 2001 14:15 BST

UK companies will struggle to hit the 24 October deadline enforcing legislation on electronic data transfer and individual privacy, according to a leading UK lawyer.

An EC directive on data protection and privacy is to be enforced despite the fact that most UK and US companies have ignored the two-year compliance period.

Jonathan Armstrong, senior associate at Eversheds law firm, said the UK Data Protection Act 1998 was deferred so companies had time to comply, yet the majority in the US and UK have not done so.

The Act states: "Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data."

Armstrong doesn't believe the UK Information Commissioner (who will be policing the legislation's enforcement) has enough financial or human resources to "knock on every door in Britain".

However, Armstrong said: "I expect high-profile prosecutions. The information commissioner will look at business areas that cause concern and target them."

Andrew Parker, analyst at Forrester, said: "Any problems incurred by this legislation are likely to come via how strenuously the various regulatory bodies are able to enforce it."

"There will be a log jam effect in months as public grievances about misuse of personal data expose the letter of the law," he added.

UK companies are required to comply with the legislation by acquiring a licence for electronic data transfer from the UK information commissioner Elizabeth France.

For electronic data transfer with US organisations, US companies must volunteer to be watched by the strict Federal Trade Commission (FTC) in a 'safe harbour' agreement, although its tough reputation has led to only 75 US companies volunteering, according to Armstrong.

Research from law firm Tarlo Lyons with The Opus Group found although 53 per cent of 137 UK respondents transmitted data abroad electronically, 61 per cent were unaware of the impending deadline.

Add comment

Print story

Email story

RSS

Agilent joins safe harbor crusade

UK consumers left in the dark on data breaches

Passenger data row escalates to Court of Justice

'Big Brother Blair' using terror threat as an 'excuse to snoop'

In silicon.com

Commentary

Simon Perry Green IT - how CIOs can help Quocirca's Straight Talking: Going beyond polar bears

John McKinlay Legal Eye: File-sharers under fire Europe cracking down on pirates

Latest News

Google Street View cleared by UK privacy watchdog

Microsoft slams Google-Yahoo! ad deal

BT plans £1.5bn fat pipe upgrade

Banks unprepared for EU payments directive

UK must overhaul data sharing rules

Gov't data retention - how much is too much?

Jobs

Systems Engineering Manager-Storage,De-duplication,VTL,NFS,CiFS,iSCSI

You will transfer knowledge to inexperienced customers and VAR's i.e.channel resellers and end user clients. Your wide-ranging role will include ...

Information & IT Security Advisor

Candidate continue the developement & management of information secruity strategy and provide technical advice on Information secruity,data ...

C++ Software Engineer Siemens PLM Software / C++ - Cambridge

All data is processed in accordance with the provisions of the Data Protection Act. C++ Software Engineer Siemens PLM Software / C++ - Cambridge ...

Special Report Focus

CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.