The European Commission has compromised in its battle with the US over new data protection laws, by delaying their enforcement.
But most UK users are confused about the impact of the EC directive, which was due to come into force at the weekend.
The EC has agreed to postpone enforcing the new directive, which prohibits European companies from exchanging data with firms in countries whose laws do not adequately protect the online privacy of consumers - including the US.
The directive has caused great alarm as it would effectively prevent EU members from swapping information with US companies (see Newswire 9 October). Officials from both sides met to discuss the possible threat to US trade and agreed to postpone the deadline until 15 December to give time to reach a compromise.
Six EU nations have passed laws based on this directive, one of which was the UK?s Data Protection Act of 1998. But a new survey by Security Dynamics reveals that 85 per cent of medium to large companies are not even aware that the 1984 Data Protection Act was due to change.
The 1998 version is far stricter, including harsher penalties for offenders while extending the protection of personal data to companies with business customers as well as consumers. All companies will have a duty to safeguard the personal data they hold and must take adequate security measures to do ensure it.
The report also highlights confusion over who within an organisation was responsible for enforcing the new regulations, with the majority believing it was down to the IT department.
?Companies without adequate protection are exposing themselves to serious breaches of the new Act, which has more powerful and wide ranging penalties than its predecessor,? said Graham Welch, general manager of Security Dynamics. ?IT security must protect data both in and outside the company. The crux of the problem is that certain businesses do not adequately protect the IT systems and networks that hold the vast majority of this data.?
The survey revealed how widely personal data is being used by third parties. Sixty eight per cent of the companies said they used the personal data in direct marketing campaigns, with 32 per cent renting the lists out to other companies. Twenty two per cent said they allowed external suppliers and agents access to their databases.
Microsoft seizes control of phishing sites linked with Russian state hackers
Fitness trackers over-estimate the number of steps their users take, analysis of 67 research reports suggests
Everything we think we know about the imminent Apple iPhone 9, iPhone 11 and iPhone 11 Plus launches
All the latest rumours about Apple iPhone Displays, CPUs, launch dates and even prices
Nvidia brings Turing microarchitecture into the high-end gaming segment