Half of UK firms feel that current data protection legislation is not suited to protecting the increasing amount of personal information being transferred over the internet, a new study from the European Commission (EC) has revealed.

The EC questioned 300 UK data controllers – those responsible for processing data within companies – and found that 36 percent felt the Data Protection Act (DPA) was not very well suited to the current amount of information being exchanged. A further 14 percent said the DPA was not at all suited for this purpose.

Respondents also called for a more targeted approach to applying data protection rules. Almost a third felt that the requirements were only relevant for certain industry sectors, while two-thirds favoured the introduction of data protection legislation specific to each sector.

The study highlighted a lack of awareness among data controllers about current rules, however – something that would no doubt be compounded by any attempt to introduce different rules for different sectors. Eighty-three percent of UK respondents said they would like further clarification about the practical application of data protection law, while almost a quarter revealed that they were not familiar with their requirements under the DPA.