The Information Commissioner’s Office (ICO) has begun a new analysis of the way it implements the Data Protection Act. It has decided to make it simpler for firms to comply with its rules, and, er, make its rules easier to comply with. To further clarify the matter it has also announced its intention to deepen its involvement in the legislative process, making sure its concerns about privacy are tackled before an idea becomes law.

I feel I could have written those sentences at any time during my six years at IT Week. The whole “how best can the ICO handle the implementation of the Data Protection Act?” question is older than most of my chat-up lines. But it is a serious issue and deserves a lot of consideration. So it is no wonder that it is taking a while.

Just last week, Information Commissioner Richard Thomas called on UK chief executives to take the security of data much more seriously. In a statement announcing his annual report, Thomas said, “We have seen far too many careless and inexcusable breaches of people’s personal information. The roll call of banks, retailers, government departments, public bodies and other organisations that have admitted serious security lapses is frankly horrifying.”

Clearly, many firms have a rather lackadaisical attitude to the way they handle their clients’ personal data. Unfortunately, this problem is being compounded by ignorance on the part of customers. Many internet users and clients of firms that employ IT systems do not even consider what is involved in the protection of their personal data. They simply surrender it and hope for the best.

But there are instances when the protection of personal information is the responsibility of the individual involved. Where once I might have worried about my nan getting night buses through London, now I fear the day she gets an email account. Fortunately, she appears to have no interest in doing so, but for others, the threat of being conned online, having your ID stolen, ordering items that never turn up, or having your bank account wiped must be terrifying.

With spam, online fraud and phishing on the rise, and new kinds of malware tools appearing on the horizon, will we get to a stage where people will choose not to have the internet in the home and warn others against it?

The more these problems persist, the more they make headlines, the more likely that scenario becomes.

It could happen. And something needs to be done to prevent it. For the sake of businesses everywhere, let us start by shoring up these privacy rules.