With the rise of the Internet and networked computing the subject of data security and data protection has never been more pertinent. Even as I write this article, American and European advocacy groups are thrashing out ways to prevent American firms having to fall totally into line with strict new European Union privacy regulations.

The clash between Europe and America is a natural one, America is built on go-ahead free enterprise while Europe is more conservative and defensive. Parts of Europe still has recent memories of being part of an easedroping totalitarian state.

The TransAtlantic Consumer Dialogue (TACD) has proposed a compromise that tightens up trade rules and regulations across the board but without implementing the full European Union Directive on Data Protection. The results are awaited with some interest.

Only a fool would suggest that no data about a person should be stored on a computer without prior permission: We all want to get a pension when we reach retirement age and if we were involved in an accident we would want vital medical data to be available to all relevant parties without let or hindrance.

Nevertheless we are entering in to an age where more and more complete strangers know more and more about our lifestyle and habits.

There is also a general privacy question hanging over free ISP services. Taking the view that there is no such thing as a free lunch, what is to prevent these from becoming advertising platforms that could be used to offer unrequested goods and services? While a few requested e-mails (or letters) would not bother many people - how many would be too many?

The first set of data regulations to hit the UK was the unfortunately named "1984 Data Protection Act." This was a statement of commonsense aimed at introducing "best practice" and giving people possible redress against faulty computer data. This gave people - by right - the chance to view files held about them and correct errors.

The holes were, and are, only too obvious. For a start data is held on so many different computers that it is impossible to know which ones to apply to view. And even if when armed with that information, without clear evidence how do we know it to be faulty? A recent case involved a person applying to join the police and being confronted with a phantom "criminal conviction."

When confronted with this data he was able to prove that the case had been wrongly attributed, but what would have happened if the police had chosen - as they might have - to simply dismiss his application without stating a reason?

There are also cases when it might not be in a persons best interest to have access to data about themselves. For example, a doctor who may want to note that the patient appears to be a hypochondriac. The relationship between the doctor and patient could be damaged if this information was to be read by the patient.

Sometimes in the act of applying for goods or services you are giving a company the right to store or check data with another company. This can have serious consequences in credit circles. If you apply for a loan and are turned down - perhaps because you are viewed as not earning enough money - a record of the search will be left on file. This may become relevant in a future credit application - even if your circumstances have improved.

Naturally certain procedures have emerged that are not part of the rules and regulations of Internet/data privacy. Spam (unsolicited e-mails) has come under some control because ISP's have tied up the worst offenders in dozens of court cases and negative publicity. While some of this may look like bullyboy tactics the rise of this form of computer generated junk mail once threaten to bring the system of e-mail to its knees.

One of the real problems of privacy is that it is easy to get around most data privacy laws by simply avoiding data files all together. Files on paper are not subject to any special regulation and therefore controversial data can be computer compiled and left in paper files. This is a solution that many companies employ in regards to internal discipline.

Data comes in two main states: fact and opinion. Fact is easy to define - whether someone has a drivers license, a court conviction, county court judgments, etc. Negative opinion and hear-say are dangerous when stored on a computer - and could, if discovered, leave the compiler open to possible legal action.

Today computers that compile statistics automatically are often employed. For example, software is available that logs the number of calls to a help desk (or other) takes and then records the average call time. League tables can then be drawn up and low performers sanctioned if not dismissed. Perhaps a case of "small brother."

There simply can never be a total answer to the "problem" of data access. We have to balance the good the use of computers make in society against there potential risks.

We also cannot step outside of the very nature of people themselves. Falsely obtaining money, goods or information goes on in all walks and departments of life. Computers can, however, make such actions even easier. Also when people wish to break or ignore data protection regulations, these rules can have no effect. The only the possible way to regulate these people is by putting them at risk of serious legal repercussions.