But only three member states -- Greece, Sweden and Italy -- were expected to meet the implementation deadline of October 24.
For various reasons, the other member states are having difficulties incorporating the legislation into local law.
The draft version of the Data Protection Directive originally was introduced in July 1990. But following vociferous protests from the EU's direct marketing industry, the proposed law was amended and adopted in October 1995. Each state was given three years to incorporate the law locally. Trade bodies, led by the Federation of European Direct Marketing and the U.K.'s Direct Marketing Association, had argued the directive imposed too many restrictions in its bid to protect the targeted consumer.
Since then, FEDMA members, including the U.K. DMA, have worked with officials at the European Commission to make the legislation more relevant to European direct marketers. But the industry is still concerned about how to apply the law on the Internet's global infrastructure and whether this might clash with what is happening in the US.
"The directive, which doesn't distinguish between any medium, is much more acceptable now," said Colin Fricker, the U.K. DMA's director of government and legal affairs and FEDMA's vice chairman. "But the only aspect of electronic commerce or mail which would be difficult to apply is the transfer of data to countries outside the EU. The electronic medium is the most difficult. How do you control data going out of the EU to countries where there isn't adequate protection."
In the U.K., the DMA and the Confederation of British Industry (the trade body for employers) are part of a group that is working on a model contract that can be used by companies during the transfer of mailing data from the EU to non-EU countries.