European lawmakers have once again been urged to force businesses to make public any data security breaches.

Presently, the European Union is debating proposals aimed at updating the existing ePrivacy Directive, which cover the disclosure of breaches by internet service providers.

However, the National Consumer Council (NCC) has argued for the new legal powers to be extended to cover all businesses and banks, with those that lose sensitive data required by law to inform their customers straight away.

According to NCC senior policy adviser Anna Fielder, the current rules mean that businesses are getting away with neglecting data security measures too easily.

Thousands of businesses are handling bank-account details, dates of birth and other personal details daily, and a lot of incidents could go unreported because they are not considered high-profile enough," she said.

"All banks and businesses should be obliged to report losses to enable customers to take action and protect themselves."

"It would also provide the incentive needed for businesses to improve their data security and be less cavalier with customers' data."

In comparison, 40 of the 50 US states currently have data breach notification laws in place, with some industry observers arguing that the UK is falling behind.