To ask Her Majesty's Government what plans they have to regulate to prevent Twitter applications extracting personal phone directories from private mobile devices without permission.

The processing of personal data must comply with the requirements of the Data Protection Act 1998, including that all processing must be fair and lawful unless a relevant exemption applies. In addition, under the Privacy and Electronic Communications (EC Directive) Regulations 2003 (as amended), organisations are required to obtain consent to access information on a user's equipment.

On 25 January 2012 the European Commission published a proposal for a new EU data protection regulation that will replace the Data Protection Directive 95/46/EC, which the Data Protection Act 1998 transposes into UK law. The Government are working with stakeholders to establish a UK position on the draft regulation, which will meet data subjects' concerns while at the same time not imposing disproportionately burdensome requirements upon public and private sector organisations.