Government and law enforcement agencies came out in force in June to warn they intend to crack down on firms that fail to protect personal data or that have indecent images on their systems.

The Information Commissioner's Office (ICO) launched three new divisions to take action against organisations flouting the Data Protection Act. New consumer and policy divisions will work alongside a Regulatory Action Division (RAD).

"The RAD is about coming down hard on the minority of organisations that do not handle personal data correctly," said Simon Entwisle, chief operating officer at the ICO. He added that the unit will not rush to prosecute, but will seek out firms that should have registered with the ICO.

Firms struggling with compliance can request a visit from an ICO audit team. This is a voluntary process at present, but Entwisle said the unit eventually hopes to have the power to initiate such visits.

Mike Pullen of law company DLA commented, "Up to now [the ICO] has not been massively aggressive. This is something of a halfway house [to enforcing compliance]."

The ICO's moves came as the National Consumer Council (NCC) launched a new book - The Glass Consumer - arguing that UK companies hold too much personal information.

The NCC's Susanne Lace welcomed the strong message sent out by the new ICO divisions. "But we are concerned it still does not have enough power to ensure enforcement," she added.

Meanwhile, firms were given a stark warning by the National Crime Squad to report indecent material found on their systems as it would be probing the internet to uncover such images. Speaking at an Internet Watch Foundation (IWF) event, NCS director general Jim Gamble said, "If you [find] child pornography on your systems, you cannot afford not to report it."

Recent IWF research indicated that almost three-quarters of companies would not report illegal material discovered on their systems.