The Home Office has promised to give the Information Commissioner powers to make spot inspections on people's databases to determine if they have complied with the Data Protection Act.
Reporting to the first hearing of the Home Office Select Committee into the surveillance society today, Information Commissioner Richard Thomas said: "The Home Office have accepted in principle that we should have the power to go in and inspect.
"We have got the government to agree we should have that power - if not in the statute, in the code of practice," he said.
However, he later told the hearing that though his office had been lobbying the Home Office, the Lord Chancellor, and the Department of Constitutional Affairs, he still couldn't be sure he would actually get inspection powers.
"They smile and say they will do it when they can, but we haven't yet had a firm commitment that they will change the law," he said, adding that the European Commission had also waded in to support the idea.
Thomas said his office's brief presently required it to get the consent of the data controller before inspecting someone's data to assess whether it was fairly managed - unless it had enough evidence of criminal behaviour to get a judge to sign a warrant.
He was unhappy that while other regulators were allowed to make spot inspections, he wasn't: "To know that the regulator can step in has a very sharp deterrent effect on organisations."
Thomas said it had also "been broadly accepted" that he would regulate public sector access to private sector databases.
"We need a framework to make sure the legitimate purposes of the police and law enforcement bodies are served by accessing this data, that it's not a free for all - they can go and and look at everyone's data and just make merry with it - it's got to be proportionate, for a defined purpose," he said. ®