The European Union is expected to unveil new rules on the handling of customers' data this week, as they move to bring outdated laws from 1995 up-to-date.

Facebook and Google may find that they have to change their practices as a result of the proposals, but other companies may be forced to sit up and take note too.

Industry experts have warned that cyber security is likely to be a big issue this year and the rules should only underpin companies' stringent policies, but they are often deficient.

Under the rules, any breach of security must be reported to the authorities within 24 hours and regulators would have more power over companies whose policies fall short.

As part of Europe, the UK would come under these rules and mandatory notification has not been brought in here, but these regulations will bring it in line with the rest of the continent.

Viviane Reding, EU commissioner, said: "Personal data is the currency of today’s digital market. And like any currency, it needs stability and trust. Only if consumers can ‘trust’ that their data is well protected, will they continue to entrust businesses and authorities with it, buy online, and accept new services."

The implications for businesses mean that security breaches could not just cost them in terms of trust by the customers, but also financially as well.

A fine of up to one per cent of global revenues will be enforceable on companies who violate the data protection rules and consumers will have more control with the option of requesting their information to be deleted.

It is thought that the new rules will not come into play until 2014 as they will have to get the approval of national governments, but companies should be aware there may be changes afoot.

Firms should be taking cyber security seriously as a matter of course and any whose policies are not up to scratch should make changes before these rules come into force.