The Information Commissioner may soon have the power to make spot checks of company databases, he told parliament yesterday.
The new capability would be used to ensure companies and other organisations are complying with responsibilities under the Data Protection Act.
"The Home Office have accepted in principle that we should have the power to go in and inspect," The Register quoted Richard Thomas as saying at yesterday's Home Affairs Select Committee meeting on surveillance society.
"We have got the government to agree we should have that power - if not in the statute, in the code of practice."
Thomas claimed European Commission backing for the notion of inspectors turning up on company premises to interrogate databases holding information about customers, for example.
Previously, the commissioner required consent from organisations before inspecting data in such a way.