The Swedish Personal Information Act


Freedom of Speech, The EU Data Protection Directive and the Swedish Personal Data Act The EU Data Protection Directive is misused by the Swedish Government to suppress unpopular views published on the Internet.
Table of contents		Last revision: 9 June 2000.
History European Data Protection Directive The Swedish Personal Data Act Testing the law Changing the law Implementing the law Conclusion Links to more information
	Here you can ask questions about the law, discuss it and state your own opinions.

History

The first data protection law in the world was enacted by the Swedish parliament in 1973. The intention of the law was to protect personal privacy regulate misuse of personal information data bases. The law, however, defined personal information data bases in a very wide way. Every single occurence of any kind of data, which pertain to a certain individual, was according to this law a personal information data base. Even if the name of the person is not mentioned, the information was still covered by the law. And for every such data base, you had to have permission in advance from the Swedish Data Inspection Board .

It is possible that the original legislators in 1973 already had some inkling of the conflict beween this law and freedom of speech, because they did specify that photo-typesetting systems used by newspapers were exempt from the law. That was probably the only kind of free text processing, that the legislators at that time could envisage.

In 1978, the first Swedish BBS was forbidden, in accordance with this law. Half a year later, the BBS was allowed to open again, provided that they did not allow discussions of certain sensitive issues, such as politics and religion! The reason for this is that the data act specified that storage of personal information about political and religious view should only be allowed under exceptional circumstances!

In 1990, an author was forbidden to use a personal computer to write a book containing personal information about named invididuals. The author appealed, and the Swedish government on appeal set the ruling aside – the author was allowed to publish his book. To understand this, one must note that the Swedish constitution protects freedom of speech in different ways. Freedom of speech in printed matter and in broadcasting is protected by specials part of the Swedish constitution. Freedom of speech otherwise is protected by another part. And this part stipulated, that the government is allowed to infringe on freedom of speech in order to protect personal privacy. No such exclusion clause, however, is included in the parts for printing and newspapers. Thus, the author was allowed to use a PC, because he was writing a book, and because bookwriting is protected by a part of the constitution which does not include this exclusion clause.

Top of page

European Data Protection Directive

Many European countries enacted similar laws to the Swedish Data Act. The European Comission decided to make a Data Protection Directive . The intention was to harmonize Data Protection legislation in the different EU countries, in order to allow free movement of personal information (regulated by the directive) between EU countries.

Top of page

The Swedish Personal Data Act

All EU countries were obliged to change their laws to agree with this new directive. Sweden did this in 1998 with the Personal Data Act . But now, for the first time, there was a general public discussion about the conflict between this law and freedom of speech. The law regulates all storage of personal information in computers (such as on WWW pages). Newspapers are, however, exempt, since they are protected by a special part of the constituon. The law says that the law should not be applied to purely journalistic, publishing or artistic activities.

The law allows personal information in special circumstances, for example if you have permission from the person, to whom the information pertains.

Top of page

Testing the law

In order to test the law, a number of people wrote web pages containing various kinds of illegal texts, or asked the Data Inspectorion Board to consider the legagility of such texts. For example, a salvation army soldier wrote a web page with the title "Pinochet is a murderer" and then asked the public prosecutor to charge him with illegaly publishing information about crimes (criminal personal information is regarded as specifically sensitive). I wrote to the Inspection Board and asked them if the public library, which on their web page has a biography by a plow-bill member, telling how he went to prison because of his illegal acts against weapons manufacturers.

The Data Inspection Board in each case avoided following the law, by saying that they were, as asked by the Swedish government, making a study of how to resolve the conflict between the act and freedom of speech. This study was ready in 1999, and in the study, the Data Inspection Board proposes that "harmless" publishing on the Internet should be exempt from the law. Note that the term "freedom of speech" is never mentioned by the proposal.

Top of page

Changing the law

Based on this study, the Swedish parliament in 1999 changed the law by saying that "minor" violations of the law were not to be prosecuted. Also, export of personal data can be allowed outside EU, if the target country provides adequate privacy protection. Note: Any publicly available web page is always regarded as "exported outside Europe" since anyone on the WWW can access it!

In November 2000, the Commission of the European Communities asked member countries for their experience with the directive.

Top of page

Implementing the law

How the Data Inspection Board has chosen to interpret the law is shown by some test cases.

In the first case, a person who felt that a large Swedish bank had wronged him, published a web page with the title "Swedish Anti-Bank Activity". In this page, he named a number of bank directors, who, in his opinion, had acted in ethically unacceptable ways. He was prosecuted, and sentenced to fines. This decision was upheld, on appeal, by the first appelate instance. The second appelate instance, the Swedish Highest Court, has not yet decided on this case. One issue which the Swedish Highest court will look like is if you can really regard a web page in the Swedish language to be exported outside Europe, just because the page is formally available to any Internet user, also outside Europe. The lower courts, however, said "yes" on this issue.

In the second case, an animal-rights organisation published a list of fur producers in Sweden. This case has not yet been decided on by the Swedish courts.

I a third case, a confirmation teacher wrote a web page, describing the vicar, the chairman of the church board and some other people. She did mention, for one of them, that he had broken a leg and for another person, that she was a member of the socialdemocratic party. Such information is especially sensitive according to the act. She was prosecuted for this, the court decision is not yet ready.

In a fourth case, some dog lovers on a web page criticized the democracy of a certain dog owners society, including mention of certain criticized people, which according to the web page owner should be substituted in the board of the society.

Looking at the way the law is used, one can see that unpopular or controversial opinions are suppressed. In at least the first case, it might be possible that the laws on slander could be used instead, but these laws are more restrictive than the personal data act. It also seems that it is not permitted to criticize a named individual on the Internet in Sweden.

In the case of the animal-rights organisation, one might guess (though this is not written anywhere) that this organisation published names of fur manufacturers in order to give information to people performing illegal acts of sabotage against fur farms. And one might guess, that this is the real reason why the personal data act is used, even if this is not officially said. This case has not yet been decided by the courts, but the Data Inspection Board has asked a prosecutor to prosecute it.

In a fifth case, the Swedish telephone directory is not available on the Internet for anyone. The reason for this is that in that case, people in countries without adequate security protection might access to phone directory. However, people living in Sweden can get a personal account and password, and can then access the telephone directory from the Internet. Also, the yellow pages are available to anyone, it is only the white pages which are unavailable outside Sweden.

One should note, however, that these are exceptional cases. In almost all other cases, the Data Inspection Board has chosen not to act. Note that in all the three cases above, the page did not only contain information about a single individual, it contained lists of names of people. So maybe the act is unofficially not applied to mention of single individuals, although the act itself makes no such distinction. Also, the Data Inspection Board mostly acts when someone complains to them. So a probable reason why we have relatively large freedom of speech on the Internet may simply be that no one bothers to complain to the Inspectorate of web pages they do not like.

Top of page

Conclusion

One can conclude that the EU Personal Data Directive is in Sweden used to control freedom of speech. Certain unpopular opinions are stopped by this law. The final conclusions, however, cannot be made yet, since the highest court has not decided on the issue yet.

Top of page

Links to more information

The full text of the Act in English translation
The full original Swedish-language text of the Act
The full text of the EU Directive in English
Export of personal informaton to U.S.A.
More about law and the Internet
More about the personal data act in English
More about the personal data act in Swedish

Top of page