Swedish Authority for Privacy Protection

Swedish Authority for Privacy Protection
Integritetsskyddsmyndigheten
Agency overview
Formed	1973
Minister responsible	Gunnar Strömmer, ; Minister for Justice ;
Agency executive	Kristina Svahn Starrsjö, Director General;
Parent department	Ministry of Justice
Website	www.imy.se/other-lang/in-english/

Last updated October 30, 2024

The Swedish Authority for Privacy Protection (Swedish : Integritetsskyddsmyndigheten), formerly the Swedish Data Protection Authority (Swedish : Datainspektionen), is a Swedish government agency, organized under the Ministry of Justice, tasked to protect the individual's privacy in the information society without unnecessarily preventing or complicating the use of new technology.^[1]^[2] The agency ensure legislation within this area is complied with and as such supervise different registers and carry out inspections of companies, organizations and other government agencies; led by the agency's own IT security specialists and legal advisors. The most important legislation is the Personal Data Act of 1998, the Debt Recovery Act of 1974 and the Credit Information Act of 1973. The agency also has an expert advisory role when the Government prepares new statutory provisions.^[3]^[4]

History

The Swedish Data Protection Authority was established in 1973, as a result of public concern about personal data and abuse of government power related to mass surveillance and the enactment of the world's first national data protection law: the Data Act.^[3]^[5]

On 1 January 2021, the agency was renamed to the Swedish Authority for Privacy Protection.^[6]

International co-operation

The board is tasked to supervise the Schengen Information System, and is involved in a number of international groups that work on privacy and personal data issues; for instance EU's data protection group and the supervisory function of Europol's data system.^[3]^[7]

Organization

The agency is based in Stockholm and is led by Director-general Kristina Svahn Starrsjö. It has approximately 40 employees, the majority of whom are lawyers. The agency also has a call center that receive on average 200 calls and 60-70 e-mails per week, mostly relating to topical questions regarding protection of privacy.^[3]^[4]

Related Research Articles

Freedom of information laws allow access by the general public to data held by national governments and, where applicable, by state and local governments. The emergence of freedom of information legislation was a response to increasing dissatisfaction with the secrecy surrounding government policy development and decision making. In recent years Access to Information Act has also been used. They establish a "right-to-know" legal process by which requests may be made for government-held information, to be received freely or at minimal cost, barring standard exceptions. Also variously referred to as open records, or sunshine laws, governments are typically bound by a duty to publish and promote openness. In many countries there are constitutional guarantees for the right of access to information, but these are usually unused if specific support legislation does not exist. Additionally, the United Nations Sustainable Development Goal 16 has a target to ensure public access to information and the protection of fundamental freedoms as a means to ensure accountable, inclusive and just institutions.

<span class="mw-page-title-main">Classified information</span> Material that government claims requires confidentiality

Classified information is material that a government body deems to be sensitive information that must be protected. Access is restricted by law or regulation to particular groups of people with the necessary security clearance with a need to know. Mishandling of the material can incur criminal penalties.

The Data Protection Directive, officially Directive 95/46/EC, enacted in October 1995, was a European Union directive which regulated the processing of personal data within the European Union (EU) and the free movement of such data. The Data Protection Directive was an important component of EU privacy and human rights law.

The Swedish Security Service is a Swedish government agency organized under the Ministry of Justice. It operates as a security agency responsible for counter-espionage, counter-terrorism, as well as the protection of dignitaries and the constitution. The Swedish Security Service is also tasked with investigating crimes against national security and terrorist crimes. Its main mission, however, is to prevent crimes, not to investigate them. Crime prevention is to a large extent based on information acquired via contacts with the regular police force, other authorities and organisations, foreign intelligence and security services, and with the use of various intelligence gathering activities, including interrogations, telephone tapping, covert listening devices, and hidden surveillance cameras.

The Privacy Act of 1974, a United States federal law, establishes a Code of Fair Information Practice that governs the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is maintained in systems of records by federal agencies. A system of records is a group of records under the control of an agency from which information is retrieved by the name of the individual or by some identifier assigned to the individual. The Privacy Act requires that agencies give the public notice of their systems of records by publication in the Federal Register. The Privacy Act prohibits the disclosure of information from a system of records absent of the written consent of the subject individual, unless the disclosure is pursuant to one of twelve statutory exceptions. The Act also provides individuals with a means by which to seek access to and amendment of their records and sets forth various agency record-keeping requirements. Additionally, with people granted the right to review what was documented with their name, they are also able to find out if the "records have been disclosed" and are also given the right to make corrections.

The National Defence Radio Establishment is a Swedish government agency organised under the Ministry of Defence. The two main tasks of FRA are signals intelligence (SIGINT), and support to government authorities and state-owned companies regarding computer security.

Information privacy, data privacy or data protection laws provide a legal framework on how to obtain, use and store data of natural persons. The various laws around the world describe the rights of natural persons to control who is using its data. This includes usually the right to get details on which data is stored, for what purpose and to request the deletion in case the purpose is not given anymore.

Data retention defines the policies of persistent data and records management for meeting legal and business data archival requirements. Although sometimes interchangeable, it is not to be confused with the Data Protection Act 1998.

Law enforcement in Sweden is carried out by several government agencies, under the guidance of the Government of Sweden.

Privacy law is a set of regulations that govern the collection, storage, and utilization of personal information from healthcare, governments, companies, public or private entities, or individuals.

The Ministry of Justice is a ministry in the Government of Sweden responsible for policies related to combating terrorism, democracy and human rights, family law, the judicial system, migration and asylum and the Constitution of Sweden.

The European Data Protection Supervisor (EDPS) is an independent supervisory authority whose primary objective is to monitor and ensure that European institutions and bodies respect the right to privacy and data protection when they process personal data and develop new policies.

Privacy law in Denmark is supervised and enforced by the independent agency Datatilsynet based mainly upon the Act on Processing of Personal Data.

The General Data Protection Regulation, abbreviated GDPR, or French RGPD is a European Union regulation on information privacy in the European Union (EU) and the European Economic Area (EEA). The GDPR is an important component of EU privacy law and human rights law, in particular Article 8(1) of the Charter of Fundamental Rights of the European Union. It also governs the transfer of personal data outside the EU and EEA. The GDPR's goals are to enhance individuals' control and rights over their personal information and to simplify the regulations for international business. It supersedes the Data Protection Directive 95/46/EC and, among other things, simplifies the terminology.

There are several national data protection authorities across the world, tasked with protecting information privacy. In the European Union and the EFTA member countries, their status was formalized by the Data Protection Directive and they were involved in the Madrid Resolution.

The Board of Audit and Inspection is a national organization headquartered in Seoul, South Korea. Its primary function is the audit and inspection of the accounts of state and administrative bodies.

The Data Act is the world's first national data protection law and was enacted in Sweden on 11 May 1973. It went into effect on 1 July 1974 and required licenses by the Swedish Data Protection Authority for information systems handling personal data.

The Personal Data Protection Bill, 2019 was a proposed legislation by the Parliament of India which was withdrawn. The bill covers mechanisms for protection of personal data and proposes the setting up of a Data Protection Authority of India for the same. Some key provisions the 2019 Bill provides for which the 2018 draft Bill did not, such as that the central government can exempt any government agency from the Bill and the Right to Be Forgotten, have been included.

The Personal Information Protection Commission is the national data protection authority of South Korea. It is formed as independent agency in year 2011 by 'Personal Information Protection Act(PIPA, Korean: 개인정보 보호법)', and is now located in Government Complex Seoul. The Commission is constituted with 9 commissioners and one of them is the Chairperson, who is appointed by the President of South Korea.

The Personal Data Protection Authority is a future executive agency formed by the Indonesian government, working directly under the President of Indonesia. The agency will be tasked with information privacy safeguarding, personal data protection, and enforcing laws related/regarding to the personal data protection.

References

↑ "The Swedish Data Protection Authority" . Retrieved 11 July 2016.
↑ "Datainspektionens regleringsbrev 2013" (in Swedish). The Swedish Government. Retrieved 12 June 2014.
1 2 3 4 "What on earth does the Data Inspection Board do?" (PDF). Swedish Data Inspection Board. Retrieved 12 June 2014.
1 2 "About". Swedish Data Inspection Board. Retrieved 12 June 2014.
↑ "Datainspektionen 1973–2011" (in Swedish). Swedish Data Inspection Board. Retrieved 12 June 2014. Datainspektionen inrättas som en central tillstånds- och tillsynsmyndighet med huvuduppgift att övervaka världens första nationella datalag som börjar gälla den 1 juli.
↑ "Datainspektionen heter nu Integritetsskyddsmyndigheten (IMY)". Integritetsskyddsmyndigheten (in Swedish). Retrieved 5 January 2021.
↑ "International co-operation". Swedish Data Inspection Board. Retrieved 12 June 2014.

External links

The Swedish Authority for Privacy Protection official site (English)

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "The Swedish Data Protection Authority" . Retrieved 11 July 2016.

[2] "Datainspektionens regleringsbrev 2013" (in Swedish). The Swedish Government. Retrieved 12 June 2014.

[PDF-3] 1 2 3 4 "What on earth does the Data Inspection Board do?" (PDF). Swedish Data Inspection Board. Retrieved 12 June 2014.

[about-4] 1 2 "About". Swedish Data Inspection Board. Retrieved 12 June 2014.

[5] "Datainspektionen 1973–2011" (in Swedish). Swedish Data Inspection Board. Retrieved 12 June 2014. Datainspektionen inrättas som en central tillstånds- och tillsynsmyndighet med huvuduppgift att övervaka världens första nationella datalag som börjar gälla den 1 juli.

[6] "Datainspektionen heter nu Integritetsskyddsmyndigheten (IMY)". Integritetsskyddsmyndigheten (in Swedish). Retrieved 5 January 2021.

[7] "International co-operation". Swedish Data Inspection Board. Retrieved 12 June 2014.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

v t e Privacy
Principles	Right of access to personal data Expectation of privacy Right to privacy Right to be forgotten Post-mortem privacy
Privacy laws	Australia Brazil Canada China Denmark England European Union Germany Ghana New Zealand Russia Singapore Sri Lanka Switzerland United Kingdom United States California, amended in 2020
Data protection authorities	Australia Denmark European Union France Germany India Indonesia Ireland Isle of Man Netherlands Norway Philippines Poland South Korea Spain Sweden Switzerland Thailand Turkey United Kingdom
Areas	Consumer Digital Education Medical Workplace
Information privacy	Law Financial Internet Facebook Google Twitter Email Personal data Personal identifier Social networking services Privacy-enhancing technologies Privacy engineering Privacy-invasive software Privacy policy Privacy software Secret ballot Virtual assistant privacy
Advocacy organizations	American Civil Liberties Union Center for Democracy and Technology Computer Professionals for Social Responsibility Data Privacy Lab Electronic Frontier Foundation Electronic Privacy Information Center European Digital Rights Future of Privacy Forum Global Network Initiative International Association of Privacy Professionals NOYB Privacy International
See also	Anonymity Cellphone surveillance Data security Eavesdropping Global surveillance Identity theft Mass surveillance Panopticon PRISM Search warrant Wiretapping Human rights Personality rights
Category

Authority control databases
International	ISNI VIAF 2
National	Germany United States