Do you want to understand how your Swedish identity number is created… or maybe not, it is explained here. If you know how it is calculated after the first 6 digits which is your date of birth, then it must be pretty easy for others to work this out?
Although I did get from a source that one can just ring up the Swedish Tax Agency and ask for any Swedish residents personal ID. I haven’t tested this yet.. but I am sorely tempted to try đ
This makes you vulnerable to identity theft. Swedish residents have no legal right to protect their personal identifying information (PII) which includes the first 6 digits of the 10 digits (AAMMDD-xxxx) of Swedish IDs. Except is if you have a protected identity. Following is the response I received from one of the credit reporting agencies that I contacted.
“We are a credit reporting agency with permission from the Data Inspectorate (Datainspektionen). The data in our database are and should be a reflection of public databases retrieved from authorities such as tax authorities (Skattemyndigheten), payment remarks and debt collecting agencies (Kronofogdemyndigheten), and the bureau of statistics (SCB). Public data means that anyone can contact the respective government authority and get the same information there. We are by the Credit Information Act (Kreditupplysningslagen) required to make changes in our database to correct faults, but you have no right to be omitted from the register. All residents in Sweden who are over the age of 16 are included.
Protected Identity is the only way to hide the address and other personal information with the authorities, and thus also with us, and it may be issued through the tax or police authorities. Once an identity has been protected the data is hidden automatically in our system.”
This was in response to the following request I made.
I would like to kindly request that you do NOT share my personal information with third parties that make money from my personal identifying information, an example is âbirthday.seâ. Due to the sharing of my PII the first 6 digits of my Swedish ID is public, consequences are that it makes me vulnerable to identity fraud.
Can you please confirm that this is done. If not would be be kind enough to give me enough information to understand why not?
I need a Swedish lawyer that wants to change the world, to find a way to protect Swedish citizens personal identifying information. Someone who feels passionate for the right to ‘personalintegritet’.
I do not have any money, so you need to be driven by this passion đ
This is the letter from the Swedish Data Inspection Board. They were kind enough to reply in English đ
The Swedish Data Inspection Board has received your complaint.
The Swedish Data Inspection Board is supervisory authority according to the Personal Data Act (1998:204). There is a possibility for websites to apply for impediment to publication (utgivningsbevis). If a website is granted impediment to publication (e.g. ratsit.se) the website will be protected according to constitutional law. That means that the Personal Data Act is not applicable on information that is posted at such websites.
The Swedish Data Inspection Board is therefore unable to help you in this matter. It is legal for ratsit.se to publish your personal information. Ratsit.se is not obliged to remove your information.
For more information about utgivningsbevis, see The Swedish Broadcasting Authorityâs website: http://www.radioochtv.se/en/Licensing/Internet/.
The Swedish Data Inspection Board notes with regularity the problems with utgivningsbevis to the Ministry of Justice. You can read more about it here:
http://www.datainspektionen.se/press/nyheter/2009/yttrandefrihetskommitten-underskattar-problemen-med-utgivningsbevis/
http://www.datainspektionen.se/press/nyheter/2011/utvidgad-yttrandefrihet-kraver-forstarkt-integritetsskydd/
http://www.datainspektionen.se/press/nyheter/2014/datainspektionen-kan-inte-ingripa-mot-sajt-som-hanger-ut-domda/
Are there any Swedish lawyers out there that can help me fix this?
Reblog from post in 2009. Very relevant to the Tracey series.
I am on a crusade.
I am fed-up of finding my personal information being spread all over Sweden by government authorities. There are laws concerning the protection of personal privacy that are not being enforced. I plan to fix this. I have written a letter to the Datainspektion, and started posting on this thread (Tracey). In parallel is a series called “My name is Tracey” on YouTube, Part #1 uploaded today. If you want to help, Like and Share to your hearts content wherever you happen to pick this up. I have a plan on how to succeed, and you are a part of the plan…
Hopping mad you should be if you are a Swedish resident, after taking a visit here http://www.ratsit.se, and search for your name. This is against the Data Protection directive, of which Personuppgiftslagen (PUL) is the legal enactment of. I am so bored of asking to have my name removed, only for it to pop up again later, and now I see that it is impossible to remove your personal identifying information (PII) (http://www.ratsit.se/Content/FaqSearch.aspx)… it is PUBLIC for all to see forever! What a smorgasbord for identity thieves!
I can see how old you are, where you live and the first 6 digits of 10 digits from your Swedish ID!
It seems to be that the Kreditupplysningslagen (KuL) has priority over PuL. In PuL you have a right to personal privacy. You should be informed who has had access, or even viewed your personal information. Now KuL does inform you when a request is made for your creditworthiness, but it doesn’t tell you about who has viewed your Personal Identifying Information (PII) through www.ratsit.se who they share your PII with, for example. Your PII includes your date of birth, where you live, etc…
I am going to make an official compliant to the Datainspektion. If you are interested to add yourself to a petition to support me in this, please Like this Post here on the blog direct, or on LinkedIn or FB status update, wherever you happen to pick this up.
Seems that the Swedish Police are throwing money down the toilet on IT projects, I happen to know that a large proportion are information security related đ
Read about it here⊠sorry it’s in Swedish.
I thought given the wire-tapping excitement going on now, that I’d post some of the practices going on world-wide that maybe you are not aware of, all excepts from Virtual Shadows (2009), so there could be some updates since, I haven’t checked. If there are updates it will surely include social media as per USA with PRISM.
ILETS
Many of the international laws on wiretapping date back to a series of seminars hosted by the FBI in the United States in 1993 at its research facility in Quantico, Virginia, called the International Law Enforcement Telecommunications Seminar (ILETS) together with representatives from Canada, Hong Kong, Australia and the EU. The product of these meetings was the adoption of an international standard called the International Requirements for Interception that possessed similar characteristics to CALEA from the United States. In 1995 the Council of the European Union approved a secret resolution adopting the ILETS. Following its adoption and without revealing the role of the FBI in developing the standard, many countries have adopted laws to this effect. Following adoption of the standard the European Union and the United States offered a Memorandum of Understanding (MoU) for other countries to sign to commit to the standards. All participating countries were encouraged to adopt the standards so it was natural that international standards organisations, such as the International Telecommunications Union (ITU) and the European Telecommunication Standardization Institute (ETSI), would adopt the standards.
Adoption of wire-tapping laws
Australia was one of the first countries to sign the MoU along with Canada. In Australia the Telecommunications Act expects the telecommunications operators to proactively assist law enforcement by providing an interception capability.
In the UK RIPA requires that telecommunications operators maintain a âreasonable interception capabilityâ in their systems and be able to provide on notice certain âtraffic dataâ.
In the Netherlands all ISPs have to have the capability to intercept all traffic with a court order and maintain usersâ logs for three months.
In New Zealand the Telecommunications (Interception Capabilities) Act 2004 obliges telecommunications companies and ISPs to intercept phone calls and emails on the request of the police and security services.
In Switzerland ISPs are required to take all necessary measures to allow for the interception of mail and telecommunications.
In June 2008 Swedenâs parliament approved controversial new laws (FRA-lagen) allowing authorities to spy on cross-border email and telephone traffic. The Swedish press claim that this will make Sweden the most surveyed country in Europe. This wiretapping law enables the intelligence authorities to âlistenâ to all traffic, Hotmail, MSN, SMS etc., across Swedenâs borders. The law becomes effective at the end of 2009. Given Swedenâs stance on human rights the passing of this law is quite remarkable. It was following some pretty heated dis- cussions in parliament that the law was passed on a very fine majority (47 against and 52 for). The argument for tapping of international lines is âterrorismâ. Of course any âterroristsâ will encrypt their communications and there is nothing that the Swedish authorities can do about this. Of course one can always monitor âtraffic patternsâ on identified suspect com- munication which can be as revealing as the communicationsâ contents themselves in certain situations. However the use of the contents of such communications in a court of law will be impossible without the decryption key and they cannot obtain this unless there is a law enacted similar to the RIPA in the UK, which forces the key-holder to give the encryption or decryption key to the authorities on request and if they refuse they can be convicted for concealing evidence.
There was also a telecommunications driven incentive in 2008 called Phorm. I have not checked out the present status in 2013.