I need a Swedish lawyer that wants to change the world, to find a way to protect Swedish citizens personal identifying information. Someone who feels passionate for the right to ‘personalintegritet’.
I do not have any money, so you need to be driven by this passion 😉
This is the letter from the Swedish Data Inspection Board. They were kind enough to reply in English 🙂
The Swedish Data Inspection Board has received your complaint.
The Swedish Data Inspection Board is supervisory authority according to the Personal Data Act (1998:204). There is a possibility for websites to apply for impediment to publication (utgivningsbevis). If a website is granted impediment to publication (e.g. ratsit.se) the website will be protected according to constitutional law. That means that the Personal Data Act is not applicable on information that is posted at such websites.
The Swedish Data Inspection Board is therefore unable to help you in this matter. It is legal for ratsit.se to publish your personal information. Ratsit.se is not obliged to remove your information.
For more information about utgivningsbevis, see The Swedish Broadcasting Authority’s website: http://www.radioochtv.se/en/Licensing/Internet/.
The Swedish Data Inspection Board notes with regularity the problems with utgivningsbevis to the Ministry of Justice. You can read more about it here:
http://www.datainspektionen.se/press/nyheter/2009/yttrandefrihetskommitten-underskattar-problemen-med-utgivningsbevis/
http://www.datainspektionen.se/press/nyheter/2011/utvidgad-yttrandefrihet-kraver-forstarkt-integritetsskydd/
http://www.datainspektionen.se/press/nyheter/2014/datainspektionen-kan-inte-ingripa-mot-sajt-som-hanger-ut-domda/
Are there any Swedish lawyers out there that can help me fix this?
At least that was what the Court of Justice of the European Union in Luxemborg declared yesterday concerning the Data Retention Directive. But what does this really mean for you in practice?
collection of your traffic patterns, not the contents
Secondly, this directive was wanted to ensure that the data collected could be used for the prevention, investigation, detection and prosecution of serious crime, such as, in particular, organised crime and terrorism.
However, the directive was flawed because:
So what next? I believe, just like a ‘bad penny’ this directive will pop-up again later with a new set of clothes, this time with less holes 😉
More reading:
SvD – EU:s datalagringsdirektiv ogiltigt (2014-04-08)
ft.com – European Court of Justice rules EU data collection laws illegal (2014-04-08)
PCWorld – Germany Taken to Court for Failing to Implement Data Retention (2012-05-31)
PCWorld – German Lawmakers Say Data Retention Directive May Be Illegal (2011-04-27)
We are getting some really interesting happening in the EU when it comes to revolutionising the EU Directive on Data Protection. Thanks to the summary provided by Panoticon blog.
The Memo from the European Commission, that has been approved, gives the following reforms that will make doing business simpler for EU companies, and they are significant! So here they come the 4 pillars of reform, or at least a summary of them. If you want to read the full Monty, go here.
Pillar One: One continent one law…
The European Parliament agrees that the new data protection law for the private and public sector should be a Regulation, and no longer a Directive. The Regulation will establish a single, pan-European law for data protection, replacing the current inconsistent patchwork of national laws. Companies will deal with one law, not 28.
Pillar Two: Non-European companies will have to stick to European data protection law if they operate on the European market. What this means is that non-European companies will have to apply the same rules as their European counterparts. European regulators will be equipped with strong powers to enforce this.
Pillar Three: The Right to be Forgotten/ The Right to Erasure
The right to be forgotten builds on already existing rules to better cope with data protection risks online. If an individual no longer wants his or her personal data to be processed or stored by a data controller, and if there is no legitimate reason for keeping it, the data should be removed from their system.
The right to be forgotten is not an absolute right. For example there are cases where there is a legitimate reason to keep data in a data base, e.g. archives of newspapers. In addition the right to be forgotten includes an explicit provision that ensures it does not encroach on the freedom of expression and information.
Pillar Four: A “One-stop-shop” for businesses and citizens
The Regulation will establish a ‘one-stop-shop’ for businesses. What this means is that companies established and operating in several Member States will only have to deal with a single national data protection authority not 28, making it simpler and cheaper for companies to do business in the EU.
I missed this, progress on the new EU directive on data protection and implications on Safe Habor on the excellent Panopticon blog.Â
To summarize seems they need to trash what has already been created and start again. Germany in the driving seat now, I think, which means there should be some action. Nevertheless excepted completion is this year, 2014. Concerns about the alignment of Safe Harbor with this directive, particularly considering the amount of personal data from EU citizens, e.g. Facebook, etc., that is held in the U.S.
Natasha Lomas at TechCrunch talks about how “Systematic Surveillance Will Eat Itself“. She talks about how there is some positives product from this surveillance epidemic. In main it is represented by:
1) whistleblowers, e.g. Edward Snowden; and,
2) the rise in ephemeral type technologies that place information online in a more transitional, temporary state than what is normal today.
My take is more the move towards a ‘transparent’ society, but I am now thinking that maybe this is either the compromise, end-point that we come to, or maybe a stopping house on-route to transparency. The reason why I really do not see a strong place at this ‘half-way house’ is because it is still assuming that governments are lying to its citizens and the rest of the world, and hence the need for whistleblowers (who pay a hefty personal price for their efforts) and hence the need for ephemeral type technologies for the citizen to cover their backs… not cool!
David Lacey has written a good article in Computer Week on this subject. He literally talks about how difficult it is to balance security with privacy because they are conflicting. He connects this with PRISM. I have made some posts on this in June.
My take on this is that, sure governments need to survey in the name of national security. However, they owe it to their citizens to inform them that this is happening! i.e. be transparent. In my experience if governments, or organizations for that matter, are not transparent in their operations, it only takes some ‘incident’ that practices that have been kept secret will surface, hence scandal/cover-up.
We are today a socially, networked, i.e. connected world right down to every individual who happens to be online. And thus presents an intimate link between transparency, trust and reputation. I wonder when our governments and organizations will get this?
There’s a really fun article written by Daniel Sandström in the Svd Culture section (16 June). SvD is one of the two main Swedish national newspapers. It is in main about the dilemmas we face as 1) a citizen and, 2) consumer. It is about how our selfish choices made in the guise of (2) are in fact contrary to what we demand as (1).
For you non-Swedish speakers – The first paragraph talks about how Amazon dealt with the news that they had illegally allowed an e-book to be on their site. They removed it from all devices. It is quite funny because it was George Orwell’s 1984 😀
He discusses briefly PRISM, this I mention at the end of my previous post. This is an agreement between the main cloud, social networking spaces on logging/tracking. Main companies included are: Google, Facebook, Apple….. yep, all those places you share your personal information, including who is your family, who is your close friends vs. FB friends, maybe who you are drinking, sleeping with… oh my what a gold mine for our governments! And we share this information with pleasure. It really is irrelevant on your privacy settings here because the US government via the Patriot Act can request this personal information about you. He doesn’t mention this last part though.
Daniel talks about the choices he has made, i.e. he purchased a digital reader, after he forgot the ethical implications of what Amazon had done a couple of years ago. He states he placed his personal comfort over his principles.
He then continues to discuss how we as citizens want the cheapest food and share our buying habits for this privilege, but then complain that the government is tracking our communications! He says how we want cheap clothes for our children, but then protest at the atrocities going on in the sweat houses in India, etc., to produce these products. We still continue to purchase cheap clothes
Daniel’s leaving point is potent and true. He says that for himself he needs to think more seriously if he really will live for his comfort, or live as he has learnt, i.e. by principles. Clearly Snowden’s name popped up in this article, as he lived as a citizen and for freedom of the citizen.
What a mess with all these emotions flying around on Ed Snowden and his actions. In the one camp are those proclaiming Snowden as a traitor, and in the other extreme camp, he is a hero, a whistleblower!
The fact that the US are wire-tapping has been known for years, it’s just that the fact has never been made official. In my book Virtual Shadows published quite some time ago in 2009, there is a section just on this
“US wiretapping practices
The US government has led a worldwide effort to limit individual privacy and enhance the capability of its police and intelligence services to eavesdrop on personal conversations. The Communications Assistance for Law Enforcement Act (CALEA) sets out legal requirements for telecommunications providers and equipment manufacturers on the surveillance capabilities that must be built into all telephone systems used in the United States.” (Virtual Shadows, 2009)
Then there is “another program, known as PRISM, has given the NSA access since at least 2007 to emails, video chats and other communications through U.S. Internet companies to spy on foreigners. American emails inevitably were swept up as well.”
There have been some embarrassing exposure before the Snowden escapade, for example “Mathematician William Binney worked for the National Security Agency for four decades, and in the late 1990s he helped design a system to sort through the digital data the agency was sucking up in the exploding universe of bits and bytes. When the agency picked a rival technology, he became disillusioned. He retired a month after the terrorist attacks of Sept 11, 2001, and later went public with his concerns.” As reported by the Los Angeles Times. Blinney called this a “digital dragnet”.
My opinion?
So what’s my take on all this. Well you should know me by now, I am a fervent believer in transparency. I believe that trust can only be built on a foundation of transparency. Clearly although the governments around the world need to ‘protect’ their citizens. But why can’t they just tell them what they are doing? “We are tracking your communications”. We are pulling information from your Facebook profile if a threat to national security is felt. Just as in the EU, data subjects should have a right to know when their personal information is being accessed. They should be informed… period.
This means they continue with their activities, but are transparent in their operations. The fact is most people don’t really seem to care. They most are selling their buying habits today for a free chicken in their shopping trolley 😉
Am I a supporter of Snowden’s actions as whistle-blower. Yes I am!
There is much chit-chat going on concerning ‘the right to be forgotten’. Much is linked to the digital footprint that you leave behind you. There is a good essay referenced by The Technology Liberal Front that you can read more on. It looks at both angles, not just ‘the right to be forgotten’ but also what happens if everything is forgotten! There is after all much that we do NOT want to forget. You know great achievements, great people, an accurate history, not digitally rewritten as in Orwell’s 1984 😉
Whatever you post online as a persistence value that is difficult to control, at least today after it has been shared online. I’ve said many times before, it is best to post/share only what you are comfortable for the world to see. One should always consider with every word, photo, video one shares, what happens if it gets out in the wild and it has your name on it? How can you get this back, and will you be able to repair any damage that your digital footprint could cause?