Data Protection
The purpose of The 1998 Personal Data Act is to protect people against the violation of their personal integrity by processing of personal data.
The Act is based on and implements an EC Directive (95/46/EC) on data protection. The Act is applicable to automatic processing of personal data in both the public and private sector. Manual processing of personal data in traditional paper-based files is also covered in certain cases. The general Personal Data Act is supplemented by a Personal Data Ordinance and numerous more specific acts and regulations for certain areas or registers instituted by authorities.
The Personal Data Act Inquiry has made a review of the 1998 Personal Data Act in order to see if and to what extent it is possible to, within the boundaries of the EC Directive, achieve a more misuse-oriented approach (SOU 2004:6). The Inquiry proposed an exemption from the great majority of handling regulations in the Personal Data Act for the processing of personal data that does not form part of and is not intended to form part of a set of personal data that has been structured in order to significantly facilitate searches for or compilations of personal data specifically, i.e. in practice personal data registers and personal data-related databases.
