Sweden is going to have fun with the new Data Protection Regulation

There's starting to be a bit of a flurry here in Sweden with the upcoming new Regulation. One of the communications I received last week was concerning the fact that here in Sweden our personal data, including our ID is considered public information. This will not be the case once the Regulation comes into effect. … Continue reading Sweden is going to have fun with the new Data Protection Regulation

Ratsit is so kind as to remove sensitve data from public eyes

I am being continually amazed by the lack of respect there is here in Sweden for personal data. I have written so much on this subject already. However I came across this article a couple of weeks ago concerning Ratsit (who are one of those companies that have an 'utgivningsbevis' which means they can use … Continue reading Ratsit is so kind as to remove sensitve data from public eyes

PII Collection – Purpose Limitation & Proportionality

I've been publishing on the subject of personal privacy since 2007, and finally, now, in 2015 I decided to take my CIPP/E. The CIPP credential says you know privacy laws and regulations and how to apply them according to the International Association of Privacy Professionals (IAPP). Why did I take this certification? After all I have a … Continue reading PII Collection – Purpose Limitation & Proportionality

Foreign companies can bypass Swedish Personal Data Act (PUL)

Yes I know, I'm here again complaining about the Swedish law protecting personal information that has no teeth! Now it seems that there is another loophole in the law following a new ruling that enables foreign companies to extract and use PII of Swedish residents/citizens, any persons associated with a Swedish ID#. Read more in this article which … Continue reading Foreign companies can bypass Swedish Personal Data Act (PUL)

Kapade Spotify-grundarens identitet

I am amazed at how little publicity there was on Daniel Eks, founder of Spotify that had his identity stolen. The identity fraudster purchased goods of nearly 1 million kronor in his name and has now been indicted to 2 years in prison. A small price to pay for 1 million kronor don't you think? … Continue reading Kapade Spotify-grundarens identitet

Id-kapning lätt med dagens lag

The Swedish press is now starting to discuss the problems with the law that gives easy access to the id numbers of Swedish residents. There is documented the background concerning this problem here.

Krafttag krävs mot id-kapning I Sverige

The rapid increase in identity fraud in Sweden is gaining some media attention (http://www.svd.se/opinion/brannpunkt/krafttag-kravs-mot-id-kapning_3767990.svd). However they are missing the point. The solution is not to purely simplify the 'clean-up process, but to change the law. And changing the law is not purely about criminalizing the crime but to enforce an individual's basic fundamental right to … Continue reading Krafttag krävs mot id-kapning I Sverige

In Sweden 6 of 10 digits of personal ID is public by law

This makes you vulnerable to identity theft. Swedish residents have no legal right to protect their personal identifying information (PII) which includes the first 6 digits of the 10 digits (AAMMDD-xxxx) of Swedish IDs. Except is if you have a protected identity. Following is the response I received from one of the credit reporting agencies … Continue reading In Sweden 6 of 10 digits of personal ID is public by law

Letter from Datainspektionen (The Swedish Data Inspection Board)

This is the letter from the Swedish Data Inspection Board. They were kind enough to reply in English 🙂 The Swedish Data Inspection Board has received your complaint. The Swedish Data Inspection Board is supervisory authority according to the Personal Data Act (1998:204). There is a possibility for websites to apply for impediment to publication … Continue reading Letter from Datainspektionen (The Swedish Data Inspection Board)

Glad födelsdag – Happy Birthday – for your Swedish ID#

Reblog from post in 2009. Very relevant to the Tracey series.

Virtual Shadows

I was surprised when taking a coffee with one of my colleagues in the office. She received an SMS thanks from another of our colleagues her for the birthday greeting. When I asked her, how did she know, she said she found it online at http://www.birthday.se/kontakta-oss/Default.aspx. She then told me when my birthday was and even a map to where I lived (although they did get this wrong). Nevertheless surprise became horror. I had already removed my details from www.hitta.se only to find myself at another site. So I checked with a previous colleague of mine (Martin Da Fonseca) that studied security law in Sweden if this was in fact legal? And this was his response.

“It is legal. The service provided by Upplysning.se is regulated in Kreditupplysningslagen (credit information legislation) (1973:1173).

I believe the service provided by birthday.se is using (or exploiting) the fact that this information is…

View original post 419 more words