The policy of the law
section 1 of this Act are implemented Council framework decision 2008/977/JHA
of 27 november 2008 on the protection of personal data
processed in the framework of police and judicial
cooperation (the data protection framework decision).
The scope of the law
section 2 of this Act apply to the processing of personal data in
activities the purpose of which is to prevent, prohibit or
detecting criminal activities, investigation or prosecution of criminal offences
or the execution of criminal penalties, if the information
in the framework of police cooperation and judicial cooperation in criminal matters
made or have been made available or transferred, or has
transferred between a Swedish authority and
1. a State which is a member of the European Union (EU),
2. Iceland, Norway, Switzerland or Liechtenstein,
3. an EU agency, or
4. an EU information systems.
When the Swedish authorities transmit personal data to or
make such information available to those referred to in the first
paragraph 1-4 apply only to the provisions of §§ 3 and 9, with the
restrictions imposed by paragraph 4.
section 3 of the Act apply to the processing of personal data
is completely or partially automated. The law also applies to
other treatment of personal information, if the information is included in the
a structured set of personal data which are
available for searching or compilation under
specific criteria.
4 §/expires U: 2016-01-01-the law does not apply to the processing of personal data
related to national security.
The Act also does not apply to the processing of personal data
made or have been made available or transmitted or
uploaded by
1. the exchange of information relating to the Schengen
information system (SIS),
2. Exchange of information through the customs information system (CIS),
3. the exchange of information with the support of Council decision 2008/615/JHA of
23 June 2008 on the stepping up of cross-border
cooperation, particularly in combating terrorism and
cross-border crime (Prümrådsbeslutet), or
4. access pursuant to Council decision 2008/633/JHA of 23 June
2008 on access to the visa information system
(VIS) by designated authorities of Member States
and by Europol for the purposes of the prevention, detection and investigation
of terrorist offences and of other serious criminal offences.
4 section/entry into force: 01/01/2016/Act does not apply to the processing of personal data relating to national security.
The Act also does not apply to the processing of personal data that are made or have been made available or transmitted or transferred through 1. Exchange of information relating to the Schengen information system (SIS),
2. Exchange of information through the customs information system (CIS),
3. the exchange of information with the support of Council decision 2008/615/JHA of 23 June 2008 on the stepping up of cross-border cooperation, particularly in combating terrorism and cross-border crime (Prümrådsbeslutet),
4. access pursuant to Council decision 2008/633/JHA of 23 June 2008 concerning access to the visa information system (VIS) by designated authorities of Member States and by Europol for the purposes of the prevention, detection and investigation of terrorist offences and of other serious criminal offences, or
5. the exchange of information with the support of the European Parliament and Council Directive (EU) 2015/413 dated 11 March 2015 on facilitation of cross-border exchange of offence (CBE), in the original wording. Law (2015:784).
Permissible purposes for processing personal data
paragraph 5 of the Personal data obtained pursuant to article 2 of the first
subparagraph may only be processed for purposes other than those
the data are first transferred or made available to,
If the purpose of reading is to
1. prevent, prevent or detect criminal activity,
investigation or prosecution of criminal offences or the execution of criminal
penalties,
2. take action in judicial or administrative
procedures directly related to the prevention,
preventing or detecting criminal activities, investigation or
prosecution of criminal offences or the execution of criminal penalties,
or
3. stave off an immediate and serious threat to public
Security.
Personal data may also be processed for purposes other than those
referred to in the first subparagraph, if the person who transferred or made
the data available have consented or the
to which the data relate has consented to it.
Personal data may also be processed for historical,
Scientific and statistical purposes.
Transfer of personal data to individual
section 6 of the Personal data obtained pursuant to article 2 of the first
subparagraph may be transferred to any individual if
1. any person who transferred or made the data available have
admitted that they are transferred,
2. transfer is necessary for the
(a)) the authority to carry out a legal
task,
b) prevent, prevent or detect criminal activity,
investigation or prosecution of criminal offences or the execution of criminal
penalties,
c) ward off an immediate and serious threat to public
security, or
d) prevent an individual's rights are seriously violated,
and
3. no legitimate interests pursued by the data refer to
prevents the transmission.
The first subparagraph shall not apply in respect of information provided
to the individual in dealing with criminal matters.
Transfer of personal data to third countries or
international bodies
section 7 of the Personal data obtained pursuant to article 2 of the first
subparagraph shall, in addition to those set out in section 2, first paragraph
1 – 4, be transferred to third countries or international bodies.
However, the data may be transferred only if
1. any person who transferred or made the data available have
admitted that they are transferred,
2. it is necessary to prevent, eliminate or
detecting criminal activities, investigation or prosecution of criminal offences
or the execution of criminal penalties,
3. the receiver is responsible for such activities as specified in 2,
and
4. the State of the receiving authority, or the
receiving international body has an adequate
level of protection for the intended processing of personal data.
If the requirement of an adequate level of protection within the meaning of the first subparagraph 4 do not
is met, the personal data still be transferred in a single
cases where the transfer is justified by a legitimate interest
in the to which the data relate, or of a particularly important
general interest or if the recipient of the individual case
provides sufficient safeguards for
the personal data.
If the consent referred to in the first subparagraph 1 due to lack of time
cannot be obtained in advance, get personal information yet
be transferred if it is necessary to stave off an immediate
and serious danger to public security. The same applies if the
It is necessary to prevent an immediate and serious
danger to other essential interests of Sweden or other
Member State of the European Union.
Terms of usage restrictions
Conditions imposed by other States or agencies
section 8 If a Swedish authority has obtained the information under paragraph 2 of
the first paragraph and there are conditions that limit the
the ability to use the data, the Swedish authorities
comply with the terms and conditions, regardless of what is prescribed by law or
other statutes.
It is stated in the first paragraph shall not prevent the data
After the end of such a period of thinning
specified as a condition for the transfer, if the treatment
needed for an ongoing investigation, prosecution of criminal offences or
enforcement of criminal penalties. The data shall
then culled when they are no longer needed for such a
purposes.
Conditions when Swedish authorities transmit data
or make information available
§ 9 About a Swedish Authority transmits the personal data to or
making personal information available to any of those referred to in
2 paragraph 1 – 4, the authority shall inform the recipient
If the special conditions that apply to use of
the data. The conditions shall not involve other restrictions
than those that apply when transferring within Sweden and may not
either be contrary to an international agreement that is
binding for Sweden.
Other provisions
section 10 of the provision concerning the adjustment of damages in section 48
subparagraph personal data Act (1998:204) does not apply to the
the processing of personal data in accordance with this Act.
section 11 of the Government or the authority the Government determines
announces further regulations on the protection of
personal information under this Act.
Transitional provisions
2013:329
This law shall enter into force on 1 July 2013, but will not be applied
on data transmitted or made available
earlier.