New blog post! Revised Protection for the security of Sweden

From the 1st of April 2019, the new Protective Security Act (2018:585) and the Protective Security Ordinance (2018:658) is in force. The aim of the new legislation is to ensure that organizations conducting activities of importance to either:

  • national security, or
  • an international protective security commitment binding for Sweden,

will work in a preventive manner to protect themselves against crimes that can threaten either the security of Sweden or such binding commitment. The new Protective Security Act sets out to clarify the requirements and obligations of the abovementioned organizations, for example how to protect data and information systems of importance to national security.

As a first step, organizations will have to investigate if they are conducting activities that fall into the scope of the new legislation. Neither the act nor the ordinance contains an explicit definition of security-sensitive activities and therefore, such investigation has to be carried out on a case-by-case basis. Guidance can be found in the following criteria and if the organization is fulfilling either one or both, it might be regarded as security-sensitive:

  • a loss or a severe disturbance in the business of the organization can alone or together with similar events in other organizations in a short time frame lead to a serious crisis in the society, and/or
  • the business of the organization is necessary or essential in order to minimize the adverse effects as efficiently as possible for an already ongoing crisis in society.

Any organization carrying out security-sensitive activities are obligated under the new legislation to ascertain and document the need for security, plan and enforce necessary security measures and follow up the security work within the organization. Also, any information of importance regarding the organization’s security shall be notified to the competent supervisory authority. Examples of security measures can include the classification of data in certain levels of security, drafting and entering into security agreements and security screening of employees.

Hopefully, the new legislation will result in organizations carrying out security-sensitive activities to be well prepared against espionage, sabotage, terrorism and other crimes. But it will also require thoughtful administration and increase the costs of such organizations. If your organization is interested to get more information about the new legislation in general or have a more specific question in mind, do not hesitate to contact us.

For more information, please contact Erik Myrbergerik.myrberg@synchlaw.se, +46 761 761 948

News and Insights
Blog Posts

ANONYMISATION AND PSEUDONYMISATION OF PERSONAL DATA

29/11/2019

This blog post is written by Erik Myrberg, lawyer at Synch Recital 26 of the GDPR clarifies that the principles of data protection should not apply to anonymous information, namely information which does not relate to an identified or identifiable natural person or to personal data rendered anonymous in such a manner that the data subject […]

Press release

Synch has acted as legal advisor to Zington AB

22/11/2019

Synch has acted as legal advisor to Claremont AB (under name change to Zington AB) with trademark strategy work in connection with its expansion plans to becoming a global brand.

Blog Posts

ABOUT THE NEW PROPOSITION ON GENERAL ADVICE FOR CONSUMER CREDITS

14/11/2019

The rules on how consumer credits can be granted and marketed are spread out in several different acts and regulations.

Blog Posts

Strong customer authentication – about the new rules on electronic payments

08/11/2019

Strong customer authentication (SCA) means that a customer must verify his/her identity with two from each other independent factors when using electronic payment methods, for example when using a credit card. The rules, which are based on EU legislation, aims to increase the security of electronic payments and combat fraud. Generally speaking, the legislation does […]

Press release

3 SYNCH LAWYERS RANKED IN Who’s Who Legal

08/11/2019

Since 1996 Who’s Who Legal has identified the foremost legal practitioners in 34 areas of business law. Over 16,000 of the world’s leading private practice lawyers in over 100 countries are featured

Press release

SYNCH HAS ACTED LEGAL ADVISOR TO SKALL STUDIO IN CONNECTION WITH THE TRANSACTION

22/10/2019

Synch has assisted SKALL STUDIO with the transaction. Tobias Kisum has led the transaction.