New blog post! Revised Protection for the security of Sweden

From the 1st of April 2019, the new Protective Security Act (2018:585) and the Protective Security Ordinance (2018:658) is in force. The aim of the new legislation is to ensure that organizations conducting activities of importance to either:

  • national security, or
  • an international protective security commitment binding for Sweden,

will work in a preventive manner to protect themselves against crimes that can threaten either the security of Sweden or such binding commitment. The new Protective Security Act sets out to clarify the requirements and obligations of the abovementioned organizations, for example how to protect data and information systems of importance to national security.

As a first step, organizations will have to investigate if they are conducting activities that fall into the scope of the new legislation. Neither the act nor the ordinance contains an explicit definition of security-sensitive activities and therefore, such investigation has to be carried out on a case-by-case basis. Guidance can be found in the following criteria and if the organization is fulfilling either one or both, it might be regarded as security-sensitive:

  • a loss or a severe disturbance in the business of the organization can alone or together with similar events in other organizations in a short time frame lead to a serious crisis in the society, and/or
  • the business of the organization is necessary or essential in order to minimize the adverse effects as efficiently as possible for an already ongoing crisis in society.

Any organization carrying out security-sensitive activities are obligated under the new legislation to ascertain and document the need for security, plan and enforce necessary security measures and follow up the security work within the organization. Also, any information of importance regarding the organization’s security shall be notified to the competent supervisory authority. Examples of security measures can include the classification of data in certain levels of security, drafting and entering into security agreements and security screening of employees.

Hopefully, the new legislation will result in organizations carrying out security-sensitive activities to be well prepared against espionage, sabotage, terrorism and other crimes. But it will also require thoughtful administration and increase the costs of such organizations. If your organization is interested to get more information about the new legislation in general or have a more specific question in mind, do not hesitate to contact us.

For more information, please contact Erik, +46 761 761 948

News and Insights

Synch continues to invest in digitalisation and AI, article in Computer Sweden


Interview with CEO, Jim Runsten, on future offerings from Synch described by Computer Sweden.

Blog Posts

Jesper Theil Thomsen: “Founder friendly investments should be simple and straightforward”


Synch, inQvation and TechBBQ has joined forces to take a closer look at the term: ‘founder friendly’. This blog post is with Jesper Theil Thomsen is co-founder and CEO of SOUNDBOKS.

Blog Posts

Let’s talk about it with Frederikke Antonie Schmidt, founder of Roccamore


On Thursday June 27, Frederikke Antonie Schmidt, founder of Roccamore, joins the panel discussion at TalkBBQ – The Nordic Investment Culture.




Synch Advokat AB have been asked by the American Chamber of Commerce in Sweden to prepare a memorandum on the CLOUD Act in order to explain and clarify the meaning and consequences of the same.

Press release

Synch partners up with tech hub HETCH


Hetch is an initiative supporting the city of Helsingsborgs ambitious goal of becoming one of Europes most innovative cities by 2022.

Blog Posts

TalkBBQ – The Nordic Investment Culture: What does ”founder friendly” mean?  


We have asked five central stakeholders in the ecosystem to provide us with their views on the Nordic investment culture. This blog post is with Claus Zibrandtsen, CEO at inQvation.