Privacy Laws & Business European Privacy Officers Network

Privacy Laws & Business European Privacy Officers Network

Roundtable with the Director General and Senior Staff of

Sweden’s Data Inspection Board

30th May 2007, Stockholm, Sweden

Host: Bird & Bird, Stockholm

Speakers

1. Göran Gräslund, Director General, the Data Inspection Board
2. Hans-Olof Lindblom, Legal Advisor, the Data Inspection Board
3. Elisabeth Wallin, Senior International Officer, the Data Inspection Board
4. Anna Hörnlund, Legal Advisor, the Post and Telecommunications Agency

Programme

8.45 Registration and coffee

9.00 Welcome and Introduction

9.05 Session 1

1.The tasks and powers of the Data Inspection Board in the private sector

1.1. Presentation of the Board; strategy and approach to data protection and enforcement: staff, tasks, supervisory activity and practice, powers etc.

Questions and answers

2. Particular features of Swedish legislation and practice and their effects on the private sector

2.1 The principle of public access to official documents, the right to anonymity, the duty of journalists not to reveal sources and implications for whistle-blowing, personal identification numbers etc.

2.2. General issuesregarding Sweden’s Personal Data Act (1998): Scope, notification obligations, exemptions for non-structured processing (amendments of 2007)

2.2Direct marketing: Codes of conduct, Sweden’s Person and Address Register (SPAR), the principle of public access and direct marketing

2.3International data transfers: General rules, Binding Corporate Rules

Questions and answers

10.30 Coffee

10.50 Session 2

3. The Electronic Communications Act (2003)

3.1 The Electronic Communications Act and the Personal Data Act

Anna Hörnlund, Legal Advisor, the Post and Telecommunications Agency

• Which law applies? Division of duties between Sweden’s National Post and Telecom Agency and the Data Inspection Board

• Rules on private use of public directory data
• Different rules for consumer and business lists

• Marketing via mobile devices

• Logging and retention of consumer traffic data for business purposes

3.2 Direct marketing and electronic communications

Questions and answers

12.00 Lunch

13.00 Session 3

4. Data protection and employment

4.1Access to employees’ e-mail

4.2Drug tests on employees

4.3Human resources databases

4.4Monitoring employees (CCTV, GPS)

Questions and answers

1. Health data and other sensitive data in the private sector

5.1Loyalty cards, whistle blowing, data about criminal convictions

5.2 Pharmaceutical companies, insurance companies, credit information agencies

Questions and answers

14.30 Break

14.50 Session 4

6. Personal data officers

6.1 Consultation with the Data Inspection Board, training

Questions and answers

1. Information Technology issues

7.1 The Data Inspection Board’s strategy and approach to the Internet

7.2 Recommendations on IT-security

Questions and answers

1. Other subjects – discussion

16.00 Close