Open AccessEU Data Protection Rules and the Lack of Compliance in Sweden
Author(s) -
Ester Herlin–Karnell
Publication year - 2020
Publication title -
nordic journal of european law
Language(s) - English
Resource type - Journals
ISSN - 2003-1785
DOI - 10.36969/njel.v3i2.22395
Subject(s) - data protection act 1998 , scope (computer science) , general data protection regulation , dimension (graph theory) , publication , business , law and economics , right to be forgotten , european union , set (abstract data type) , internet privacy , political science , law , international trade , economics , computer science , mathematics , pure mathematics , programming language
In this short reflection paper, I will set out to explain how and why Sweden breaches EU data protection rules. I will start by providing a brief overview of the EU data protection framework to paint the background picture. Thereafter I will discuss the scope for derogating from the obligations set out in the GDPR and thereby test the Swedish exception and show that it is not proportionate and undermines the purpose of the GDPR. Subsequently, I will discuss why some core fundamental rights of EU law should not be possible to derogate from, when as in the Swedish case it seems to boil down to economic question of who gets to own the data. I will conclude by linking the question of the right to data protection and why licenses should not give companies a carte blanche to publish personal data about people in Sweden to the question of market access. There is an imbalanced relationship here, to use the internal market vocabulary, with Swedish people having all their private data published online while other EU states do not do that. Likewise, there is an external dimension here: the data is available on the internet globally and therefore third countries also access it.