Sweden has long been a leader in the implementation of Europe’s
privacy directive. Back in 1998 I
on a controversial application of its very strict privacy law. A very
similar case was recently circulated and is described in the featured
URL for this blog.
I think the issues raised by this case, as well as the 1998 one,
should be carefully examined. Let me give a bit of background here.
In sharp contrast to the United States, Europeans have been passing
comprehensive laws for decades to restrict what governments and
companies can do with people’s data. This is partly because Europe has
a more intrusive regulatory environment in general, but partly because
the Nazi experience made the European public conscious of the
importance of privacy and the potential results of its violation.
The current state of legal privacy is reflected in a European
Parliament directive of 1995 that was supposed to go into effect in
laws passed by members of the European Community in 1998. The Swedish
law is very strict one and, as you can see, is strictly interpreted.
Given a directive aimed at abuses by large institutions, it is easy to
scoff at the enforcement of the law against a woman reporting on the
activities of fellow church-goers. But the case alerts us that the
world of data and publishing has changed. A casual mention on a
personal Web site is a big deal, and the court is merely recognizing
My daughter recently did a Web search for herself, and was surprised
to discover that she can be found on the Web. In fact, her picture was
on the Web thanks to someone who had snapped photos at a casual town
event and posted them with captions. We are not particularly happy
that a girl’s name, photo, and approximate location can be found on
the Web without her decision. I am not ready to go all the way and
call for Swedish-style law enforcement, but I think we should all be
more aware of what we’re doing online.
How does one balance privacy and availability of information?