Region: Sweden

Swedish regulator fines insurance company for security failings

Sweden’s privacy regulator has identified "fundamental" security deficiencies in insurer Trygg-Hansa's IT system.

30 August 2023

Sweden issues EU’s first Google Analytics fines

Sweden’s data protection authority has fined two companies for their use of Google Analytics – the first such monetary penalty to be imposed as a result of a series of complaints issued by noyb.

03 July 2023

Swedish regulator fines news company for customer profiling

Sweden’s privacy watchdog has fined Bonnier News SEK 13 million (€954,000) for unlawfully processing data across its affiliates for marketing purposes without obtaining customer consent.

27 June 2023

Spotify hit with GDPR data subject access fine

Sweden’s data protection authority has issued a 58 million kronor (€5 million) GDPR fine against the music streaming app – four years and a legal battle after noyb lodged its complaint with the regulator.

13 June 2023

Swedish GDPR fine against Klarna cut

A Swedish court has upheld parts of the data regulator decision against Klarna, but reduced the penalty figure from 7.5 million kronor (€663,000) to 6 million (€535,000).

17 April 2023

ECJ clarifies interactions between GDPR and civil discovery

The European Court of Justice has confirmed the GDPR applies to disclosure orders in civil litigation, forcing courts to balance the interests of affected data subjects against those who seek evidence.

02 March 2023

Winter break 2022 round-up

2022 was yet another busy year for data protection, and even as GDR took a brief break from its usual programming over the Christmas period there were still developments worth noting. We’ve rounded up the most important stories from the end of the year, from fines to class action arguments to new jobs for those at the top of the privacy world.

03 January 2023

Swedish court says GDPR complainants are parties to investigation

The Stockholm administrative court said a decision by the data regulator to exclude an individual from an investigation into a complaint he filed was incompatible with the GDPR, in a case that could force the watchdog to radically revise its enforcement model.

02 November 2022

Danske Bank first to gain AML data processing permission in Sweden

Sweden’s data regulator has allowed Danske Bank to process information about its own customers across different branches in order to fulfil its anti-money laundering obligations, but warned that the bank must still comply with the GDPR overall in doing so.

10 October 2022

ECJ adviser clarifies interactions between GDPR and civil procedural rules

A European Court of Justice advocate-general has said the GDPR applies to orders for the provision of evidence in civil proceedings, forcing courts to balance the interests of affected data subjects against those who seek evidence.

07 October 2022

Unlock unlimited access to all Global Data Review content