Trends in Data Protection Law

Abstract

The first national legislation aimed at protecting the informational privacy of individuals when their personal data are processed in computers saw the light of day in Sweden in 1973. The Swedish 1973 Data Act only covered processing of personal data in traditional, computerised registers. The act did not contain many material provisions on when and how the data should be processed, or general data protection principles. Instead, the act required for each computerised personal data register a prior permit from a new data protection authority – the Data Inspection Board. When a permit was given, the Board issued tailor-made conditions for that register.
Soon, the general 1973 Data Act was supplemented by a number of special data protection laws covering particular computerised personal data registers held by authorities. Those special data protection laws contained tailormade provisions for each register.