First page >
For the Protection of Privacy
the first Personal Data File Act came into force, marking the first law concerning data protection in Finland. The Act was to prevent violations of integrity at all stages of data processing. The functional objective was to promote the development of, and compliance with, good data processing practices.
On June 1, 1999
the Personal Data Act, which replaced the Personal Data File Act, came into force. The main principles of the protection of privacy remained largely unchanged. The Personal Data Act accommodates the constitutional reform and the EU Data Protection Directive (Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the of personal data and on the free movement of such data). The basic rights and freedom of individuals are even more strongly emphasised also in the processing of personal data.
1 September 2004
saw the enactment of the Act on the Protection of Privacy in Electronic Communications, which safeguards confidentiality and privacy in telecommunications. It seeks to clarify the rules for processing confidential identification data and to expand their scope to encompass corporate or associate subscribers. Compliance with the Act on the Protection of Privacy in Electronic Communications and any provisions issued under it is mainly supervised by the Finnish Communications Regulatory Authority. The Data Protection Ombudsman supervises the processing of location data, telephone directories and directory inquiries, compliance with provisions pertaining to direct marketing by means of automated systems and compliance with provisions pertaining to a user’s special right of access to information. The Act on the Protection of Privacy in Electronic Communications repealed the Act on the Protection of Privacy and Data Security in Telecommunications enacted in 1999.
1 October 2004
saw the enactment of the Act on the Protection of Privacy in Working Life, which addresses the key data protection issues by creating various procedures for the needs of working life. The act repealed the previous, 2001 act of the same name. The factual content of the provisions in the new act are the same, but the structure has changed due to new provisions on drug testing, camera surveillance and electronic mail privacy protection. The amendment to the Act about how to process personal credit data entered into force on 1 September 2008. The Personal Data Act and the Act on the Protection of Privacy in Electronic Communications contain general data protection provisions, which are also applied in working life.
There are special regulations concerning the processing of personal data in other laws and acts as well. The Act on the Openness of Government Activities controls the access to public registers.
Personal Data Act (523/1999)
An unofficial translation of finnish Personal Data Act. Based on the text adopted by the Parliament in March 1999.
Act on the Openness of Government Activities
Act on the Protection of Privacy in Electronic Communications