The new Swedish security protection legislation clarifies the obligations for companies with security-sensitive activities and the importance of the operators performing security protection analyses for their operations.
What is security protection?
Security protection means preventative measures to protect Sweden's security against espionage, sabotage, terrorist crimes and other crimes. The technological development in recent years means that we need to broaden the concept of security. In addition, public sector organisations and private companies should now also be included within the framework of security protection.
What does the new law mean?
To strengthen the security protection, the Government proposes a new security Law. The new Law, the Security Protection Law (2018: 585) contains requirements for measures aimed at protecting information that is of importance for Sweden's security or which is to be protected according to an international commitment for security protection. The protection of other security-sensitive activities, such as important information systems, is also being strengthened.
The new Law clarifies the obligations for companies with security-sensitive activities and the importance of the operators performing security protection analyses for their operations.
Some news is that it becomes mandatory with traceability logs and a security officer for all operators. Addtionally, on proposal, is that sanctions can be imposed.
Who is the new Security Protection Law for?
The Law will apply to activities that are run in both public and private areas and those concerned can seek support and advice from the Security Service and the Armed Forces and other supervisory authorities. New is that businesses with data worth protecting are covered, without being officially classified as secret. This can, for example, be about critical infrastructure and their systems for operation, since these represent a potential vulnerability.
When does it begin to apply?
The new Security Protection Law applies from April 1, 2019.
Supplements to the Security Protection Act (August 2020)
To strengthen the protection of Sweden's security, the Government proposes supplements to the Security Protection Act (2018: 585). They have therefore decided on a law council referral with proposals for amendments to the Security Protection Act that apply to transfers of security-sensitive activities. The proposal aim to prevent potential sales that could harm the security of Sweden.
The proposal includes the following:
- Operators who intend to transfer security-sensitive activities or certain property will be obliged to carry out a special security assessment as well as a suitability test before such a procedure is initiated.
- Operators will be obliged to consult with a consultative authority prior to the transfer.
- The consultation authority will be given the opportunity to order operators to take measures to fulfill their obligations under the law and ultimately decide that a transfer may not be carried out (prohibition).
- A transfer in violation of a prohibition will be invalid.
The amendment is proposed to enter into force on January 1st, 2021. Read more here (in Swedish).