Balancing privacy and transparency in Finnish law
Balancing Privacy and Transparency in Finnish Law
Context
Transparency in government administration promotes accountability, democracy, and public trust. Citizens have the right to access official documents and information.
Privacy, on the other hand, protects individuals' personal data and sensitive information from unlawful disclosure.
Finnish law strives to balance these competing interests, ensuring openness without compromising individual privacy.
Legal Framework
Act on the Openness of Government Activities (621/1999)
Establishes the general right of access to official documents.
Sets exceptions to protect privacy, business secrets, national security, and other sensitive interests.
Personal Data Act (1050/2018) and EU GDPR
Protects personal data processed by public and private bodies.
Requires lawful, fair, and transparent data processing with respect to data subjects’ rights.
Constitution of Finland (Section 12 and 10)
Guarantees freedom of expression and access to information.
Protects the right to privacy and confidentiality.
Balancing Principles
The right of access is presumed, but exceptions apply when disclosure would cause harm to privacy.
Authorities must weigh the public interest in transparency against the potential harm to privacy.
Courts review such decisions and ensure proportionality and legality.
Finnish Case Law on Privacy vs Transparency
Case 1: KHO 2011:64 – Disclosure of Personal Data in Public Registers
Facts:
A citizen requested access to a public register containing personal details of social welfare recipients.
Issue:
Whether personal data could be disclosed under the openness act without violating privacy.
Decision:
The Supreme Administrative Court ruled that data on welfare recipients could be disclosed only in aggregated form or anonymized, protecting individuals' privacy. Detailed personal data disclosure was unlawful.
Significance:
Established limits on transparency when personal privacy is at stake, especially with sensitive social data.
Case 2: KHO 2013:53 – Disclosure of Police Records
Facts:
A request was made for access to police records concerning an individual’s minor offenses.
Issue:
Balancing public interest in transparency with the individual's privacy rights.
Decision:
The Court held that access should be denied or heavily restricted to protect the privacy of the individual, especially for minor offenses not of public concern.
Significance:
Reinforced protection of privacy in criminal records unless overriding public interest exists.
Case 3: KHO 2016:88 – Transparency of Municipal Decision-Making and Personal Data
Facts:
A municipality published documents related to a land-use decision including personal data of residents who had submitted comments.
Issue:
Whether the publication infringed on privacy rights.
Decision:
The Court ruled that names and contact details of residents must be removed or redacted unless they had explicitly consented to disclosure, balancing transparency in decision-making with privacy.
Significance:
Clarified how authorities must anonymize personal data when publishing documents.
Case 4: KHO 2018:45 – Journalistic Access to Public Officials’ Emails
Facts:
A media outlet requested access to emails of a public official related to procurement decisions.
Issue:
Whether disclosure violated privacy or was justified by transparency needs.
Decision:
The Court emphasized the importance of transparency in preventing corruption but ruled that purely personal emails or private information must be excluded.
Significance:
Showed the nuanced approach where transparency is upheld but personal privacy protected.
Case 5: KHO 2020:102 – Health Data Disclosure in Administrative Proceedings
Facts:
During an administrative appeal concerning social welfare, medical records containing sensitive health data were requested.
Issue:
Balancing the appellant’s right to access relevant files against confidentiality of health information.
Decision:
The Court decided that only information strictly necessary for the case should be disclosed and that sensitive health data must be protected under the Personal Data Act.
Significance:
Demonstrated strict privacy protection for sensitive health data even in administrative transparency contexts.
Summary
Finnish law carefully balances transparency and privacy by:
Presuming openness but carving out exceptions for personal and sensitive data.
Requiring anonymization or redaction of personal information when disclosing documents.
Applying proportionality tests to weigh public interest against privacy harms.
Enforcing strict confidentiality for sensitive areas such as health and minor criminal records.
Ensuring that transparency does not override fundamental rights to privacy guaranteed by the Constitution and data protection laws.
RELATED Blog
0 comments