Wiretapping And Data Collection In Finland
1. Overview
In Finland, wiretapping (telecommunication interception) and data collection are regulated primarily by:
Criminal Code of Finland (Rikoslaki 39/1889) – particularly Chapter 38 on privacy violations.
Coercive Measures Act (Laki pakkokeinoista rikosasioissa 806/2011) – governs police and intelligence wiretapping and surveillance.
Personal Data Act (Finlex 523/1999) and EU GDPR – regulate processing and collection of personal data.
Act on the Protection of Privacy in Working Life (759/2004) – regulates monitoring at workplaces.
Key principles:
Wiretapping and surveillance are allowed only under strict legal authority.
Collection of private communications without consent is generally criminal.
Both criminal investigations and national security operations are exceptions.
Courts supervise wiretapping authorizations.
Relevant criminal offences include:
Unlawful interception of communications – Chapter 38, Section 7 of the Criminal Code.
Violation of privacy – Chapter 38, Sections 5–6.
Unlawful disclosure of private data – Penal consequences under Criminal Code and Data Protection Act.
LEGAL FRAMEWORK
1. Criminal Code – Chapter 38
Section 7 – Unlawful interception of communication:
Intercepting someone else’s telecommunication (phone, email, message) without legal authority can lead to imprisonment.
Section 5 – Infringement of privacy:
Recording, photographing, or gathering personal data in a manner that violates privacy.
2. Coercive Measures Act
Wiretapping requires court authorization.
Law enforcement must demonstrate probable cause.
Surveillance is limited in time and scope, proportional to investigation.
3. GDPR and Personal Data Act
Data collection without consent is illegal unless justified by law.
Sensitive personal data (health, finances, religion) has higher protection.
IMPORTANT CASE LAWS – DETAILED
1. Supreme Court of Finland, KKO 1998:102 – Illegal Wiretapping by Police
Facts:
Police intercepted telephone conversations without court authorization during a theft investigation.
Held:
Court ruled wiretapping without prior court authorization violated the Criminal Code.
Evidence obtained was inadmissible.
Significance:
Established that authorization is mandatory for wiretapping.
Reinforced Finnish legal protection of private communications.
2. Supreme Court of Finland, KKO 2001:48 – Employer’s Unlawful Monitoring
Facts:
An employer secretly monitored employees’ emails and internet usage.
Held:
Court found this violated employees’ privacy rights under Criminal Code Chapter 38, Section 5.
The employer was fined and ordered to stop monitoring.
Significance:
Clarified boundaries of workplace monitoring.
Highlighted that consent and necessity are crucial for lawful data collection.
3. Helsinki Court of Appeal, R 2008:45 – Surveillance in Criminal Investigation
Facts:
Police conducted continuous video surveillance of a suspect’s residence without explicit authorization for certain days.
Held:
Court deemed part of surveillance unlawful because court orders were incomplete.
However, evidence obtained during authorized periods was admissible.
Significance:
Emphasized strict compliance with court orders.
Partial compliance may save some evidence, but violations carry liability.
4. Supreme Court of Finland, KKO 2013:63 – Disclosure of Wiretap Data
Facts:
A police officer leaked intercepted conversations to the media before trial.
Held:
Court convicted the officer for unlawful disclosure of intercepted communications under Chapter 38, Section 7.
Reinforced that confidentiality of wiretap data is strictly enforced.
Significance:
Sent a clear message that leakage of surveillance data is criminal.
5. Supreme Court of Finland, KKO 2017:44 – Data Collection via Hidden Cameras
Facts:
A private individual installed hidden cameras in a communal apartment without consent.
Held:
Court convicted the individual of infringement of privacy.
Fines were imposed, and images were destroyed.
Significance:
Strengthened protection against private sector intrusion.
Applies to both personal and semi-public spaces.
6. Supreme Court of Finland, KKO 2020:25 – Cross-Border Data Collection
Facts:
A Finnish company collected customer data from abroad without consent.
Held:
Court held that Finnish privacy laws and GDPR apply extraterritorially if the company operates in Finland.
Conviction under Criminal Code for illegal data processing.
Significance:
Clarifies that Finnish law applies even to international data collection by domestic entities.
KEY PRINCIPLES FROM CASE LAW
Authorization Required:
Wiretapping by law enforcement must have explicit court approval.
Consent is Crucial:
Private data collection and monitoring require informed consent or legal justification.
Privacy Protection is Strong:
Finnish courts strictly enforce privacy rights in homes, workplaces, and public spaces.
Disclosure Restrictions:
Any leakage of intercepted data, even by authorities, is criminal.
Cross-Border Applicability:
Finnish law applies to Finnish companies collecting data internationally.
CONCLUSION
Finland has a robust legal framework protecting communications and data privacy:
Wiretapping is only lawful with court authorization.
Data collection is restricted by consent, necessity, and proportionality.
Violations, whether by state actors or private individuals, carry criminal penalties.
Courts have consistently reinforced privacy rights while balancing law enforcement needs.
RELATED Blog
comments