Cyber Law at Finland
Finland has a robust and evolving cyber law framework that integrates European Union directives, national legislation, and strategic initiatives to address emerging digital threats. Here's an overview of the key components:
Cybersecurity and Data Protection Framework in Finland
1. Cybersecurity Act and NIS 2 Directive Implementation
Finland is in the process of implementing the EU's NIS 2 Directive, which aims to enhance cybersecurity across critical sector. The Finnish government proposed a new cybersecurity act in May 2024 to align with the directive's requirements, including risk management, incident reporting, and sector-specific supervision.
2. Criminal Code Provisions on Cybercrime
Finland's Criminal Code addresses various cybercrimes, including:
Hacking and Unauthorized Access Penalties range from fines to up to three years' imprisonment for gross breaches.
Data Protection Offenses Violations can result in fines or up to one year's imprisonment.
Denial-of-Service Attacks Interference with information systems can lead to fines or imprisonment, with gross breaches attracting up to five years' imprisonment.
Malware Distribution Offenses related to malware can result in fines or up to one year's imprisonment.
Cybercrime Tools Distribution of tools used for cybercrimes can lead to fines or up to one year's imprisonment.
3. Data Protection Laws
Finland enforces the EU General Data Protection Regulation (GDPR) alongside national legislation, including:
Finnish Data Protection Act (1050/2018) Provides additional provisions complementing the GDP.
Act on Electronic Communications Services (917/2014) Addresses privacy and security in electronic communication.
Act on the Protection of Privacy in Working Life (759/2004) Regulates employee privacy in the workplace.
4. Cybersecurity Strategy and National Initiatives
In December 2024, Finland published a revised Cybersecurity Strategy Implementation Plan extending to 203. The plan focuses to:
Developing a competent and innovative cyber ecosystem.
Enhancing societal cyber resilience and operational reliability.
Strengthening national and international cooperation.
Ensuring timely responses to cyber threats and assured sovereignty. The Finnish government has also proposed a 30% increase in cybersecurity spending for 2024, bringing the budget to €280 million, to counter AI-enabled cyber threat.
⚖️ Recent Enforcement and Legal Developments
A notable case involved a hacker accessing psychotherapy records of over 33,000 clients and demanding ransom. The court sentenced the individual to six years and three months in prison for aggravated data breach, blackmail, and dissemination of private information. This case prompted legislative changes allowing citizens to change their personal identity codes following severe data breaches.
RELATED Blog
0 comments