🎧 Listen to This Article
STOCKHOLM – The Swedish Tax Agency is facing a landmark legal challenge after Austrian privacy group noyb filed a lawsuit over the authority’s practice of selling citizens’ personal data to commercial data brokers, in what critics call a blatant violation of the EU’s GDPR.
The lawsuit follows the Swedish Supreme Court’s recent ruling that privacy rights must be balanced with transparency laws—especially when there’s a risk data may be misused. Despite the decision, the tax agency has continued selling access to personal information, prompting noyb to escalate the matter to the Stockholm Administrative Court.
Sweden’s Transparency Model Under Scrutiny
Sweden has long upheld constitutional transparency laws allowing broad access to public records. But in this case, transparency has veered into commercialization. The Tax Agency’s personal address register (SPAR), containing names, birth dates, income, and more, is being sold to companies such as:
- Dun & Bradstreet – used for business profiling
- Kalenderförlaget – publisher of “tax calendars” showing individual incomes
- The Intelligence Company – claims access to data of all residents over 15
Critics argue this practice lacks adequate safeguards, and the data is often resold or published online with no meaningful restrictions.
“Publishing people’s tax data clearly violates the fundamental right to data protection,” said Joakim Söderberg, privacy lawyer at noyb.
GDPR vs. Swedish Law: A Legal Collision
Earlier this year, a Swedish citizen requested that their personal data no longer be sold—citing the GDPR’s purpose limitation and data minimization principles. The Tax Agency rejected the appeal, claiming adherence to domestic transparency obligations.
However, the Swedish Supreme Court ruled that when data recipients are likely to misuse the information under GDPR, the data must be marked as confidential. This key legal precedent is being ignored, noyb argues.
“The tax authority must start marking data as confidential in line with the Supreme Court ruling,” said Söderberg.
What’s Next: Administrative Court to Decide
noyb has now filed a formal appeal with the Stockholm Administrative Court, demanding that the Tax Agency immediately restrict access to sensitive data.
The case could set a major precedent not only for Sweden but for data-sharing practices across the EU, testing the balance between national transparency laws and EU-wide privacy protections.
Key Legal Points
- GDPR Article 5(1)(b): Personal data must only be used for specific, legitimate purposes
- Swedish Supreme Court: Data sharing must be restricted if it risks GDPR violations
- noyb Argument: Data sales to commercial brokers serve no public function, breach privacy
If noyb prevails, Sweden may be forced to radically rethink how its tax data is shared, affecting how government-held information can be monetized across the EU.
For further details, clarification, contributions, or any concerns regarding this article, please contact us at editorial@tax.news. We value your feedback and are committed to providing accurate and timely information. Please note that our privacy policy will handle all inquiries
