Suomi (FI)

Finland

The Finnish law forbids sending unsolicited commercial advertisements to private persons and to newsgroups. Sending UCE from another EU country to Finland may also be illegal. A summary of Finnish, EU and some international rules and legislation -- as well as some pointers on how to complain to authorities and service providers -- is given in http://www.iki.fi/kaip/spam/laki.html [in Finnish].

(Kai Puolamaki 1999-08-24)

Finland is Opt-In for individual recipients, and Opt-Out for corporate recipients.

The law to this effect will be in force from the 1st of July, 1999.

Pointer to the law (in Finnish only) here.

(Esa Laitinen 1999-06-10)
 

{Concerning the law when it was still a bill before Parliament:}

Technically, this is an amendment to the existing data security act. The rest of this message is a from-the-hip translation of parts of the summary of the Finnish proposal. Summary of the proposal This proposal is for a law to protect the individual's privacy in telecommunications and to secure data transmissions [literally "of security of data communications"]. The law would improve confidence in telecommunications among users of tele services by [gawd this is redundant] enhancing privacy protection in telecommunications. Additionally, general data security in telecommunications would be enhanced, thus promoting electronic commerce and electronic transactions. The proposal also includes amendments to the telemarketing law, the penal law, and the law of telecommunications administration [roughly]. The proposed law would bring Finnish legislation in line with regulations of data security in the European communities [apparently not just the EU]. The proposed laws would cover not only traditional tele services, but also include e-mail and other communications over the Internet. According to the proposal, all telecommunications would be confidential. For instance, e-mail would unambiguously be covered by communications privacy [regulations]. Use [more or less] of a message not intended for the recipient would be prohibited. [This is apparently supposed to mean you're not allowed to read others' e-mail.] Users of tele services would be allowed to use any available technical means for protecting their communications. Tele operators would be required to guarantee secure operations, and to inform of security risks inherent in their services.

[...]

The rights of companies to process identification information borne out of telecommunications would be limited. The law would regulate what identification information tele companies can process and for what purposes and under what circumstances this information can be transferred to other companies. For instance, producing a profile of users of video rental services or users of the Internet would be regulated.

[...]

The proposal includes regulations of phone directories and other subscriber catalogs. Everyone would be permitted to have their personal information removed from catalogs [probably one at a time, though -- no centralized removal service, I think]; to prohibit use of their personal information for direct advertising; and the right to have listings limited to only a partial address or to exclude gender information. Automation of telecommunications would be limited. The regulations would prohibit, among other things, automatic systems which [redundancy] work without human intervention and use of fax machines for direct advertising to consumers without the recipient's consent. Juridical persons would be allowed to list themselves as [roughly] off limits for direct marketing [supposedly centralized, after all]. Subscribers [to this list?] could opt out from other types of direct marketing which uses telecommunications.

[...]

The proposal is intended to be accepted within three months after it was submitted. {Implementation of the Data Protection and Telecommunications Directive 97/66/EC on or before Oct 24th, 1998.}