IP: more on Sweden Outlaws Discussion Archives?

[Dave Farber <farber@cis.upenn.edu>]

Date: Mon, 2 Nov 1998 07:32:18 +0100
To: Dave Farber <farber@cis.upenn.edu>
From: Patrik Fältström  <paf@swip.net>


[Note that I am not a subscriber to the ip-sub-1 mailing list]

Dave, you wrote:
>In my view laws which are not to be strictly enforced have two problems.
>One, they lessen the respect for the laws. After all who judges which laws
>are to be obeyed and which not. Two and most important in many countries
>(maybe especially the USA), future governments can use those laws to arrest
>and jail people who really believed those laws were never to be enforced.
>That opens up real opportunities for bad behavior on the part of
>governmentss djf

I am not a lawyer, but from my amateur horizon, working with domain name 
issues in POC for a year etc etc, I see that I have to explain a bit how 
laws and courts work in Sweden.

First a description of this law, PUL, which is now active. The prohibits a 
person from using information about other users without their written 
approval. This is especially true for "export" of information outside of 
the EU, i.e. to the US, to Norway etc. I saw that you have already got 
links to various places where this law is discussed, but it is true that 
any site inside and outside of Sweden which have information about Swedish 
citizens without their written approval can be accused of breaking this law 
in swedish court. This is also the case for foreign people which see 
information about them on sites in Sweden, i.e. if you are unhappy, you can 
go to Swedish court if you want.

The law covers the web (as access method), chat and other "public" methods 
of accessing information. I.e. not normal email, but email archives 
accessible via the web.


Secondly, the way laws work in Sweden, and maybe also other places in the 
world, is that the law is only used by the highest of the courts. All other 
courts more often point at descisions at this high court, instead of at the 
law itself.

So, as long as we don't have a court descision, especially not at the 
highest level, discussions like mine above are just speculative, and says 
only what people which have read the law _THINK_ the descisions will be.

The thoughts behind "not respecting" this law is that when the first case 
comes to the high court, it has to make a descision on what is public 
access, what is personal information, and other wordings in the law. The 
first case will of course be of big interest, and what this first case is 
about will also make a big difference.

It is though true that laws that are not enforced, or can not be enforced, 
are bad laws, but in my view this perticular law is such a law. It has no 
connection to real life.

We already have laws in Sweden talking about the ability for a person to 
ask someone which publishes information to (1) send that information for no 
cost to the person asking (i.e. the person which the information is about) 
and (2) stop distributing it. This is especially true for databases such as 
411-services. We also have, and maybe should adjust, laws regarding 
miscrediting people in public. This law have been used mostly for 
newspapers, printers etc, but maybe that should have been applied to the 
web instead. I.e. if I think someone have been writing bad things about me, 
I can go to court.


One interesting thing with PUL is that the ministry which created the law 
is themselves reported to the police for breaking the law on their website 
(some documents from 1996 includes the names of foreign people in the US 
and some Swedish politicians). A second organisation which is accused for 
breaking this law is the high court in Gothenburg where the president of 
this group inventing this law now works (since a month back) because of 
information on their website.


I.e. yes, this is a stupid law, falling exactly into the group of laws that 
can be used by badly behaved governments etc as you talk about Dave. But, 
the law is here, period. There is not much we can do about it. It IS 
illegal to have web access to information about Swedish citizens.

    Regards, Patrik

P.S. I have because of this law sent written approval to the RFC-Editor, 
the IESG, the IETF-Secretary and members of IAB and IESG, that they are 
allowed to use my name as long as I am an officer of the IESG. Yes, the law 
is that bad!

------------------------------------------------------------------
Area Director, Applications Area               Email: paf@swip.net
IETF                                             URL: http://paf.se
                                          PGP Key ID: 0xBD236602

   In theory there is no difference between theory and practice,
   but in practice, there is.