CENTRUM FÖR RÄTTVISA v. SWEDEN JUDGMENT
21. The Government’s argument that international cooperation is
conditional on the receiving State respecting Swedish legislation is not
evidenced in any national legislation. In fact, the Government only refers to
the “FRA’s general guidelines”39. As a matter of law, the FRA is only
required to inform the FII of the principles governing its foreign intelligence
cooperation and to which countries or organisations it transfers data and to
provide general information on the operations. Since no oversight body is
vested with powers to exercise actual control over whether or not foreign
intelligence cooperation is being used to circumvent national law, and the
recipient States protect the data with the same or similar safeguards as those
under Swedish law, the FII´s monitoring of the FRA’s international
cooperation activities, invoked by the Government, is irrelevant40.
22. The Government’s position is even less acceptable because it is
inconsistent with Sweden’s international obligations, not only in view of its
obligations vis-a-vis the European Union41, but also the Council of Europe.
In addition to the Convention, Article 2 of the Additional Protocol to the
Convention for the Protection of Individuals with regard to Automatic
Processing of Personal Data, regarding supervisory authorities and
transborder data flows (ETS no. 181), which Sweden has ratified, states that
parties must ensure an adequate level of protection for personal data
transfers to third countries, and that derogations are admitted only when
there are legitimate prevailing interests. The Explanatory Report to this
Additional Protocol adds that exceptions must be interpreted restrictively,
“so that the exception does not become the rule” (§ 31). This is precisely
what is happening in Sweden.
sharing between intelligence agencies of the same State or with the authorities of a foreign
State is based on national law that outlines clear parameters for intelligence exchange,
including the conditions that must be met for information to be shared, the entities with
which intelligence may be shared, and the safeguards that apply to exchanges of
intelligence.” See also Practices 32-35.
39 See paragraph 216 of this judgment.
40 See also the United Nations Human Rights Committee Concluding observations, cited
above, § 36, where the Committee raised specific concerns with regard to “the lack of
sufficient safeguards against arbitrary interference with the right to privacy in relation to
the sharing of data with other intelligence agencies.”
41 FRA of the EU, Surveillance by intelligence services, cited above, p. 13: “EU Member
States should define rules on how international intelligence sharing takes place. These rules
should be subject to review by oversight bodies, which should assess whether the processes
for transferring and receiving intelligence respect fundamental rights and include adequate
safeguards… EU Member States should ensure that legal frameworks regulating
intelligence cooperation clearly define the extent of oversight bodies’ competences in the
area of intelligence services cooperation.”