{"id":108990,"date":"2025-08-06T14:13:34","date_gmt":"2025-08-06T14:13:34","guid":{"rendered":"https:\/\/my.legal500.com\/guides\/?post_type=comparative_guide&#038;p=108990"},"modified":"2025-08-19T11:26:56","modified_gmt":"2025-08-19T11:26:56","slug":"sweden-tmt","status":"publish","type":"comparative_guide","link":"https:\/\/my.legal500.com\/guides\/chapter\/sweden-tmt\/","title":{"rendered":"Sweden: TMT"},"content":{"rendered":"","protected":false},"template":"","class_list":["post-108990","comparative_guide","type-comparative_guide","status-publish","hentry","guides-tmt","jurisdictions-sweden"],"acf":[],"appp":{"post_list":{"below_title":"<div class=\"guide-author-details\"><span class=\"guide-author\">Hellstr\u00f6m Law<\/span><span class=\"guide-author-logo\"><img src=\"https:\/\/my.legal500.com\/guides\/wp-content\/uploads\/sites\/1\/2019\/03\/hellstrom-advokatbyra.jpg\"\/><\/span><\/div>"},"post_detail":{"above_title":"<div class=\"guide-author-details\"><span class=\"guide-author\">Hellstr\u00f6m Law<\/span><span class=\"guide-author-logo\"><img src=\"https:\/\/my.legal500.com\/guides\/wp-content\/uploads\/sites\/1\/2019\/03\/hellstrom-advokatbyra.jpg\"\/><\/span><\/div>","below_title":"<span class=\"guide-intro\">This country specific Q&amp;A provides an overview of TMT laws and regulations applicable in Sweden<\/span><div class=\"guide-content\"><div class=\"filter\">\r\n\r\n\t\t\t\t<input type=\"text\" placeholder=\"Search questions and answers...\" class=\"filter-container__search-field\">\r\n\t\t\t<\/div>\r\n\r\n\t\t\t\r\n\r\n\r\n\t\t\t<ol class=\"custom-counter\">\r\n\r\n\t\t\t\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software \u2013 How are proprietary rights in software and associated materials protected?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Proprietary rights in software are protected through several acts, the most relevant being the Patent Act (Sw. patentlagen (2024:945)), the Act on the Right to Employee\u00b4s Inventions (Sw. lagen om r\u00e4tten till arbetstagares uppfinningar (1949:345)), the Circuit Pattern Protection Act (Sw. lagen om skydd f\u00f6r kretsm\u00f6nster f\u00f6r halvledarprodukter (1986:1425)), the Industrial Secrets Act (Sw. lagen om f\u00f6retagshemligheter (2018:558)), and the Copyright Act (Sw. lagen om upphovsr\u00e4tt till litter\u00e4ra och konstn\u00e4rliga verk (1960:729)).<\/p>\n<p>A software program, being an idea, does not possess the technical character required for patent protection, and thus, it cannot be patented. A technical invention that is executed by software can however be patentable, thus resulting in an indirect protection of the software according to the Patent Act.<\/p>\n<p>However, according to chapter 1, section 1, second paragraph of the Copyright Act, the creator of a computer software will obtain copyright protection if it is original in the sense that it is an intellectual creation of the creator. The owner of computer software holds the same rights as the owner of literary books and poems.<\/p>\n<p>According to the Circuit Pattern Protection Act the creator of (or the employer if an employee creates a circuit pattern within the framework of the employment) a circuit pattern is protected according to sections 1 and 3 of the Act, if the pattern is the result of an intellectual performance and not generally occurring. The protection only covers the circuit pattern itself. The software program that is included in the pattern is not protected, however such programs may be protected by copyright.<\/p>\n<p>According to the Act on the Right to Employees\u2019 Inventions, section 2, an employee has the right to her\/his inventions as any other inventor unless, according to section 3 of the act, the employer uses its preferential right to take over the invention if the invention falls within the scope of the employer\u2019s area of business.<\/p>\n<p>Industrial secrets are defined in section 2 of the Industrial Secrets Act. Industrial secrets cannot be registered to be protected but must be kept secret.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software \u2013 In the event that software is developed by a software developer, consultant or other party for a customer, who will own the resulting proprietary rights in the newly created software in the absence of any agreed contractual position?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The creator of a computer software will obtain copyright protection if it is original in the sense that it is an intellectual creation of the creator, according to the Copyright Act chapter 1, section 1, second paragraph.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software \u2013 Are there any specific laws that govern the harm \/ liability caused by Software \/ computer systems?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>There are no specific laws in the Swedish law system that govern the harm \/ liability caused by Software \/ computer systems. However, The Swedish Damages Act can be applicable on harm \/ liability caused by Software \/ computer systems. There has been plenty of discussion in EU regarding liability for AI regarding damages, however no specific law has been introduced as of yet.<\/p>\n<p>The Product Liability Directive (EU) 2024\/2853 establishes rules regarding evidence and liability for compensation relating to property damage, personal injury and data loss. For example, it ensures that victims can claim compensation from manufacturers if they are harmed by a defective product. The definition of \u201cproduct\u201d includes software, for example.<\/p>\n<p>The directive is currently being implemented in Sweden.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software \u2013 To the extent not covered by (3) above, are there any specific laws that govern the use (or misuse) of software \/ computer systems?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The Swedish Criminal Act, Chapter 4, Section 9 c governs misuse of computer programs, such as in the case of hacking, DOS\/DDOS-attacks and hacking.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (Licence and SaaS) \u2013 Other than as identified elsewhere in this overview, are there any technology-specific laws that govern the provision of software between a software vendor and customer, including any laws that govern the use of cloud technology?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>No. However, several laws may apply to software contracts and the use of cloud technology such as inter alia the Swedish Contracts Act (Sw. avtalslagen (1915:218)), the Swedish Copyright Act, the GDPR and the Swedish Consumer Sales Act.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (License and SaaS) \u2013 Is it typical for a software vendor to cap its maximum financial liability to a customer in a software transaction? If \u2018yes\u2019, what would be considered a market standard level of cap?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Often software vendors have a limited liability for errors and defects and damages and losses (nor direct or indirect) in their own standard form contracts. Cloud services are normally standard services, and it seems reasonable to have a quite far-reaching limitation of liability. There is no market standard level of cap but often in cloud services contracts e.g. the cloud service provider caps the liability to an amount corresponding to twelve months fee for the services.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (License and SaaS) \u2013 Please comment on whether any of the following areas of liability would typically be excluded from any financial cap on the software vendor\u2019s liability to the customer or subject to a separate enhanced cap in a negotiated software transaction (i.e. unlimited liability): (a) confidentiality breaches; (b) data protection breaches; (c) data security breaches (including loss of data); (d) IPR infringement claims; (e) breaches of applicable law; (f) regulatory fines; (g) wilful or deliberate breaches.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>IPR infringement claims (d) above, and wilful or deliberate breaches (g) above, are typically excluded from any financial cap on the software vendor\u2019s liability to the customer.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (License and SaaS) \u2013 Is it normal practice for software source codes to be held in escrow for the benefit of the software licensee? If so, who are the typical escrow providers used? Is an equivalent service offered for cloud-based software?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>It is common that software source codes are held in escrow in cases where a license is valid for a longer period and if the license object is specially made for the customer. The Stockholm Chamber of Commerce is an escrow provider.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Software Transactions (License and SaaS) \u2013 Are there any export controls that apply to software transactions?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Export controls applicable to software transactions are those determined by the Inspection for Strategic Products. The relevant branches as of today is all things, including software, related to weapons of mass destruction and\/or war materiel.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">IT Outsourcing \u2013 Other than as identified elsewhere in this questionnaire, are there any specific technology laws that govern IT outsourcing transactions?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>There are no specific technology laws that govern IT outsourcing transactions in general. The Swedish Act on confidentiality when outsourcing technical processing or data storage (Sw: lagen (2020:914) om tystnadsplikt vid utkontraktering av teknisk bearbetning eller lagring av uppgifter) governs confidentiality when public authorities are outsourcing technical processing or storage of information. According to the Act, any person that engages in a service providers business with the task of processing or store technical data has a secrecy obligation and must not disclose or use any information without authorisation.<\/p>\n<p>Entities falling under the scope of the Swedish Protective Security Act (Sw. s\u00e4kerhetskyddslagen (2018:585)), must enter into a so-called security protection agreement before a counterparty can gain access to any of the security sensitive information of the entity. Therefore, the Act must be considered for security sensitive entities before an outsourcing transaction takes place.<\/p>\n<p>Financial actors (e.g. banks, investment funds, security market companies) that wish to make an outsourcing transaction for a party to perform certain financial services, must notify the Swedish Financial Supervisory Authority and submit the outsourcing agreement, before making the transaction in order to obtain approval. The Authority\u00b4s application for such transfers is considered equivalent to the European Banking Authority\u00b4s (EBA) guidelines on outsourcing.<\/p>\n<p>Financial actors adhering to the Digital Operational Resilience Act (EU) 2022\/2554 (DORA) must include minimum contractual requirements when entering into agreements with ICT third-party service providers (for example, in cases of IT outsourcing).<\/p>\n<p>Directive (EU) 2022\/2555 (the NIS 2 Directive) sets out security requirements for the supply chain with the aim of improving cybersecurity across the EU. It stipulates that companies and organisations covered by the directive must consider the security of their suppliers, IT-providers may be concerned as suppliers. The Swedish government has submitted a proposal for a new Cybersecurity Act (Sw. cybers\u00e4kerhetslagen) to the Swedish Council on Legislation. This act will implement the NIS 2 Directive.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">IT Outsourcing \u2013 Please summarise the principal laws (present or impending), if any, that protect individual staff in the event that the service they perform is transferred to a third party IT outsource provider, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The Swedish Employment Protection Act, section 6 b, protect individual staff if the service they perform is transferred to a third-party IT outsource provider. Under the Employment Act, the supplier to which a business is outsourced to assumes the rights and obligations owed to the employees of the company outsourcing the business. Employees have the right to object to the transfer and remain employed by the company outsourcing the business. However, there is an overwhelming risk that the employment may be terminated due to redundancy since the business as such has been transferred.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Telecommunications \u2013 Please summarise the principal laws (present or impending), if any, that govern telecommunications networks and\/or services, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The primary legislative document governing telecommunication networks and services is the Electronic Communications Act (Sw. lagen (2022:482) om elektronisk kommunikation). The Act outlines the functions and responsibilities of the Swedish Post and Telecom Authority, the main regulatory body for these services, as well as regulations for network operations, spectrum licensing, consumer protection and more. The Electronic Communications Act applies to electronic communication networks and services and their corresponding installations, services, and other radio usage. The transmitted content itself does not fall within the scope of the act. According to the act, public communication networks that are normally provided in exchange for money, and publicly accessible communication services, may only be provided if the business has been reported to the Swedish Post and Telecom Authority (Sw. Post- och telestyrelsen).<\/p>\n<p>The General Data Protection Regulation (GDPR) governs how personal data must be handled, including by communications service providers.<\/p>\n<p>Legislation relevant to this topic is also found in the Radio Equipment Act (Sw. radioutrustningslagen (2016:392)) and The Radio and TV Act (Sw. radio- och tv-lag (2010:696)).<\/p>\n<p>The Electronic Commerce Act (Sw. lagen (2002:562) om elektronisk handel och andra informationssamh\u00e4llets tj\u00e4nster) regulates electronic commerce activities and other services related to the information society.<\/p>\n<p>Computer programs and databases are protected under the Swedish Copyright Act (Sw. lagen (1960:729) om upphovsr\u00e4tt till litter\u00e4ra och konstn\u00e4rliga verk). This Act protects the rights of creators and owners of literary and artistic works, including computer programs and databases.<\/p>\n<p>The Swedish Post and Telecom Authority is the primary regulatory body that oversees these matters. Several laws and regulations govern the operation of communication networks and services. They are both subjected to national and the European union&#8217;s legislation.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Telecommunications \u2013 Please summarise any licensing or authorisation requirements applicable to the provision or receipt of telecommunications services in your country. Please include a brief overview of the relevant licensing or authorisation regime in your response.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The Electronic Communications Act is the main regulatory framework governing the telecommunications market in Sweden, the Act outlines the functions and responsibilities of the Swedish Post and Telecom Authority (Sw. Post- och telestyrelsen), the main regulatory body for these services, as well as regulations for network operations, spectrum licensing, consumer protection and more. The Electronic Communications Act applies to electronic communication networks and services and their corresponding installations, services, and other radio usage. The transmitted content itself does not fall within the scope of the act.<\/p>\n<p>Most operators within telecommunications services must notify the responsible supervisory authority, the Swedish Post and Telecom Authority of their activities. In addition, notified operators must pay certain fees.<\/p>\n<p>Operators providing public electronic communications networks of a type normally provided for remuneration must notify the Swedish Post and Telecom Authority of their activities. This includes operators providing mobile networks, cable TV networks, fibre and fibre LAN (access), and submarine cables.<\/p>\n<p>Operators providing publicly available electronic communications services in the form of internet access services, number-based interpersonal communications services and services consisting wholly or mainly of the transmission of signals must also notify their activities to the Swedish Post and Telecom Authority. This includes operators providing fixed internet, mobile internet, mobile telephony (number-based interpersonal), data transmission services, roaming services for aircraft (MCA) and ships (MCV), interconnection (fixed and mobile) and M2M-services.<\/p>\n<p>Operators intending to use radio transmitters need to apply for licences at the Swedish Post and Telecom Authority. There are several types of licences, e.g. licence to use marine radio (VHF) on a recreational boat, maritime radio, radio link, land mobile radio, radio transmitters in earth stations, aeronautical radio, terrestrial television. One also need to apply for a local licence in the 3.7 GHz and 26 GHz bands. Furthermore, a licence is required to use radio transmitters for various types of testing (including 5G and 6G testing).<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Telecommunications \u2013 Please summarise the principal laws (present or impending) that govern access to communications data by law enforcement agencies, government bodies, and related organisations. In your response, please outline the scope of these laws, including the types of data that can typically be requested, how these laws are applied in practice (e.g., whether requests are confidential, subject to challenge, etc.), and any legal or procedural safeguards that apply.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The Swedish Electronic Communications Act requires operators to store certain subscription data that can be disclosed to law enforcement authorities, such as the Swedish Police Authority, when necessary. The information to be stored is specified in more detail in the Electronic Communications Ordinance (Sw. f\u00f6rordningen om elektronisk kommunikation (2022:511)).<\/p>\n<p>The ordinance stipulates that telephony services and messaging, only communications via a mobile access point, must be stored, including, among other things, the caller\u2019s and the called party\u2019s numbers or equivalent address, date and time when the communication was initiated and terminated, or a message was sent and received, location details when communication began and ended. The ordinance also stipulates that data with regard to internet access must be stored, such as users&#8217; IP addresses and other data necessary to identify a subscriber and registered user, and the date and time of logging on and off the service that provides Internet access.<\/p>\n<p>Communications data may be accessed for criminal investigations under the rules set out in the Procedural Code (Sw. r\u00e4tteg\u00e5ngsbalken) and for intelligence gathering by law enforcement authorities under the rules set out in the Electronic Intelligence Act (Sw. lagen (2012:278) om inh\u00e4mtning av uppgifter om elektronisk kommunikation i de brottsbek\u00e4mpande myndigheternas underr\u00e4ttelseverksamhet).<\/p>\n<p>For the purposes of a criminal investigation, law enforcement authorities may require the secret interception or surveillance of electronic communications. There are additional secret coercive measures. The public prosecutor&#8217;s application to use secret coercive measures will be tried by a general court. With regard to gathering information concerning electronic communications under the Electronic Intelligence Act, prosecutors at the Swedish Prosecution Authority make decisions on gathering information following a request from a law enforcement agency.<\/p>\n<p>The Act on Measures to Prevent Certain Serious Crimes (Sw. lagen (2007:979) om \u00e5tg\u00e4rder f\u00f6r att f\u00f6rhindra vissa s\u00e4rskilt allvarliga brott) grants certain authorities the power to conduct secret surveillance of electronic communications, for instance. A public counsel is appointed by a Swedish court in cases involving, e.g, secret interception of electronic communications under the Procedural Code, or equivalent preventive coercive measures under the Act on Measures to Prevent Certain Serious Crimes, in order to guarantee legal safeguards. The public counsel acts as the prosecutor&#8217;s counterpart at court hearings and is responsible for safeguarding individuals&#8217; rights and privacy interests. The public counsels must have access to all material on which the court&#8217;s examination is based, and they shall also have the opportunity to comment on the case and appeal the court&#8217;s decision.<\/p>\n<p>Defence intelligence activities may involve intercepting signals transmitted via a cable owned by an operator. Before signal intelligence activities can be initiated, the relevant authority must apply for a permit from the Defence Intelligence Court in accordance with the Signals Intelligence Act (Sw. lagen (2008:717) om signalspaning i f\u00f6rsvarsunderr\u00e4ttelseverksamhet).<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Mobile communications and connected technologies \u2013 What are the principle standard setting organisations (SSOs) governing the development of technical standards in relation to mobile communications and newer connected technologies such as digital health or connected and autonomous vehicles?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>At EU level there are several ongoing and recently adopted legislation relating to mobile communications and connected technologies. The European Health Data Space (EHDS) was proposed by the EU Commission in 2022, and the European Parliament and the Councill recently reached a political agreement on that same proposal. The EHDS will, for example, allow citizens across the EU to access an electronic health record containing prescriptions, images and laboratory tests.<\/p>\n<p>The AI Act will apply to all sectors and will influence autonomous vehicles. AI systems deployed on or in connection with autonomous vehicles affecting driving and passenger safety may be classified as high-risk AI systems under the AI Act. The AI Act will also affect digital health, and the area of health tech, since medical devices or services incorporating AI systems may implicate certain risks. AI incorporation in medical devices that is subject to EU regulation on medical devices (EU) 2017\/745 and (EU) 2017\/746) will fall under the definition of a high-risk AI system and will therefore need to consider certain requirements.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Mobile communications and connected technologies \u2013 How do technical standards facilitating interoperability between connected devices impact the development of connected technologies?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>New technical standards such as 5G will enable the deployment of a high-quality infrastructure which affects many sectors of an innovative economy. The so-called Europe\u00b4s Digital Decade has as its aim to ensure that by 2030 a fixed gigabit network of a very high capacity (1 Gbps) will be covering all European households and that all populated areas will have 5G.<\/p>\n<p>The Gigabit Infrastructure Act (GIA) was published in the Official Journal of the European Union on 8 May 2024 and entered into force on 11 May 2024. It will be fully applicable from November 2025. The GIA is another example of EU legislation adopted to demonstrate the EU\u00b4s plan to create a fast and efficient network applicable for the whole union. The GIA will replace the Broadband Cost Reduction Directive (EU) 2014\/61\/EU.<\/p>\n<p>Five Swedish projects have also been granted support from EU to further develop existing infrastructure and build new routes to strengthen Sweden&#8217;s connectivity to the outside world. With the help of the new EU funds, Swedish actors will be able to develop 5G solutions for smart communities and underwater infrastructure for electronic communications.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Data Protection \u2013 Please summarise the principal laws (present or impending), if any, that govern data protection, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The General Data Protection Act (EU) 2016\/679, (\u201cGDPR\u201d) is the main legislative framework for data protection across all member countries, including Sweden. In addition, the Data Protection Act (2018:218) (the DPA) and the Data Protection Ordinance (2018:19) that contains further regulations regarding data protection on aspects allowed by the GDPR.<\/p>\n<p>The DPA contains regulations regarding the processing of data concerning criminal offences and processing of social security number. The DPA also contains regulations that the GDPR is applicable outside its actual scope. However, the DPA is subsidiary in relation to other law or regulation, which allows for deviating provisions. The general purpose of the DPA is to regulate the processing of personal data and rules relating to the free movement of personal data. The law is an addition to the GDPR and therefore has the same general purpose.<\/p>\n<p>Apart from the DPA there are several sector specific acts such as the Swedish Patient Data Act (Sw. patientdatalag (2008:355)), the Swedish Electronic Communications Act (2022:482), the Swedish Marketing Act (Sw. marknadsf\u00f6ringslag (2008:486), the Swedish Camera Surveillance Act (Sw. kamerabevakningslag (2018:1200)), the Swedish Credit Information Act (Sw. kreditupplysningslag (1973:1173)) and the Swedish Criminal Data Act (Sw. brottsdatalag (2018:1177)).<\/p>\n<p>The Swedish Authority for Privacy Protection, abbreviated IMY (Sw. Integritetsskyddsmyndigheten) is responsible for enforcing data protection regulations under the GDPR and the Swedish Data Protection Act (lag (2018:218) med kompletterande best\u00e4mmelser till EU:s dataskyddsf\u00f6rordning).<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Data Protection \u2013 What is the maximum sanction that can be imposed by a regulator in the event of a breach of any applicable data protection laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>According to article 83 in the GDPR, which is directly applicable in all EU countries, the maximum fine that can be applied for a breach is EUR 20,000,000, or 4 % of the company\u00b4s annual turnover of the previous financial year, whichever is higher.<\/p>\n<p>In Sweden it has been decided that also public authorities can be fined, however the administrative sanctions are lower; maximum SEK 10,000,000, according to the Act (2018:218) with supplementary provisions to the EU&#8217;s Data Protection Regulation (Swedish Data Protection Act).<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Data Protection \u2013 Do technology contracts in your country typically refer to external data protection regimes, e.g. EU GDPR or CCPA, even where the contract has no clear international element?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Yes, technology contracts typically refer to the GDPR.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Cybersecurity \u2013 Please summarise the principal laws (present or impending), if any, that govern cybersecurity (to the extent they differ from those governing data protection), including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The Swedish Act on Information Security for Essential Services and Digital Services (Sw. lagen (2018:1174) om informationss\u00e4kerhet f\u00f6r samh\u00e4llsviktiga och digitala tj\u00e4nster) aims to achieve a high level of security in network and information systems for essential services and digital services. The Act implements Directive (EU) 2016\/1148 (the NIS 1 Directive), which governs risk management and incident reporting among key economic actors \u2013 operators of essential services and digital service providers.<\/p>\n<p>The Government of Sweden has submitted a proposal for a new Cybersecurity Act (Sw. cybers\u00e4kerhetslagen), along with related legislative amendments, to the Swedish Council on Legislation. The proposed Act is intended to implement Directive (EU) 2022\/2555 (the NIS 2 Directive) and aims to ensure a high level of cybersecurity across all sectors of society. Under the new legislation, both public and private entities classified as essential or important entities under Annex I or II of the NIS 2 Directive will be required to adopt a range of security measures to protect their network and information systems and to report significant incidents. Compared to the current Swedish Act on Information Security for Essential Services and Digital Services, the scope of the new law will be significantly broader, applying to a much larger number of organizations. The proposed Cybersecurity Act, along with the accompanying legislative changes, is scheduled to enter into force on 15 January 2026.<\/p>\n<p>The EU Regulation on Digital Operational Resilience Regulation (EU) 2022\/2554 (the DORA Regulation) has been in force since January 2025. Its purpose is to strengthen the digital operational resilience of the financial sector. The regulation lays down requirements for entities to manage risks related to information and communication technology (ICT), report ICT-related incidents, conduct digital operational resilience testing, and manage ICT third-party risks.<\/p>\n<p>The European Parliament and the Council have adopted Regulation (EU) 2024\/2874 on overarching cybersecurity requirements for products with digital elements (the EU Cyber Resilience Act) (Sw. Cyberresiliensf\u00f6rordningen). The regulation applies from\u00a011 December 2027, with some exceptions. It aims to ensure that digital products placed on the EU market meet high cybersecurity standards throughout their lifecycle. It introduces mandatory security requirements for manufacturers and software developers. In Sweden, an inquiry has been launched to analyze the need for, and propose, legislative measures and complementary provisions required to align Swedish law with the EU Cyber Resilience Act.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Cybersecurity \u2013 What is the maximum sanction that can be imposed by a regulator in the event of a breach of any applicable cybersecurity laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Under the current Swedish Act on Information Security for Essential Services and Digital Services, an administrative fine may be imposed up to a maximum of SEK 10,000,000.<\/p>\n<p>Regarding the upcoming Cybersecurity Act, it is proposed that the administrative fines shall be set at a maximum of the higher of 2 % of the essential service provider\u2019s total global annual turnover for the most recent financial year or EUR 10,000,000. For important service providers, the inquiry proposes that the fine shall be set at a maximum of the higher of 1.4 % of the service provider\u2019s total global annual turnover for the most recent financial year or EUR 7,000,000. For public service providers, the fine shall be set at a maximum of SEK 10,000,000.<\/p>\n<p>Under the Swedish Act (2024:1278) containing supplementary provisions to the EU Regulation on digital operational resilience for the financial sector (Sw. lagen (2024:1278) med kompletterande best\u00e4mmelser till EU:s f\u00f6rordning om digital operativ motst\u00e5ndskraft f\u00f6r finanssektorn), it is stipulated, among other things, that the maximum administrative fine for certain specified financial entities mentioned in the Act shall be the highest of the following: an amount which, in Swedish kronor, corresponded on 16 January 2023 toEUR 1,000,000; ten % of the financial entity\u2019s turnover for the most recent financial year, or, where applicable, the corresponding turnover at group level; or three times the profit obtained by the financial entity as a result of the infringement, if that amount can be determined.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Which body(ies), if any, is\/are responsible for the regulation of artificial intelligence?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Several Swedish authorities will be responsible for supervisory tasks, also known as market control, to ensure compliance with the AI Act (EU) 2024\/1689. It is not yet clear which authorities will be assigned these tasks.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Please summarise the principal laws (present or impending), if any, that govern the deployment and use of artificial intelligence, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The AI Act will apply from 2 August 2026, however there are some exceptions, e.g., some rules will take effect on\u00a02 August 2025, including those on governance structure, penalties, and obligations for providers of general-purpose AI models.\u00a0 The Act involves a definition of AI-systems, classifies AI according to different risks, and it also includes definitions of AI systems that are prohibited (e.g. social scoring systems and manipulative AI). There are also certain obligations that fall on providers of high-risk AI systems, and such providers will be subject to additional requirements. In Sweden, the AI Act will be supplemented by provisions in Swedish law, including those outlining the responsibilities of the relevant authorities.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Are there any specific legal provisions (present or impending) in respect of the deployment and use of Large Language Models and\/or generative AI (including agentic AI)?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>General-purpose AI (GPAI) models (inter alia Large Language Models) are specifically regulated in the AI Act. GPAI models that create systematic risk because of their capabilities is subject to significant regulation while other GPAI-models have limited obligations where the focus is more on regulation and copyright obligations.<\/p>\n<p>Requirements for GPAI models include technical documentation, information to those who intend to integrate the general-purpose model into other AI systems, a policy to consider and comply with copyright issues when using and collecting training data and to provide documentation on the training data used for the model. Models that create a systematic risk are required, among other things, to continuously evaluate the model, report incidents and there are also requirements relating to cyber security.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Do technology contracts in your jurisdiction typically contain either mandatory (e.g. mandated by statute) or recommended provisions dealing with AI risk? If so, what issues or risks need to be addressed or considered in such provisions?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>No. However, it is likely that it will be more common to include such clauses following the AI Act.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Artificial Intelligence \u2013 Do software or technology contracts in your jurisdiction typically contain provisions regarding the application or treatment of copyright or other intellectual property rights, or the ownership of outputs in the context of the use of AI systems?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>No. It shall be noted that the Swedish legislation regarding intellectual property is written with the assumption that property is created by a physical person, leading to the consequence that what applies when it comes to development without human interaction is still unclear.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Blockchain \u2013 What are the principal laws (present or impending), if any, that govern (i) blockchain specifically (if any) and (ii) digital assets, including a brief explanation of the general purpose of those laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>There are no principal laws that specifically govern blockchain. However, EU has adopted rules covering crypto-assets and related services and activities that are not covered by other Union legislative acts on financial services through Regulation (EU) 2023\/1114 on markets in crypto-assets.<\/p>\n<p>It can be noted that the EU Commission has launched a so-called regulatory sandbox for block-chain, to offer businesses to try their products and services in a safe and confidential environment.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Search Engines and Marketplaces \u2013 Please summarise the principal laws (present or impending), if any, that govern search engines and marketplaces, including a brief explanation of the general purpose of those laws.<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The EU Digital Services Act (EU) 2022\/2065 (\u201cDSA\u201d) and the Digital Markets Act (EU) 2022\/1925 (\u201cDMA\u201d) regulate online platforms (such as social media platforms and marketplaces) and since 17 February 2024, both Acts are applicable and need to be considered in Sweden.<\/p>\n<p>The purpose of the DSA and DMA is to create a safer, fairer and more transparent environment online \u2013 to improve competition and ensure fair conditions in the digital sector. To achieve this, the EU wants to ensure a level playing field for all digital companies, with the aim of boosting innovation, growth and competitiveness, which can help smaller companies and start-ups to compete with larger businesses. The Regulation also aims to protect consumer&#8217;s privacy online, regulating the collection and use of data.<\/p>\n<p>The EU Regulation 2019\/1150 (the P2B Regulation) is also applicable and aims to ensure a fair, transparent, and predictable business environment for companies that use online platforms to offer goods or services to consumers. Examples of such platforms include search engines, online marketplaces, app stores, and social media providers, the P2B Regulation is also applicable for question 29, below.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Social Media \u2013 Please summarise the principal laws (present or impending), if any, that govern social media and online platforms, including a brief explanation of the general purpose of those laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>In addition to the regulations mentioned in question 28 above, the Bulletin Board System Act (Sw. lagen (1998:112) om ansvar f\u00f6r elektroniska anslagstavlor), the GDPR and the Electronic Communications Act are applicable on social media. As a starting point, the person who publishes something in social media that is regarded as personal information is responsible for the personal information that the publication entails. The company that provides the platform may also be liable if the company can influence posts or determine which posts shall be published. The Act is applicable on services for the electronic transmission of messages which include interactive internet sites with, for example, chat functions, comment fields or other forms of communication services that allow users to post various forms of information. The main responsibility that a provider bears, is the obligation to remove messages on the electronic bulletin board, if it violates the provision of Section 5 of the Act.<\/p>\n<p>In some cases, a publication may be covered by the so-called private exemption in the GDPR. According to the private exemption, the GDPR shall not apply to the processing of personal data carried out by a natural person during a purely personal or household activity. If a person publishes personal data for a wider audience, for example by publishing pictures or other things in social media, then it is not to be considered a matter of purely private nature. This means that the private exemption does not apply and the person who publishes becomes the data controller for the publication.<\/p>\n<p>According to the Bulletin Board System Act the provider\/administrator of an electronic bulletin board is required to provide information to anyone who uses the service about the provider\u2019s\/administrator\u2019s identity and the extent to which incoming messages become available to other users. The provider\/administrator should also have such oversight of the service that is &#8220;reasonably required with regard to the scope and direction of the business&#8221;. According to the Act, the provider of an electronic bulletin board is also responsible for removing or otherwise preventing messages from spreading if:<\/p>\n<ul style=\"padding-left: 0\">\n<li>the content obviously means unlawful threat, unlawful violation of personal integrity, incitement, agitation against an ethnic group, child pornography offense or unlawful depiction of violence, or<\/li>\n<li>it is evident that the user has infringed the copyright or rights protected by the copyright law by submitting the message (e.g. attached copyrighted material).<\/li>\n<\/ul>\n<p>If the provider\/administrator is responsible for electronic message boards and a message is posted that contains, for example, material infringing copyright or racist statements, the provider\/administrator is obliged to remove it as soon as possible. If the provider\/administrator does not do so within &#8220;reasonable time&#8221;, the provider\/administrator may be held liable for violations of the Bulletin Board System Act, which may result in a fine or even imprisonment for a maximum of two years.<\/p>\n<p>Notably, services protected by the Freedom of the Press Act, or the Fundamental Law on Freedom of Expression are exempted from this Act. According to the Swedish Electronic Communications Act, which entered into force on 3 June 2022, providers of electronic communications are liable for their platforms and what is posted on them.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Social Media \u2013 What is the maximum sanction that can be imposed by a regulator in the event of a breach of any applicable online safety laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>In accordance with the DMA, companies can be fined up to 10% of their total worldwide annual turnover for infringements, or up to 20% for repeated infringements. Periodic penalty payments of up to 5% of the average daily turnover can also be imposed. If gatekeepers systematically infringe the DMA obligations, additional remedies may be imposed on them after a market investigation. These remedies must be proportionate to the offences committed. As a last resort, non-financial remedies can also be imposed if necessary. These can include behavioural and structural remedies, e.g. the divestiture of a business or parts thereof.<\/p>\n<p>The European Commission can impose fines of up to 6% of a company&#8217;s worldwide annual turnover in the event of a breach of the DSA, following a non-compliance decision or a failure to comply with interim measures or commitments. The European Commission can also impose periodic penalties of up to 5% of the average daily worldwide turnover for each day of delay in complying with remedies, interim measures or commitments. As a final measure, if the infringement persists and causes serious harm to users, or if it involves criminal offences that threaten the life or safety of individuals, the European Commission can request the Digital Services Coordinator of the relevant Member State to request that the national courts temporarily restrict recipients&#8217; access to the service, following a specific procedure.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Spatial Computing \u2013 Please summarise the principal laws (present or impending), if any, that govern spatial computing, including a brief explanation of the general purpose of those laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>There is no specific regulation that govern spatial computing.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Quantum Computing \u2013 Please summarise the principal laws (present or impending), if any, that govern quantum computing and\/or issues around quantum cryptography, including a brief explanation of the general purpose of those laws?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>There is no specific regulation that govern quantum computing.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">Datacentres \u2013 Does your jurisdiction have any specific regulations that apply to data centres?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>The Act on Disclosure of Information on Data Centers&#8217; Energy Performance (Sw. lagen (2025:570) om offentligg\u00f6rande av information om datacenters energiprestanda) contains provisions requiring owners or operators of data centers to disclose information about the energy performance of the data center. The law will enter into force 1 July 2025.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">General \u2013 What are your top 3 predictions for significant developments in technology law in the next 3 years?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>Further development of block chain technology with the potential for decentralisation raising further questions about legal status and need for regulation. The lack of regulation makes it hard to regain potential losses if valuable data is stolen from a storage using a blockchain-based solution. There is also uncertainty of the security-aspects of blockchain-based technology, since the technology is based on transparency.<\/p>\n<p>The relevance of the AI Act will be up for discussion since the AI technology will develop quickly and even further, before the EU member countries have had the time to implement the Act.<\/p>\n<p>The status of the EU-U.S. Data Privacy Framework will affect the need for further development of cloud-based storage and personal data transfers.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\t\t\t\t\t<li class=\"question-block filter-container__element\">\r\n\t\t\t\t\t\t<h3 class=\"filter-container__match-html\">General \u2013 Do technology contracts in your country commonly include provisions to address sustainability \/ net-zero obligations or similar environmental commitments?<\/h3>\r\n\t\t\t\t\t\t<button id=\"show-me\">+<\/button>\r\n\t\t\t\t\t\t<div class=\"question_answer filter-container__match-html\" style=\"display:none;\"><p>No, not in general.<\/p>\n<\/div>\r\n\r\n\r\n\t\t\t\t\t<\/li>\r\n\r\n\t\t\t\t\r\n<div class=\"word-count-hidden\" style=\"display:none;\">Estimated word count: <span class=\"word-count\">6251<\/span><\/div>\r\n\r\n\t\t\t<\/ol>\r\n\r\n<script type=\"text\/javascript\" src=\"\/wp-content\/themes\/twentyseventeen\/src\/jquery\/components\/filter-guides.js\" async><\/script><\/div>"}},"_links":{"self":[{"href":"https:\/\/my.legal500.com\/guides\/wp-json\/wp\/v2\/comparative_guide\/108990","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/my.legal500.com\/guides\/wp-json\/wp\/v2\/comparative_guide"}],"about":[{"href":"https:\/\/my.legal500.com\/guides\/wp-json\/wp\/v2\/types\/comparative_guide"}],"wp:attachment":[{"href":"https:\/\/my.legal500.com\/guides\/wp-json\/wp\/v2\/media?parent=108990"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}