Somebody went and made a mountain of a molehill.

Well, not a 'molehill' as such, but a website. More precisely, a website set up and belonging to a middle-aged Swedish lady called Bodil Lindqvist.

Mrs Lindqvist, a member of her local church, established the personal website for the purpose of assisting other church-goers in their confirmation preparations. Included on the website were the names, addresses and telephone numbers of some 18 or so of her fellow parishoners and some light-hearted newsletter-type gossip about their jobs (or lack thereof) and current ailments.

So what's the big deal? You might well ask. What could possibly be more innocuous (or dull for that matter)? Is this not precisely the kind of community-minded operation that the internet was intended to facilitate? So does anybody want to make a federal case out of it?

Um, yes. Apparently they do. And they did. Poor old Mrs Lindqvist was hauled before a District Court in Sweden where she was found guilty of:

processing personal data by automatic means without notifying the Datainspektion" (the Swedish supervisory authority for the protection of electronically transmitted data) and "transferring data to third countries without authorisation and for processing sensitive personal data.

For all the common sense in the world, this seems like a case of wildly over-zealous, pettyfogging, jobsworthiness on the part of the Swedish state but, the grisly fact is that the posting of personal information, including images and video clips, of others without their consent is an infringement of the 1995 European Data Protection Directive (which has been enacted in the UK under the Data Protection Act 1998).

An understandably non-plussed Mrs Lindqvist appealed the decision to the European Court of Justice but lost. For those of you with sufficient interest (not to say gumption) the transcipt of the entire Appeal judgment can be found here. However, for those of you satisfied with merely the 'money-quote', this is it:

"that the act of referring, on an internet page, to various persons and identifying them by name or by other means, for instance by giving their telephone number or information regarding their working conditions and hobbies, constitutes the processing of personal data wholly or partly by automatic means within the meaning of [the Directive]."

And that was that. And now that is this, which is to say, blogging. If you have a blog and want to post information about friends or work colleagues, the rule is, ask their permission first. As I type this, lawyers all over Europe are scuttling over their client's wesbites looking for any personal information displayed thereon. If they find any, then they better have that person's permission or they better remove said information PDQ.

Having said all of that, there is something so wondrously strange about this case as to almost be bizarre. Of all the wild, weird, dark, vile and dangerous places on the internet, the apparatus of state enforcement is brought to bear on this genteel Swedish church-going lady for creating what was to her (and I daresay 99.9% of the rest of humanity) a perfectly cutesy and innocent little website.

It is, and will always be, a rum old world.

Back to Big Blog Company