Borderline Technology: Its Difficulties in a Swedish Perspective

Access to Information. Technological Challenges

International Conference of the Round Table on Archives (CITRA)
Stockholm, Sweden, 7-12 September 1998

Peter Seipel 1998

Introduction

This paper outlines valid Swedish law with regard to access to data in the computer systems and data networks of public authorities. Above all, the paper comments on a number of basic difficulties which all have to do with the nature of digitised information. Briefly, modern information technology may be described as a borderline technology. Traditional limits dissolve or change in nature. For example, it has been observed for a long time that data networks and automated processing of data tend to blur the line between public and private data and, more generally, between public and private activities. Consider, for example, a situation where, for technical reasons, a private party functions as the receiver and temporary keeper of data which are intended for a public authority. Or consider the common situation where a government employee uses e-mail to receive both messages of a private and an official nature. The difficulty of deciding upon clear dividing lines between that which is private and that which is public poses different legal issues in different situations. In copyright law there is the question of whether a work has been made available to the public or not. In freedom of speech and related legislation there is the problem of whether information has been publicly disseminated or not. The discussion below will focus on three aspects of IT as a borderline technology, viz. the almost limitless growth of data stores, the emerging focus on minimal data fragments, and the fuzzy concept of documents in the new digital environment.

Swedish Access law: The background

The first Swedish Freedom of the Press Act was adopted in 1766. Among other things, the Act regulated the publicity of official documents and enumerated a number of such documents which could be printed freely by anyone, for example the documents of the Parliament, the courts, and the civil service. The ideas formulated in the 1766 Act significantly influenced the later Instrument of Government of 1809 and the Freedom of the Press Act of 1810 and of 1812. The last mentioned legislation was in force until it was replaced by the presently valid statute, i.e. the Freedom of the Press Act of 1949. Thus, Sweden has a long and rather continuous tradition of a right of access to official documents.
 If openness constitutes the main rule, the need for secrecy is also accepted. Presently, Chapter 2, Section 2 of the Freedom of the Press Act (FPA) sets out the permitted exemptions. All cases in which official documents, in accordance with these principles, are to be kept secret, must be clearly defined in a specific act of law or in a law referred to by this specific law. The "specific act of law" is at present the Secrecy Act of 1980, an extensive and detailed piece of regulation. The Secrecy Act also contains general provisions regarding, among other things, the exchange of information between public authorities, registration and docketing of official documents, and certain requirements with regard to computer systems.

The present regulation

The basic access principle is set out in Chapter 2, Section 1 of the FPA.

"To further free interchange of opinions and enlightenment of the public, every Swedish national shall have free access to official documents."

This basic provision is only the starting point. It is surrounded by a complex structure of lower level statutes, regulations, and case law which in various ways are of consequence for the basic, general access right. As in many other countries, the total legal situation is complicated and not easy to survey. Generally speaking, it is possible to distinguish between four categories of related rules which must be taken into consideration, viz. rules which:

· create public information resources and possibilities to make use of them,
· regulate access in particular situations and, thus, further contribute to openness,
· regulate rights in information and the use of information which has been obtained,
· regulate the activities of public and private parties on the information market.

Decisions by public authorities to deny access to official documents may be appealed by the information seeker, usually to the so called Courts of the Chamber – general administrative courts of second instance – and, ultimately, to the Supreme Administrative Court. Only the information seeker has the right to appeal – not a public authority seeking to prevent a disclosure and not a third party whom the document at issue concerns.
 A limited number of empirical studies have been performed of the application of the law and the activities of public authorities and the information seekers. In sum, such studies have shown that there are varying "openness climates" at different public authorities. Some of them make impressive efforts to ensure that the legislation functions well, others seem inclined to obstruct or neglect even their basic statutory obligations. To an important extent such differences show up in the ability of the personnel to handle requests for information and in the way the information systems are designed and operated.
 Briefly, access legislation can, in principle, aim at creating four increasingly broad types of information availability:

· information on a certain administrative or judicial matter or activity,
· information on the activities in general of a public authority,
· information which constitutes useful knowledge in general,
· information which has a commercial value.

There has been a marked reluctance to connect the FPA with any particular category. However, the issue of commercialisation has become an increasingly sensitive matter due to the possibilities of using digital data for business purposes. Public authorities in Sweden sometimes refer to their obligations under the FPA to motivate activities which are of a businesslike nature. Such practices are controversial since the purpose of the Freedom of the Press Act is not to be found in supporting commercial activities of state and local government organs.

The meeting with digitised information

Already in the 1960s a Swedish legislative committee, the Committee on Openness, formulated some of the key issues:

· What principles should guide the keeping and structuring of data?
· How shall it be made possible for the citizens to orient themselves in the information available?
· How much, if anything, should information cost?
· How should information requests be treated when they do not coincide with the interests and wishes of the public authorities?

These issues and related ones have not yet received any conclusive and precise political and legal answers which take into full consideration today‘s networked information environment. The speed of the technological development has been so rapid as to make it difficult to understand both the options and their short-term and long-term consequences.
 According to the present regulation, the right of access comprises documents that are being kept by a public authority. Official documents must also either have been drawn up by a public authority itself or have been made available to it by a third party. To "keep a document" also means to have access to data on digital media.
 To indicate some of the problems associated with the regulation, consider the question of whether and to what extent information in a computer network – a database, for example – should be considered to have been made available to a public authority by a third party. Does the simple fact that information can be searched and retrieved suffice? Or should some active measure of the third party be required? The latter, narrow interpretation means that only e-mail and similar messages which have actually been received by the public authority fall under the access right. The broadest possible interpretation means that any electronically available constellation of data may be asked for as long as a third party has not actively excluded the public authority from access.  Between these two extremes there are a number of possible solutions. Evidently, the choice is not one of technical necessities but of different views on the scope of the access right.
 A second example may serve to illustrate the many issues associated with the retrievability of electronic documents. Briefly, the traditional right of access can be described as a right to request the handing out of identified documents. The right to search for documents has so far not been a recognised part of the Swedish principle of publicity. It has remained a background issue shrouded in the claire obscur of administrative discretion. But the fast growing information networks, the powerful search engines, and, generally speaking, the retrieval possibilities of electronic data processing increase the significance of search rights as an integrated element of the traditional access right. But again, strategic views of the further development of openness in society will decide the extent to which these possibilities will be exploited and what shape they will be given.
 Recently, the Data Legislation Committee has analysed the need for changing the basic concepts in Chapter 2 of the FPA. These central concepts are  "document" and "file". The committee’s efforts have met with no success in the continued legislative work. The obstacles have to do with the long Swedish tradition in the field of access laws which makes it difficult to introduce new concepts and new thinking. Also there are complications associated with the new media and the digital information infrastructure. In brief: semantic issues regarding the choice of suitable legal labels for various technical phenomena are not the main concern. Instead the main difficulty  has to do with understanding the changing information environment and how it will develop during the near and distant future. Some comments will now be devoted to these complications.

Data stores

Already in the early days of electronic computing it was observed that the new storage media, computer tapes, for example, made it possible to register large volumes of data on physically modest devices. Text books on computing typically made the point by showing photographs comparing a huge pile of printed paper or an impressive stack of punched cards with a  single computer tape. As is well known the development of data storage technology has not yet made a halt. Simple devices, such as hand held computers, now store the equivalent of thousands of printed pages of text. Sound, images, and moving pictures are distributed for home use on various types of handy laser media. One may talk about an ultra lightweight technology for heavyweight data storage. The limits appear to be found in physical laws concerning a micro world of atoms where it is impossible to "imprint" data in stable and predictable formats.
 From the point of view of law the (almost) limitless data stores of the digital world lead to various complications. We find them in insurance law ("data damages"), in evidence law (computer generated proof), in privacy protection law (life stories on a chip), for example. In the field of access law, the Swedish lawmaker at an early stage concluded that the physical storage medium had become useless as delimiter of the access object. The medium simply contained too much data. Thus, the object of access could not be the data medium as such. Data networks have driven the point home even more clearly. From a practical point of view, the data store of a public authority, for example, is made up of storage media which are physically being kept by the organ but also of data which may be accessed via the data network. And the data network is global in nature. The digital medium allows access to the local store as well as the global store and there is no clear limit between the two. For example, a locally stored filter may decide how "outside" data are accessed and presented locally. And "messages" may be composed of data elements which are fetched partly from local and partly from distant sources.
 We are facing a situation where it becomes increasingly difficult to describe the data store or store-space of a public authority. Its upper limits hardly exist. The dividing lines between the internal (local) and the external (global) have become increasingly unclear.

Data fragments

A data store-space contains "units" of data. In a traditional store one deals with units such as "books", "letters", "index cards", "formularies", and "contracts". In a comfortable, traditional situation there is a close correspondence between the unit that is asked for and retrieved and the physical object that is and can be handled as a unit. Consider, for example, a request to obtain access to the correspondence of an individual during a certain period of time.
 In the digital world new information handling principles begin to apply to the units of data. Fragments can be retrieved, combined, restructured, excluded, compared etc. to an extent that is simply not possible in a traditional, paper-based environment. The limits are pushed downwards so that individual micro units – a single alphabetical or numeric sign, an isolated picture element, a momentary breathing – can be identified, singled out and used. Basically, we begin to deal with patterns of ones and zeros (bit patterns) and the pattern delimiters are logical rather than physical in nature. One possible delimiter is the notion of a "document" to which we will now turn.

Documents

Until the early 1970s it was not clear how the term "document" in the FPA should be construed with regard to machine-readable media such as punched cards and magnetic tapes for automatic computers. In 1971 the Supreme Administrative Court took stand in favour of a broad construction of the term. Thus, the court ruled that the term "document" must be construed broadly so as to cover new types of media for the registration of information and that it could not be accepted that developments in the technological field erratically weakened the right of access. This step – although important – meant only a provisional and partial solution. For example, it was not clear whether public authorities were under an obligation to hand out computer-readable copies of data. Case law on this issue and other ones never got time to develop. Work was already under way to revise the relevant sections of the Freedom of the Press Act.
 In 1972 the Committee on Openness and Secrecy addressed the issues in a report titled "Data and Privacy". The committee suggested that computer recordings should be regulated separately and follow special rules. The work of the committee resulted in certain provisional amendments of the FPA which entered into force in 1974. These amendments created perhaps more uncertainty than they did away with. Above all, they made accessibility dependent upon a nebulous combination of the criteria "physical location of recordings", "technical means of reproducing recordings", and "authority to reproduce recordings". Since the weaknesses of the provi-sional legislation were quite obvious, the work on revising the FPA continued and a number of amendments have later been made.
 After these amendments, the FPA now uses a broad notion of "documents". The term comprises both what may be called "direct media" (a paper document, a map, a photograph etc.) and "machine media". Machine media (which are called "recordings") are of two different types: Simple machine media are audio tapes for sound recorders and microfilm, for example. They are "simple" in the sense that the transformation from machine-readable format to a format suitable for direct human percep-tion is logically straightforward although it may be more or less technically complex. As for computer media, the transformation process is or may be logically complex and, above all, it is more controversial from the legal point of view.
 The extension of the right of access to electronic recordings involves risks and uncertainty. Among other things, it has been proposed that only digital units of information of a stable and permanent kind should be regarded as recordings under the FPA. According to this view, the original "thought contents" should determine once and for all what "documents" exist in computer files and databases. Alternatively, a precise definition of the tasks of a particular public authority should be decisive. Under this doctrine of fixation it would be possible, for example, to access a letter in electronic form but not a collection of segments of texts extracted from a number of such letters.
 The doctrine of fixation has repeatedly been rejected by the courts and by the lawmakers. Instead the doctrine of so called potential documents has been accepted and presently constitutes valid (although controversial) Swedish law.
 Briefly, the doctrine of potential documents is to be interpreted in the following way:

It should be noted that a request for information may involve a combination of data that has never before been accessed and made available. In comparison with the traditional paper media this is an important difference since, according to the FPA, a public authority is not under any obligation to extract facts from  existing paper documents which are in its keeping and put them together in a new document. However, as far as electronic media are concerned this limitation of the right of access does not apply: there are no "new documents" only "potential documents" which should be made available if they can be produced using routine measures (existing computer programs, etc.).
 The doctrine of potential documents is certainly not without difficulties. For example, there are problems of definition when it comes to delimiting the recording/document, i.e. to decide what constitutes the smallest and the largest possible recording. In other words, a recording has to be distinguished from "facts" or "particulars" (its constituent elements) as well as from "files", "archives" and "document collections". There are also problems of secrecy and security.
 According to the Swedish Secrecy Act of 1980 recordings/ documents are to be kept secret in many situations. Decisions on secrecy must neither be final nor collective – they are to be made anew in each actual situation when a recording is asked for and must refer to a particular request and a particular recording/document. Obviously, large databases and flexible ways of processing data create problems in this respect. In practice, decisions regarding secrecy tend to involve whole files rather than particular "potential documents". And sometimes combinations of certain computer programs and certain data are considered to be sensi-tive.
 There is also the issue of registration (docketing) of potential documents. In principle, all official documents – existing as well as potential – are to be registered (including information on the relevant date, docket number, sender or receiver, and contents). Evidently, to examine voluminous computer files to determine what (potential) documents can be produced using routine measures and to register all such documents is simply not possible. The necessary escape can be found in a section of Chapter 15 of the Secrecy Act which states that, with regard to documents which are not to be kept secret, registration is not required if the documents are organised in such a way that, without difficulty, it is possible to verify whether a particular document has been received or drawn up. EDP systems can thus be used to solve a problem which they have given rise to: to keep track of potential documents. Also, for certain large computer files, there are special exceptions decided by the Government.
 Recently, the Data Legislation Committee in a 1997 report (SOU 1997:39) has made an attempt to revise the FPA and introduce a new concept structure. According to the proposal the basic object of the right of access is to be not documents but "data" ("facts"). Data are considered official if they are in the keeping of a public authority either in a "document" which has been received or drawn up by the authority or in a "database" which is ready to receive and store data. All kinds of data are included, i.e. both data which can be perceived directly and data which require technical means to be perceived. It follows that both "documents" and "databases" may be in either traditional paper form or in digital form. Thus, a "document" is not defined by its physical qualities. Instead a "document" is defined as "a presentation which has a fixed (unchanging) contents".
 Limits to the obligation of retrieving data from open networks are to be found in the notion of "keeping". The Data Legislation Committee spent quite an effort on explaining how the "electronic spaces" of public authorities are to be understood and delimited. Briefly, the "keeping" of data in an external network is to be understood as maintaining a cyberspace archive. Such an archive belongs to a particular public authority  (or a group of public authorities) and is possible to access by the use of passwords etc. From this point of view, then, the notion of "keeping data" is logical in nature. The committee was aware of the terminology’s lack of precision but chose not to let the text of the FPA contain any definition of "keeping". It recommended that in uncertain cases one should apply a broad interpretation favouring the right of access.
 As mentioned earlier the proposal has not yet resulted in legislation. The new concepts suggested by the committee are probably still viewed by many as too "innovative". Above all, the idea of abandoning the traditional concept of "official documents" has met with resistance. But the difficulties with the present regulation remain and a new attempt will probably soon be made to delimit the constitutional access right in the fuzzy digital environment.

Last updated 18 okt 2011