Sweden

Cybersecurity legislation is generally scattered over different areas of law. Provisions on information security are, for example, found in the following acts/laws and regulations (see further information about each law/regulation below under section 1.1 and 1.2).
• Law on information security for social and digital services (SFS 2018:1174)
• Regulation on information security for social and digital services (SFS 2018:1175)
• Freedom of Press Act (1949:105)
• Public Access and Secrecy Act (2009:400)
• Public Access and Secrecy Regulation (2009:641)
• Security Protection Act (1996:627)
• Regulation (1996:633) on Security Protection
• Electronic Communications Act (2003:389)
• Regulation (2003:396) on electronic communication
• Patient Data Act (2008:355)
• Patient Security Act (2010:659)
• The Swedish Financial Supervisory Authority’s Regulations and General Guidelines (FFFS 2014:5) Regarding Information Security, IT Operations and Deposit Systems
• The Swedish Financial Supervisory Authority’s Regulations and General Guidelines (FFFS 2014:4)
• Regulation (2015:1052) on emergency management and authorities responsible for surveillance at heightened alerts
• Ship Security Act (2004:487)
• Nuclear Activity Act (1984:3)
In addition, an ongoing policy initiative is the proposal for a European regulation on information and communication technology cybersecurity certification (the Cybersecurity Act).