A Helsinki administrative court has overturned a €2.4 million data protection fine against Finland's national postal service Posti. The penalty was originally imposed last year for privacy violations related to Posti's Omaposti digital mailbox service.
Posti had automatically created electronic mailboxes for customers without separate requests. Finland's Data Protection Ombudsman's sanction collegium issued the fine for practices violating data protection regulations.
The court ruled that Posti had legitimate grounds for processing personal data through the Omaposti message box. This finding formed the basis for canceling the substantial financial penalty.
Posti's Omaposti service functions as a digital mailbox where Finns receive official communications and bills. The automatic creation of these accounts raised concerns about customer consent under European data protection rules.
This decision represents a significant victory for the state-owned postal company. The court's ruling acknowledges the practical necessity of digital service delivery while still upholding data protection principles.
The case highlights the ongoing tension between convenient digital services and strict privacy requirements. Finnish authorities must balance modern service expectations with GDPR compliance standards.