A Finnish police officer who accessed nearly 100 personal records during his free time has been cleared of all charges, raising questions about data protection enforcement in Finland. The North Savo District Court dismissed 140 data protection violation charges against the Eastern Finland Police senior constable, accepting his argument that the searches were work-related.
Off-duty surveillance sparks legal battle
The officer used Mobiilipoke (Finland's mobile police database system) to search personal and vehicle registration data for 97 individuals between May and December 2023 in Kuopio. Most targets had limited criminal histories, and many suspected crimes never reached court. The officer, who received specialized surveillance training not given to all police, claimed he was following up on observations and tips during his personal time.
Colleagues described him as conscientious and thorough. The officer argued his regular work hours were insufficient for all assigned tasks, forcing him to extend shifts informally. This "harmaata työtä" (unpaid overtime work) is reportedly common in Finnish policing, according to testimony from fellow officers.
Prosecutors sought conditional imprisonment for breach of official duty and multiple data protection crimes. The court rejected all charges, ruling the searches were connected to legitimate work duties. Authorities found no evidence the officer distributed the information or gained personal benefit.
Data protection rules tightened after case
The acquittal exposes enforcement challenges in Finland's data protection framework. According to the Office of the Prosecutor General, Finnish police face 900-1,000 criminal complaints annually, all handled by the specialized Police Crimes unit established in October 2024.
Eastern Finland Police updated Mobiilipoke usage guidelines twice following this case, in early 2024 and again later that year. New rules explicitly prohibit using the application during days off or annual leave for task monitoring. Off-duty access now requires justified official duties.
The timing reveals reactive rather than proactive oversight. Internal controls failed to prevent extensive off-duty database access over seven months, suggesting systemic gaps in digital surveillance of police activities. This case will likely influence how other Nordic countries monitor police database access, particularly as Sweden and Denmark review their own digital oversight protocols following recent GDPR enforcement actions.
Read more: Finnish Fashion Brand Voglia Files for Bankruptcy After 41 Y....
Read more: Strike Looms in Finnish Private Social Services After Failed....