Cyber Security & Privacy Awareness: Cooperation Opportunities

On 7 December, the Netherlands Embassy in Stockholm together with Security Delta (HSD) and InnovationQuarter, organized a digital round table discussion for Dutch and Swedish stakeholders in the cybersecurity market. We heard perspectives from multiple organisations on the current state of privacy issues and GDPR implementation in both countries. Below you can read a report of the dialogue as well as some concrete follow-up.

Is legal tech the future of privacy compliance… and what about digital sovereignty?

Personal data nowadays is omnipresent. As data is stored for a very long time, legislation needs to take into account past and future. The subject is complex and technical developments have contributed to the complexity (for example because access to data is bigger than ever by linking systems to each other). There is still a lot of uncertainty with regards to cloud services and many municipalities are uncertain about how to implement new tech. Maturity assessments are helpful to improve compliance and planning. It creates movement because it gives a clearer picture of what still needs to be done.

Many organisations still don´t fully grasp the scope of everything that is considered personal data, but the GDPR has increased awareness and so have the fines for those who don´t comply. The annual spend on compliance initiatives per year running up to the GDPR legislation becoming operative amounted to 21 billion SEK (2 billion Euro).
Despite Sweden´s culture of decentralized governance, issues surrounding digitalisation are increasingly approached in a centralized way. These additional layers of legislation are also hampering movement forward. There are several national investigations going on linked to the Swedish Public Information & Secrecy Act that for instance look at how to deal with metadata and how to define when data is breached (even when encrypted).

Some expressed that there is almost too much focus on protection of data and privacy, instead of working constructively with tech laws for the future. We must not forget that cloud solutions can also bring forward important solutions to create better lives for citizens, with services that are accessible to all. The fact that the principle of transparency is an important good in Sweden, is positive in that aspect and resembles the Dutch approach more than many other EU countries.

Digital sovereignty is increasingly present as a topic in political and legal high level discussions in all of the EU. Hyperscalers have seen a 130% growth in Sweden, but this growth has not been as big as expected. It remains unclear whether non-Swedish cloud service providers will be subject to Swedish jurisdiction. We can be certain that cloud is the future but we need to find solutions to avoid third country data transfer. Dutch providers of cloud solutions should not see any major issues with providing services in Sweden – as long as they can be transparent about how they process the data.

Many procurements do not succeed because the dialogue between the buyers and the sellers does not work. Luckily, public sector organisations are becoming better at explaining how their data processes work. That is helpful for the companies who develop solutions that are needed for interaction with citizens – and who can advise on how to process and use the data in a smart way, for the better good of society and citizens.

One of the most important takeaways from the discussions is that we see a clear trend towards the merger of cybersecurity and privacy issues and that the attendees saw good opportunities for Dutch and Swedish stakeholders to continue the discussions. The future will benefit from smart ´compliance as a service´ solutions.

Organizing parties & panelists

The event was an initiative of Security DeltaInnovationQuarter and the Netherlands Embassy in Stockholm - with support from the Dutch Ministry of Foreign Affairs.

Our panel of experts included representatives from both Sweden and the Netherlands:
Cyber Inc
Cirio Law Firm
Magnus Josephson
Public Insight
Radar Ecosystem Specialists
The Hague Municipality

This round table was the beginning of an exploration on how we can work together and create mutual benefit. 

What´s next?

We see ample opportunities for organisations and companies from the Netherlands and Sweden to work together in improving privacy awareness & compliance around Europe.

For now, we would like to highlight a number of points:

  1. Recently, InnovationQuarter published a fact sheet on why Sweden is an interesting market for Dutch cybersecurity companies.
  2. Vice versa, you can find a document highlighting 10 reasons why the Netherlands is an interesting hotspot for Swedish cybersecurity companies.
  3. The Dutch company Smartlockr is organizing a Swedish webinar about the future of secure e-mailing on 15 December. You can register here
  4. At the bottom of this article, you can find information about the upcoming Radar Security Conference in Stockholm in March 2022. With enough interest from Dutch companies, we can offer support for a group visit. Please contact us before 17 December if you are interested.