skip to content
 

Data Protection Laws and Freedom of Expression: Denmark File:Flag of Denmark.svg

 

 

I. First-Generation Statutory Law

The Private and Public Registers Acts were adopted on 8 June 1978. On 10 June 1987, both of these acts were amended with the passing of two new acts on private and public registers, respectively. In 1994, the Act on Mass Media Databases (Lov om massemediers informationsdatabaser) was passed.
 
Special Expression Derogation
The 1978 Private Registers Act did not include a derogation directly aimed at shielding professional journalism from its default provisions. The Act’s derogatory provisions for professional writers and artists was therefore of very limited scope. Denmark only excluded processing ‘for use in biographical research or for publication in ordinary works of reference’ (sec. 2(2)).
Amendments in 1987 set out new provisions absolving internal media databases ‘exclusively storing data publicized in a periodical paper’ from all the general data protection rules other than the right of subject access. Such databases were also subject to a prior notification to the Data Protection Authority (DPA) (sec. 7g(1)). Other than through ‘publication in a periodical paper’, controllers were prohibited from passing on information included in the database unless they had data subject consent, or this was ‘provided for by other enactment’. Any other internal database operated by professional journalists, as well as all publicly available databases, remained fully subject to the general law.
The 1994 Act on Information Databases operated by the Mass Media applied to information databases used to electronically process data in connection with the dissemination of news or other information and to editorial databases used for journalistic or editorial work with the purpose of publication in mass media (s. 1(1)) which were no longer regulated under the general data protections acts.The 1994 Act fully excluded databases containing previously published and unaltered material falling under the Danish Media Liability Act 1992 (see current law here) which was subject to  regulation for conformity with journalistic ethnics by the Danish Press Council (see s. 1(2)-(3)).  Otherwise, editorial databases needed to be registered with the DPA. The access or use of such databases for other than journalistic or editorial purposes was prohibited (s. 4) and necessary security measures accordingly required (s. 5). Publicly available information databases needed additionally to have been registered with the Press Council (s. 6) and were not allowed to contain any information which could not legally be published (s. 8). Sensitive data had to be deleted from such information databases three years after the event giving rise to an entry took place or the respective data was obtained (s. 8(3)), unless the public interest in the respective information outweighed the private interest of protecting such data (s. 8(4)). The data subject could request the deletion, correction or updating of data in public information databases if (i) the information was incorrect or misleading; (ii) an administrative decision or judgment has been amended or (iii) a criminal prosecution was abandoned or the data subject acquitted. Data subjects were also granted the right to access information held on them in publicly available information databases, unless it would be disproportionately difficult to retrieve the requested data (s. 11).
 
Broad Expression Derogation
There was no relevant provision.
 
Personal Exemption
No specific provision was adopted.
 
Knowledge Facilitation Framework
Denmark’s initial 1978 derogatory provided for a complete exemption for processing ‘solely for scientific or statistical purposes’ (sec. 2(2). However, the 1987 amendments substituted this for a provision prohibiting the processing of any sensitive data here unless a registration was made to the DPA which was empowered to lay down more detailed protective provisions (sec. 2(3)).
 
​Parliamentary Debates
Special Expression Derogation in the Private Registers Act Debates
Prior to the adoption of the first Private Registers Act in 1978, no relevant governmental debates on the relationship between data protection and journalistic freedom of expression took place.
 
In the process of amending the Act in 1987, the Committee on Justice recommended to introduce a new chapter in the Private Registers Act of 1978. This new chapter contained three novel provisions. First, data files kept by the press and containing only previously published material should be exempted from the Act’s scope of application. Such files should, however, be registered with the DPA. Second, the information contained in such data files should only be allowed to be relayed either with the consent of the registered person; in the form of publication; or if required by other legislation. Third, organizations keeping such data files should be under an obligation to, upon request, inform a person about what is registered about him or her in those data files.[1]
 
The Committee on Justice explained, the information contained in the data files of the press was often of a purely private nature and was prone to be incomplete or incorrect.[2] The Committee also noted, that it was difficult for a registered person to have the information corrected or deleted,[3] and that relaying of that information might have serious consequences for the registered person.[4] The penal code and the press law would, however, ‘to some extent provide protection against registration and relaying of incorrect or misleading information’ from these data files.[5] Data files which contained non-published material and were kept by the press should continue to be subject to the ordinary rules of data protection.[6]
 
Special Expression Derogation in the Mass Media Database Act Debates
In 1992, the Commission on the Press’ Information Registers presented a first draft of the Mass Media Databases Act. The Danish Data Protection Commissioner, Lotte Nylökke Jörgensen, however, did not join the majority of the Commission in supporting the proposed law. The majority’s draft law completely exempted information databases with a purely archival nature. The Data Protection Commissioner, instead, proposed to block the use of these databases to make it impossible to use the name of persons on whom sensitive personal data is registered as search terms.[7] With regard to the proposed strictly limited regulation of editorial databases, the Commissioner suggested that information may only be registered as an editorial database, if the registration is necessary for the pursuit of editorial activity.[8] The Commissioner namely disagreed that such a limited regulation of editorial databases was necessarily mandated by the protection of freedom of expression and the prohibition of censorship. At the very least, the correction or deletion of incorrect or misleading data, as provided in the Private Registers Act, would not detrimentally affect the freedom of expression.[9] The Commission also criticized that no right to access editorial databases was included in the draft. Moreover, pursuant to the Commissioner, purely private information should be removed from publicly accessible databases containing both published and new material after three years due to the declining public interest in such information after such a period of time.[10] The Commissioner further criticized the lack of any kind of supervision, proposing that the Press Council should have the authority to hold the media accountable over its information databases.[11]
Parliament concurred with the Commission’s assessment that such a law regulating the media’s use of data was necessary to protect the integrity and privacy of individuals. However, the proposed distinction between publicly available databases and editorial databases for internal use by journalists and editorial staff was critically discussed. Moreover, the draft law proposed that personal data should be deleted from editorial databases at latest three years after being added to the respective data base. This was criticized as an unwarranted interference with journalistic freedom of expression.[12] Moreover, the role of the Press Council and the Data Protection Authority was discussed repeatedly. The draft law proposed that the Press Council would be responsible to control editorial databases, particularly to ensure the deletion of certain data within the three year time limit for keeping personal data. This was criticized as it would allow the Press Council to control journalists’ notes.[13]
 
Due to the heavy criticism, including from the public, of the legislative proposal, a new draft of the Mass Media Information Database Act was presented in October 1993. Parliamentary debates on the newly proposed Mass Media Information Database Act revolved around the reconciliation of two diverging objectives. The protection of an individual’s privacy on the one hand and the freedom of expression of the media on the other.[14] With regard to the protection of journalistic expression, three legislative objectives were considered to be of particular importance: the protection of the freedom of the press[15], the protection of the freedom of information[16] and the ability of the media to make use of modern information and communication technologies for journalistic purposes.[17] MPs Vinther, Petersen and Behnke approved particularly of the fact, that the requirement to delete certain data from editorial databases within a certain time had been removed from the draft.[18] Some speakers – MP Vinther and MP Petersen – emphasised that, if this draft was adopted, then it would be very important, that media took appropriate measures, to prevent unauthorised persons from accessing their editorial databases.[19] Many speakers also concurred, that this piece of legislation was extremely complex, and would most likely have to be reviewed and amended as technologies develop.
The Committee on Justice inter alia proposed an amendment to the Act to clarify that the Act on Mass Media Information Databases shall not at all apply to databases to which the Act on Media Liability applies, i.e. databases which exclusively contain previously published and (since) unchanged material.[20] These amendments were accepted without debate.[21]
 
Broad Expression Derogation
Not applicable.
 
Personal Exemption
In the 1978 parliamentary debates, the issue of personal processing of personal data was briefly brought up once. MP Ebba Strange (Socialist People’s Party) observed that the alternative bill proposed by the Danish Social Liberal Party would subject personal data files, which were kept by private individuals, to the data protection legislation. However, this was also true of the governmental draft bill.[22] No relevant debates took place in the legislative process of the 1987 amendment.
 
Knowledge Facilitation Framework
The exemption of data processing for research and statistical purposes provided for in the 1978 Act was contested. Several Members of Parliament argued that the importance of research and statistics would not warrant a complete exemption from data protection.[23] This argument was also reflected in an alternative draft of the proposed Act[24] and in an amendment rejected in the second reading.[25]
The amendment proposed to the Private Registers Act introduced a requirement to register data files kept for research and statistical purposes. This was supported by MP Hagen Hagensen of the Conservative People’s Party in the first reading of the amendment.[26] During the Parliament’s deliberations on the draft bill, a cancer advocacy group pointed out to the Committee on Justice, that the draft bill contained a provision (§2 point 5 in draft bill), which might cause the destruction of out-of-use, public data files, which might be useful for medical research. The advocacy groups proposed that these files be archived instead. As a result, the Committee on Justice unanimously proposed (in its second report) an amendment removing the provision in question, in order not to hinder medical research.[27] The plenary assembly adopted this amendment.[28]
 
 

II. Second-Generation Statutory Law

Denmark adopted a secondAct on Processing of Personal Data on 31 May 2000.
 
Special Expression Derogation
Other than as regards information security and damages, the Act categorically excluded processing for exclusively for journalistic purposes or for the purpose of artistic or literary expression its provisions (s. 2(10)).Processing covered by the Act on Information Databases operated by the Mass Media was excluded from this new Act (see especially s. 2(6)) but the controls vis-à-vis the institutional media put in place by this legislation from 1994 (as well as the earlier Media Liability Act 1992) continued in effect with minor amendments (see here).
 
Broad Expression Derogation
The Danish law explicitly stated that the data protection framework should not apply where this would be contrary to freedom of expression and expression especially as laid down in Article 10 of the European Convention on Human Rights (s. 2(2)).
 
Personal Exemption
Danish Data Protection Law did not apply to the processing of data undertaken by a natural person with a view to the exercise of purely personal activities (s. 2(3)).
 
Knowledge Facilitation Framework
Further processing for scientific, historical or statistical purposes was exempted from the purpose incompatibility provision (s. 5(2)). No exemption was provided from the proactive direct and indirect transparency rules. In contrast, the application of the retroactive transparency rule was excluded from applying to the processing of data solely for scientific purposes or if such data were not kept beyond the period necessary for the sole purpose of creating statistics (s. 32(4)). Sensitive data rules were excluded from application where statistical or scientific studies were deemed to be of significant public importance and where such processing was necessary so long as this data was not subqeuently processed for other pruposes. Prior authorization by the DPA was required prior to any disclosure of this data to a third party (s. 10(1)). No derogations were provided from the data export, the legitimating ground and the notification of processing conditions. All processing by the public administration for solely scientific or statistical purposes required a prior opinion of the DPA (s. 45(1)(3)).
 
 
Parliamentary Debates
Special Expression in the Processing of Personal Data Law
A slightly modified version of a first draft of the Processing of Personal Data Law was discussed in parliament in 1998. MP Birthe Rönn Hornbech thereby argued that the law should include a provision requiring the media to delete incorrect and defamatory information from their data files.[29] No speaker followed up on this proposal.
 
MP Baastrup considered that the law should make reference to Art. 10 of the European Convention on Human Rights to ensure that freedom of expression would prevail over data protection legislation in case of a conflict.[30] Justice Minister Jensen confirmed that the draft would contain a provision clarifying that the law would not apply in case of conflict with the freedom of expression.[31]
 
No debates took place on the personal exemption or the knowledge facilitation framework.
 

III. Third-Generation Statutory Law

Denmark adopted a third-generation Data Protection Act on 24 May 2018.
 
Special Expression Derogation
With the exception of basic provisions in the GDPR on data security (art. 32) including controller-processor arrangements (art. 28), the new Act entirely excludes processing exclusively for journalistic purposes and also artistic and literary expression (s. 3(7)-(8)).  The Act similarly excludes information covered by the Media Liability Act (s. 3(4)-(5)) and the Act on information databases operated by the mass media (s. 3(4)) both of which continue in operation, the latter with minor substantive amendments including raising the time limit before denials of requests for deletion or reply can be brought to the Press Council from four weeks to twelve weeks.  For an overview of this special regime see the entry under first-generation data protection.  Whilst these provisions generally establish the priority of the special expression derogation over the Knowledge Facilitation Framework, it must be emphasized that notwithstanding the GDPR, the new Danish Act makes no provision for academic expression.
 
Broad Expression
The Danish law generally states that the data protection framework should not apply where this would be contrary to the freedom of expression provisions of either the European Convention on Human Rights or the EU Charter (s. 3(1)).
 
Personal Exemption – see GDPR, art. 2(2)(c)
 
Knowledge Facilitation Framework – see also GPDR, art. 5(1)(b) (compatibility), art. 5(1)(e) (time limits) and art. 89(1) (appropriate safeguards)
Danish Data Protection Law provides that all data covered by the Danish law may be transferred to be archived as long as it complies with Danish archiving legislation. No special safeguards are provided.
As regards the processing of personal data for statistical and scientific purposes, Danish law provides for a public interest exception. Sensitive data and data on criminal convictions and offenses may be processed where necessary for such purposes (s. 10). However, there must not be subsequent processing of personal data for other purposes unless auhorised by the Ministry of Health unde rules to protect the vital interests of the data subject. The same condition is laid down for any processing of data solely for statistical or scientific purposes.  The disclosure of such data to third parties is subject to the prior authorization of the DPA and must be for the purposes of processing (i) outside GDPR territorial scope; (ii) relating to biological material; or (iii) for publication in recognized scientific journals or the like. A blanket exemption is, moreover, provided for the  processing for statistical and scientific purposes from Art. 15, 16, 18 and 21 GDPR (s. 22(5)).
No provision provides for a derogation for the processing of personal data for historical research purposes.
Parliamentary Debates
Special Expression Derogation
During the Committee Consultation, Professor Sten Schaumburg-Muller criticized the ‘block exemption for all journalism’ as lacking balance.[32] He moreover questioned whether the exemption should apply equally to professional media as well as to non-professional media. In a written submission, Danish Media was satisfied the ‘current scheme regarding the media’s processing of personal data is continued in the widest possible scope’.[33] The Consumer Council, however, submitted that the same provisions exempting mass media information databases from the law were ‘very broadly worded’. It urged that the Data Protection Act should not expand the field in relation to practice today.[34] The Ministry of Justice responded that the current system of media processing of information was continued and that the draft contained ‘the right balance between the right to protect personal data and the right to freely access information, including for journalistic, academic, artistic or literary purposes’.[35]
No discussions took place on the regulation of social media in this regard.
 
Broad Expression Derogation
No relevant debate found.
 
Knowledge Facilitation Framework
The Danish Employers’ Association submitted that the concept of ‘statistics’ in the draft was too narrow. The University of Copenhagen maintained that it should be clarified that research could take place without consent. A number of other submitters expressed support for the section of the draft covering research and statistics.[36] No further debates were found.
 
 

[1] Betaenking avgivet af retsudvalget den 27. Maj 1987: Betaenknig over Forslag til lov om aendring av lov om private registre m.v. og lov om offentlige myndigheders registre, 4.
[2] Betaenking avgivet af retsudvalget den 27. Maj 1987: ”Betaenknig over Forslag til lov om aendring av lov om private registre m.v. og lov om offentlige myndigheders registre”, 11-12.
[3] Betaenking avgivet af retsudvalget den 27. Maj 1987: ”Betaenknig over Forslag til lov om aendring av lov om private registre m.v. og lov om offentlige myndigheders registre”, 12.
[4] Betaenking avgivet af retsudvalget den 27. Maj 1987: ”Betaenknig over Forslag til lov om aendring av lov om private registre m.v. og lov om offentlige myndigheders registre”, 12.
[5] Betaenking avgivet af retsudvalget den 27. Maj 1987: ”Betaenknig over Forslag til lov om aendring av lov om private registre m.v. og lov om offentlige myndigheders registre”, 12.
[6] Betaenking avgivet af retsudvalget den 27. Maj 1987: ”Betaenknig over Forslag til lov om aendring av lov om private registre m.v. og lov om offentlige myndigheders registre”, 12.
[7] “Betaenkning om pressen informationsregistre, Afgivet af et udvalg nedsat af Justisministeren den 11. April 1991”, Betaenkning nr. 1233 (1992); p.98.
[8] “Betaenkning om pressen informationsregistre, Afgivet af et udvalg nedsat af Justisministeren den 11. April 1991”, Betaenkning nr. 1233 (1992); p.101.
[9] “Betaenkning om pressen informationsregistre, Afgivet af et udvalg nedsat af Justisministeren den 11. April 1991”, Betaenkning nr. 1233 (1992); p.102.
[10] “Betaenkning om pressen informationsregistre, Afgivet af et udvalg nedsat af Justisministeren den 11. April 1991”, Betaenkning nr. 1233 (1992); p.105.
[11] “Betaenkning om pressen informationsregistre, Afgivet af et udvalg nedsat af Justisministeren den 11. April 1991”, Betaenkning nr. 1233 (1992); p.105.
[12] MP Petersen SP 8011 and MP Behnke Sp. 8013 in “Første behandling af lovforslag nr L.262: Forslag till lov om massmediers informationsdatabaser” in Forhandlingerne i Folketingsåret 1992-93, Fillaeg F, den 14/04/1993.
[13] MP Behnke Sp.8013 in “Første behandling af lovforslag nr L.262: Forslag till lov om massmediers informationsdatabaser” in Forhandlingerne i Folketingsåret 1992-93, Tillaeg F, den 14/04/1993.
[14] See eg MP Lissa Mathiassen (social-democrat) Sp.1741; MP Gert Petersen (Socialist People’s Party) Sp. 1748; MP Elisabeth Arnold (Danish Social Liberal Party) SP.1750 in “Første behandling af lovforslag nr L.50: Forslag till lov om massmediers informationsdatabaser” in Forhandlingerne i Folketingsåret 1993-94. Nr 3, den 10/11/1993.
[15] See MP Lissa Mathiassen Sp.1741 , MP John Vinther (Christian People’s Party) Sp1742 and MP Gert Petersen Sp.1747 in “Første behandling af lovforslag nr L.50: Forslag till lov om massmediers [15]        see MP Lissa Mathiassen Sp.1741 , MP John Vinther (Christian People’s Party) Sp1742 and MP Gert Petersen Sp.1747 in “Første behandling af lovforslag nr L.50: Forslag till lov om massmediers informationsdatabaser” in Forhandlingerne i Folketingsåret 1993-94. Nr 3, den 10/11/1993.
[16] See MP Lissa Mathiassen Sp.1741 and MP Gert Petersen Sp.1747 in “Første behandling af lovforslag nr L.50: Forslag till lov om massmediers informationsdatabaser” in Forhandlingerne i Folketingsåret 1993-94. Nr 3, den 10/11/1993.
[17] See MP Lissa Mathiassen Sp.1741 and MP John Vinther Sp.1742 in “Første behandling af lovforslag nr L.50: Forslag till lov om massmediers informationsdatabaser” in Forhandlingerne i Folketingsåret 1993-94. Nr 3, den 10/11/1993.
[18]  MP John Vinther Sp1743; MP Gert Petersen Sp.1747 and MP Tom Behnke (Progress Party) Sp.1748 in  1747 in “Første behandling af lovforslag nr L.50: Forslag till lov om massmediers informationsdatabaser” in Forhandlingerne i Folketingsåret 1993-94. Nr 3, den 10/11/1993
[19]  MP John Vinther SP.1744 and MP Gert Petersen Sp. 1747 in in “Første behandling af lovforslag nr L.50: Forslag till lov om massmediers informationsdatabaser” in Forhandlingerne i Folketingsåret 1993-94. Nr 3, den 10/11/1993
[20] Tilllaegsbetaenkning avgivet af Retsudvalget den 24. maj 1994: Tillaegsbetaenkning over Forslag til lov om massemediers informationsdatabaser.; cf. Act on Media Liability, §1
[21] ‘Tredje behandling af lovforslag nr L.50: Forslag till lov om massmediers informationsdatabaser’ in Forhandlingerne i Folketingsåret 1993-94. Nr 8 Sp. 11961, den 26/05/1994
[22] ‘Første behandling af lovforslag nr. L 36: Forslag til lov om private register m.v.’ in Forhandlingerne I folketingsåret 1977-78 Nr.20, den 11/11/1977, Sp.1877
[23] MP Mimi Jakobsen (Christian Democrat) ‘Første behandling af lovforslag nr. L 36: Forslag til lov om private register m.v.’ in Forhandlingerne I folketingsåret 1977-78 Nr.20, den 11/11/1977, Sp.1876; MP Niels Helveg Petersen (Danish Social Liberal Party)                ‘Første behandling af lovforslag nr. L 36: Forslag til lov om private register m.v.’ in Forhandlingerne I folketingsåret 1977-78 Nr.20, den 11/11/1977, Sp.1894; MP Lis Starcke (Justice Party) ‘Første behandling af lovforslag nr. L 36: Forslag til lov om private register m.v.’ in Forhandlingerne I folketingsåret 1977-78 Nr.20, den 11/11/1977, Sp.1887.
[24] ‘Første behandling af lovforslag nr. L 36: Forslag til lov om private register m.v.’ in Forhandlingerne I folketingsåret 1977-78 Nr.20, den 11/11/1977, Sp.1887.
[25] ‘Anden behandling af lovforslag nr. L 36: Forslag til lov om private register m.v.’ in Forhandlingerne I folketingsåret 1977-78 Nr.23, den 23/05/1978, Sp.10594.
[26] ’Første behandling af lovforslag nr. L 32: Forslag til lov om aendring af lov om private register m.v. og lov om offentlige myndigheders registre’ in Forhandlingerne I folketingsåret 1986-87 Nr.52, den 30/10/1986, Sp.1487.
[27] Tillaegsbetaenkning afgivet af retsudvalget den 3. Juni 1987: ’Tillaegsbetaenkning over Forslag til lov om aendring af lov om private registre m.v. og lov om offentlige myndigheders regsitre’, p.1-2
[28] Tredje behandling af lovforslag nr. L 32: ’Forslag til lov om private register m.v. og lov om offentlige myndigheders registre’ in Forhandlingerne I folketingsåret 1986-87 Nr.57, den 04/06/1987, Sp.13255
[29] MP Birthe Rönn Hornbech (Liberal Party of Denmark), tale 4 ‘Første behandling af lovforslag nr. L 44: Forslag til lov om behandling af personoplysninger’ http://webarkiv.ft.dk/?/Samling/19981/lovforslag_oversigtsformat/L44.html (last accessed 20 August 2020).
[30] MP Anne Baastrup (Socialist People’s Party), tale 4, in Første behandling af lovforslag nr. L 147: Forslag til lov om behandling af personoplysninger http://webarkiv.ft.dk/?/Samling/19991/lovforslag_oversigtsformat/L147.html (last accessed 20 August 2020).
[31] Ibid.
[32] ‘Kommenteret oversigt over høringssvar om forslag til lov om supplerende bestemmelser til forordning om beskyttelse af fysiske personer i forbindelse med behandling af personoplysninger og om fri udveksling af sådanne oplysninger (databeskyttelsesloven)’ https://www.ft.dk/samling/20171/lovforslag/L68/bilag/1/1869101/index.htm (last accessed 2 July 2020).
[33] Ibid.
[34] Ibid.
[35] Ibid.
[36] Ibid.