Protective security refers to protecting information and activities of importance to Sweden’s security against espionage, sabotage, terrorist offences and certain other threats. The new Protective Security Act, in force as of 1 April 2019, applies to more organisations than previously.
Attacks on certain public agencies or companies in Sweden could have serious consequences for national security, especially if organisations operating in sectors such as the total defence, law enforcement, energy and water supplies, telecommunications and transport are targeted. Such organisations may, as part of their remit, be required to handle information of importance to Sweden’s security. Should such information be disclosed, destroyed or altered, this could affect Sweden’s security. Certain organisations may also need special protection against terrorism, as an attack would have very serious consequences for Sweden. These organisations need to have protective security measures in place.
Such measures are regulated by the Protective Security Act and the Protective Security Ordinance.
Protective security refers to preventive measures taken to protect the security-sensitive activities of public agencies and companies against espionage, sabotage, terrorist offences and other crimes that might threaten their operations. Security-sensitive activities are activities that are of importance to Sweden's security or are covered by an international protective security commitment that is binding for Sweden.
Protective security also includes the protection of information relating to security-sensitive activities and therefore covered by the provisions of the Public Access to Information and Secrecy Act, or would have been covered by these provisions had this Act been applicable. Such information is called classified information.
The Swedish Security Service exercises supervision over protective security within most public agencies and companies. The Swedish Armed Forces is the supervisory authority for certain organisations. There are also a number of sector-specific agencies with direct supervisory duties over certain organisations.
The Security Service is at liberty to decide where to conduct protective security inspections, and always gives priority to the nation's most critical assets. This means that inspections focus mainly on areas where an attack would have the most serious consequences for Sweden as a nation. Following the inspection, the Service suggests measures to improve protective security.
Providing continuous advice and support to those who handle the most critical assets is part of the Security Service’s efforts to improve protective security in Sweden.
The Service’s remit also includes conducting records checks. Records checks generally form part of the security screening procedures carried out before a person can take part in security-sensitive activities.
The new Protective Security Act (2018:585) and Protective Security Ordinance (2018:658), effective as of 1 April 2019, apply to everyone conducting security-sensitive operations. More organisations than before are covered, and it is clarified that the new legislation applies to both public and private organisations.