This project of the Ministry of Transport and Communications amends the Act on the Protection of Privacy in Electronic Communications (516/2004) regarding, for example, the handling of identification data. On 5 June 2007, the Working Group on amending the Act on the Protection of Privacy in Electronic Communications submitted a proposal to the Minister of Communications.
Corporate or association subscribers would be allowed to process identification data for the purposes of detecting unauthorised use of pay services of the information society or detecting unauthorised use of a communication service or a communications network that is conducive to causing significant damage to the corporate or association subscriber. Corporate and association subscribers are also proposed to be allowed to process identification data in cases of unauthorised disclosure of trade secrets central to their own or their partners' business. However, the right to process the data should be used as a last resort. Corporate and association subscribers should primarily aim to protect their communications networks and services as well as trade secrets with appropriate user administration and information security measures, and by instructing the users about the use of the networks.
According to the legislation, companies would not be able to read the content of emails, but only consult the log data of email, i.e. the names of the sender and recipient, time the email was sent and name and size of attachment.
A new legislation will allow increased monitoring of employees' electronic communications by their employers. However, it requires relatively great investments and monitoring capacity by the companies that wish to apply the possibility granted by the new legislation.
The amendments were due to enter into force on 1 June 2009.