HR Legal

Po­lice as­sis­tant was dis­missed for sev­eral data breaches

Legal news
27 March 2025
Sweden

The Swedish Labour Court found that it was lawful to summarily dismiss a police assistant for nine data breaches. Her actions were such a gross breach of trust that she was clearly unfit for her position.

Over a period of two years, a police assistant unlawfully searched for her half-sister’s partner on the authority’s IT system. Her searches also included other individuals and vehicles related to him. All the searches were unrelated to her work.

The IT system was set up so that users were warned about the consequences of wrongful handling and data use when logging into it. There were also internal security guidelines in place.

The Labour Court found that the employee had breached her obligations so severely that she could be terminated without notice.

IUNO’s opinion

An intentional data breach can be a gross breach of trust and may justify a summary dismissal. However, the different security measures and guidelines will usually also play a role in the assessment. It will always require a case-by-case assessment.

IUNO recommends that companies have clear internal guidelines for data processing. Companies are ultimately responsible for data breaches under the applicable data protection rules. For that reason, ongoing training and clear guidance are crucial to ensure compliance in practice.

We have previously written a newsletter about data breaches here and, more generally, about when a summary dismissal can be justified here.

[The Labour Court’s decision of 18 March 2025 in case 12/25]

Over a period of two years, a police assistant unlawfully searched for her half-sister’s partner on the authority’s IT system. Her searches also included other individuals and vehicles related to him. All the searches were unrelated to her work.

The IT system was set up so that users were warned about the consequences of wrongful handling and data use when logging into it. There were also internal security guidelines in place.

The Labour Court found that the employee had breached her obligations so severely that she could be terminated without notice.

IUNO’s opinion

An intentional data breach can be a gross breach of trust and may justify a summary dismissal. However, the different security measures and guidelines will usually also play a role in the assessment. It will always require a case-by-case assessment.

IUNO recommends that companies have clear internal guidelines for data processing. Companies are ultimately responsible for data breaches under the applicable data protection rules. For that reason, ongoing training and clear guidance are crucial to ensure compliance in practice.

We have previously written a newsletter about data breaches here and, more generally, about when a summary dismissal can be justified here.

[The Labour Court’s decision of 18 March 2025 in case 12/25]

Receive our newsletter

Anders

Etgen Reitz

Partner

Alexandra

Jensen

Associate

Similar

HR Legal

28 March 2025

EFTA Court: Norway can restrict hiring of temporary agency workers

HR Legal

27 March 2025

Self-organiser was not a self-organiser

HR Legal

7 March 2025

Employee became liable for competitive activities

HR Legal

27 February 2025

Employee was not bound by unfair non-competition clause

HR Legal

23 February 2025

Employees lost stock options after termination

HR Legal

21 February 2025

New rules from the EU on platform work

The team

Alexandra

Jensen

Associate

Alma

Winsløw-Lydeking

Senior legal assistant

Anders

Etgen Reitz

Partner

Cecillie

Groth Henriksen

Senior associate

Elias

Lederhaas

Legal assistant

Emilie

Louise Børsch

Associate

Johan

Gustav Dein

Associate

Kirsten

Astrup

Managing associate

Maria

Kjærsgaard Juhl

Legal advisor

Sunniva

Løfsgaard

Legal assistant

Søren

Hessellund Klausen

Partner