Division of powers

FICORA’s responsibilities include the supervising of the compliance with the Act on the Protection of Privacy in Electronic Communications and the provisions and regulations issued under the act. FICORA’s supervision powers extend to processing of identification data, protection of communications and decoding the protection and the supervising of the compliance with provisions on the information security of communications and identification data.

The Data Protection Ombudsman monitors the compliance with the provisions on the processing of location data, subscriber directories and directory inquiries as well as direct marketing. The Data Protection Ombudsman also supervises the compliance with the provisions on the processing of employees’ e-mail (Act on the Protection of Privacy in Working Life, 769/2004.

Personal data and identification data in particular are at the boundary of powers: FICORA supervises the processing of identification data, whereas the Data Protection Ombudsman supervises the processing of personal data. It is difficult to limit the division of powers in advance, so case-specific cooperation is also an option. In principle, cases related to the confidentiality of communications and network traces stored in communications networks belong to FICORA whereas other issues related to the processing of personal data in electric form belong to the Data Protection Ombudsman.

Personal data for the company’s customer register are often established on the basis of identification data. For example, the following data can be registered into the customer register: ‘a person called and asked about this’. This kind of information, which is registered into a customer registry, must in principle be processed in compliance with the Personal Data Act.