Finland fast-tracks ID code law change after hacking case
The government of Finland is preparing legislation that would allow citizens to change their personal identity codes citizens in cases of gross data breaches that carry a high risk of identity theft
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.The government of Finland said Thursday it was preparing legislation that would allow citizens to change their personal identity codes citizens in cases of gross data breaches that carry a high risk of identity theft.
The government’s fast-tracked proposal was designed primarily to assist thousands of people whose personal information was stolen during a hacking of patient records at a private Finnish psychotherapy center.
All Finns receive a personal identity code at birth to allow them to access most public and many private services. Under Finland’s current law, the criteria for changing one's code are strict and, according to the government, cannot be applied in advance to prevent criminal or other significant harmful activity.
The legislation being drafted would make the process slightly easier.
“The work will start immediately, and the laws will be completed by the beginning of next year,” said Minister of Local Government Sirpa Paatero who is in charge of the Finnish government’s electronic services.
Finland also wants to develop a webpage that enables citizens to report a suspected theft of their personal data and to block unauthorized use of the information.
Finnish police estimate that up to 40,000 clients of the Vastaamo psychotherapy clinic may have had their data compromised in two likely breaches of its information systems in 2018 and 2019. The clinic has several branches throughout Finland and operates as a sub-contractor for the Nordic country's public health system,
The hacking episodes were revealed last month. The still unknown perpetrator or perpetrators published at least 300 patient records containing names, personal identity codes and contact information on the anonymous “dark web” Tor network.
Soon after, dozens of Vastaamo clients received ransom demands to pay money in exchange for keeping their information private. Also the psychotherapy center reportedly received a demand for 450,000 euros ($531,000) in Bitcoin.
The case has stunned people in Finland, a nation of 5.5 million, and cybersecurity experts have described such gross misuse of patient records as exceptional even on an international level.
The National Bureau of Investigation said at the end of October that it had so far received some 15,000 complaints that victims of the clinic data breaches filed with police.
Subscribe to Independent Premium to bookmark this article
Want to bookmark your favourite articles and stories to read or reference later? Start your Independent Premium subscription today.