Swedish Social Insurance Agency (SSIA) – No Violation (Sweden, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Swedish Data Protection Authority closed its investigation into the Swedish Social Insurance Agency because the agency stopped using a machine learning system for selecting individuals for checks. Since there were no ongoing issues, the authority found no reason to continue the investigation. This outcome shows that organizations can avoid scrutiny by proactively addressing data processing practices.
What happened
The Swedish Social Insurance Agency discontinued its use of a machine learning-based risk profile for selecting individuals for checks.
Who was affected
Individuals receiving temporary parental benefits who would have been subject to checks.
What the authority found
The authority concluded that there were no grounds for further investigation since the machine learning processing had ceased.
Why this matters
This case illustrates the importance of transparency and responsiveness in data processing. Organizations should be aware of how their data practices can be scrutinized and adapt accordingly.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
In June 2025, the Swedish Data Protection Authority (IMY) began inspecting the Swedish Social Insurance Agency (SSIA). The inspection aimed to examine how the SSIA processes personal data when using risk-based selection for targeted checks on individuals receiving temporary parental benefits. IMY specifically investigated the use of any AI or machine learning systems in these selection checks. In response, SSIA stated that it had previously used a machine learning-based risk profile but had discontinued it over a month prior. SSIA also indicated that it had no plans to reinstate the risk profile in the processing. IMY concluded that since the machine learning-based processing had ceased and there were no plans to reinstate it, there were no grounds for further investigation. The case was therefore closed.
Outcome
No Violation
The DPA investigated and found no violation.
Related Enforcement Actions (0)
No other enforcement actions found for Swedish Social Insurance Agency (SSIA) in SE
This is the only recorded action for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Swedish Social Insurance Agency (SSIA) - Sweden (2025). Retrieved from cookiefines.eu
Last updated: