I cannot trivially get the whole database, no. But I kind of fail to see what a malicious actor would do with a large database of public information that they couldn’t otherwise do. The system is designed such that you can’t really do a lot of malicious stuff with just public data, and the stuff you can do (scam calls, etc) is probably not meaningfully more effective if you have the whole database than if you do manual lookups or web scraping. I’m open to being proved wrong about that however.
Basically: obviously it's not desirable to have that full database in the hands of a malicious actor but I'm not sure it's such a big deal either. Again, it's public data by design.
I will say that the open and transparent design of Nordic society has some obvious issues when colliding with the hostile Internet we have today.
The issue here though was whether having a full database is materially worse than relying on existing public resources. I can do identity theft all day with public resources; I don’t need a full database dump.
In the US, property tax records are public by design. However, historically the records were physical and hard to search through. Now that these records are digitized and published online, it is trivial to find out where someone resides by searching through these records. So while public by design, at scale data aggregation changes the threat model.
Yes, you can buy the database for the entire population. There are commercial vendors for this, one of them is Dun & Bradstreet (Bisnode Dun & Bradstreet Sverige).
I cannot trivially get the whole database, no. But I kind of fail to see what a malicious actor would do with a large database of public information that they couldn’t otherwise do. The system is designed such that you can’t really do a lot of malicious stuff with just public data, and the stuff you can do (scam calls, etc) is probably not meaningfully more effective if you have the whole database than if you do manual lookups or web scraping. I’m open to being proved wrong about that however.
Basically: obviously it's not desirable to have that full database in the hands of a malicious actor but I'm not sure it's such a big deal either. Again, it's public data by design.
Identity theft and scams are widespread in Sweden and the most increasing crime currently.
https://ocindex.net/assets/downloads/2025/english/ocindex_pr...
I will say that the open and transparent design of Nordic society has some obvious issues when colliding with the hostile Internet we have today.
The issue here though was whether having a full database is materially worse than relying on existing public resources. I can do identity theft all day with public resources; I don’t need a full database dump.
In the US, property tax records are public by design. However, historically the records were physical and hard to search through. Now that these records are digitized and published online, it is trivial to find out where someone resides by searching through these records. So while public by design, at scale data aggregation changes the threat model.
Phone books gave out most people's home address. There were data brokers transcribing them (before reliable OCR) to build their databases.
You can trivially purchase the data from Bisnode Dun & Bradstreet Sverige.
Yes, you can buy the database for the entire population. There are commercial vendors for this, one of them is Dun & Bradstreet (Bisnode Dun & Bradstreet Sverige).