Denmark: Datatilsynet issues statement on personal data transmission over unencrypted internet connections
The Danish data protection authority ('Datatilsynet') issued, on 22 October 2020, its statement on the transmission of personal data over unencrypted internet connections. In particular, the Datatilsynet outlined that, when authorities and businesses request citizens to send specific information for the purpose of processing a case or service, they must be aware that they must offer data subjects a sufficiently secure transmission solution, and, in the case of information of a confidential or sensitive nature, the organisation's employees must remember to recommend to the citizens to send the information via an encrypted connection. Furthermore, the Datatilsynet noted that an organisation is not responsible for the method of transmission if the data subject unsolicitedly sends information of a confidential or sensitive nature via an unencrypted connection, or if the citizen still uses an insecure method of transmission despite an invitation to send the information via an encrypted method.
You can read the Statement, only available in Danish, here.