AD 2026 No. 19 and AD 2026 No. 42 – The Labour Court declares summary dismissals invalid following unauthorised access to the employer’s IT systems

In two court cases, AD 2026 No. 19 and AD 2026 No. 42, the Swedish Labour Court has examined the question of whether there are grounds for summary dismissal when an employee has gained unauthorised access to the employer’s IT system. In both cases, the Labour Court found that there were special circumstances or distinctive conditions, and concluded that there were no grounds for summarily dismissing the employee.

AD 2026 No. 19 – Summary dismissal of an insurance company employee following searches in the company’s customer management system declared invalid

An investigator at an insurance company was summarily dismissed after carrying out unauthorised searches in the company’s customer management system for information on his former partner and her new partner. The company also argued that the employee’s personal financial situation constituted valid grounds for summary dismissal. The investigator had sought contact details for private purposes to help her son get in touch with his father. The Labour Court found that, whilst the searches were indeed unauthorised and reprehensible, the conduct was not sufficiently serious to constitute grounds for summary dismissal. Nor did the Court find that there were valid grounds for termination, neither on the basis of the searches, nor the investigator’s personal financial situation. The summary dismissal was declared invalid.

Background:

The case concerned the summary dismissal of an investigator at an insurance company. The investigator’s duties consisted of investigating fraud and irregularities against and within the company. After the Enforcement Authority had contacted the company regarding wage garnishment in respect of the investigator, who had debts subject to garnishment amounting to nearly one million Swedish kronor, the company conducted an internal investigation into the investigator via an external security firm. The investigation revealed that the investigator had, on one occasion, carried out searches in the company’s customer management system on her former partner and his new partner.

As grounds for the dismissal, the company argued that the investigator had intentionally carried out unauthorised searches in the customer management system, that she had thereby breached the confidentiality undertaking in her employment contract, and that she was guilty of breach of data secrecy within the meaning of the Swedish Penal Code. The company pointed out that high standards are required of the insurance industry and the security and integrity of its employees, and that the investigator’s burden of guilt posed a risk and vulnerability to undue influence. The employee side argued, firstly, that the investigator had had a valid reason for seeking her former partner’s contact details and that this was a one-off occurrence; and, secondly, that the investigator had not held a position subject to a statutory requirement of financial probity or involving any financial conduct obligation.

The Labour Court’s assessment:

The Labour Court noted that the searches were unauthorised and found that the investigator had been aware of this. The court also emphasised that the conduct was reprehensible and met the criteria for breach of data secrecy, and stressed that the insurance industry is a sector based on trust, where special requirements are placed on employees who have access to sensitive personal information. Against this background, the Labour Court found grounds to direct serious criticism at the employee. However, at the same time, the court found that there were circumstances in the employee’s favour: the purpose of the searches was to help her son get in touch with his father; it was a one-off incident; the information had not been passed on; the searches had not been intended to influence the company’s operations; and nearly a year had elapsed between the incident and the dismissal without the behaviour being repeated. The court therefore concluded that the investigator’s conduct was not so serious as to constitute grounds for summary dismissal.

Under section 35, first paragraph, of the Employment Protection Act, a summary dismissal shall not be declared invalid if the circumstances would have been sufficient to justify a valid termination. According to the Labour Court, neither the unauthorised withdrawals, considered in isolation, nor the investigator’s personal financial situation constituted objective grounds for termination. The investigator’s employment was not subject to any statutory requirement regarding financial prudence; it had not emerged that employees of the company had made any general commitment regarding their conduct; and the investigator had taken responsibility for her finances by applying for and being granted debt restructuring.

The Labour Court therefore declared the summary dismissal invalid. However, given that there were grounds for levelling serious criticism at the employee, the general damages were set at SEK 50,000, a significantly lower amount than usual.

Setterwalls’ comment:

The Labour Court has previously examined issues concerning the significance of unauthorised access to IT systems, and on those occasions a relatively strict approach has been adopted. However, those cases involved public sector employees, and the specific circumstances prevailing in the public sector were taken into account in the assessment. This judgement shows that an act carried out within the scope of employment, at least in the private sector, may be both unauthorised and reprehensible – in this case, even constituting a criminal offence – without this constituting grounds for dismissal or even termination of employment. In its assessment, the Labour Court attaches great importance to the circumstances of the individual case. The judgment also illustrates that an employer in the insurance sector cannot automatically base a termination of employment on an employee’s personal financial situation, at least not when the employee has taken steps to rectify it and there is no statutory or contractual requirement for financial prudence. However, the fact that the Labour Court set the general damages at a significantly lower amount than usual confirms that the court takes the conduct seriously. A practical conclusion is that employers faced with similar situations under similar circumstances should, as a first step, consider less intrusive measures, such as reprimands, warnings or redeployment, before deciding to terminate the employee’s employment. Employers also need to bear in mind that the actual circumstances will be of great significance when assessing each individual case.

Read the full case here.

AD 2026 No. 42 – Summary dismissal of a police officer following unauthorised access to the police authority’s IT system declared invalid

A police officer was dismissed after being convicted of four counts of breach of data secrecy. The breach of data secrecy involved the officer carrying out searches in the Police Authority’s IT system in a case in which the officer himself and his son were the complainants. The Labour Court found that, whilst the searches were indeed criminal, reckless and reprehensible, the conduct – taking into account the highly unusual circumstances and the difficult situation in which the police officer found himself – was not sufficiently serious to constitute grounds for summary dismissal. Nor were there objective grounds for termination of employment. The summary dismissal was declared invalid. The case also concerned whether the employer could, before the Labour Court, invoke circumstances as grounds for dismissal that had not been expressly cited in the written statement of reasons which the employer had provided to the police officer in accordance with Section 19 of the Employment Protection Act.

Background:

The Police Authority summarily dismissed a police officer on the grounds that he had committed breaches of data secrecy on four occasions – offences for which he had been convicted by the Court of Appeal. The breaches of data secrecy consisted of the police officer carrying out a total of 17 searches in the Police Authority’s IT system in a case in which he and his son were the complainants, as well as in relation to persons connected with the case. The employee side argued, firstly, that the Court of Appeal had reached the wrong verdict because the police officer had acted in a state of necessity, or alternatively in a putative state of necessity, and, secondly, that his actions – regardless of whether the Court of Appeal’s verdict was deemed correct – did not constitute grounds for summary dismissal. The employer, for its part, argued, amongst other things, that the police officer’s actions and conduct were not compatible with the requirements that apply to a police officer, and that he was obviously unsuitable for employment with the authority.

The employer also argued that the police officer had taken criminal investigation measures and otherwise acted inappropriately in the investigation in which he himself and his relatives were complainants, and that he had influenced the investigation to such an extent that confidence in the Police Authority – both internally within the investigation and amongst the general public – was at risk of being undermined. According to the employee side, the Labour Court should disregard these circumstances, as the Police Authority had not cited them as grounds in the written statement of reasons provided to the police officer in accordance with Section 19 of the Employment Protection Act.

The Labour Court’s assessment:

On the question of which circumstances the Police Authority was entitled to invoke as grounds for the summary dismissal, the Labour Court began by noting that the purpose of the employer’s obligation to state the grounds for summary dismissal at the employee’s request is to ensure that the employee is not left in uncertainty as to the reasons for the decision. However, the court also referred to well-established case law, according to which the employer may, to a certain extent, also invoke other circumstances, provided that these are in line with what has been stated as the grounds for the summary dismissal.

The court noted that the only ground for summary dismissal stated in the written notice issued by the authority to the police officer was that he had been convicted of four counts of breach of data secrecy. The police officer therefore had no reason to expect that his conduct at the crime scene and during the investigation would also form the basis for the decision to summarily dismiss him. Since these circumstances were not considered to be closely linked to the alleged criminal offences either, the court disregarded the Police Authority’s claims regarding the police officer’s conduct at the crime scene and its impact on the investigation.

On the merits of the case, the Labour Court initially found that there were no grounds for reaching a different conclusion from that of the Court of Appeal as to whether the police officer’s computer access constituted a breach of data secrecy. The Labour Court then considered whether the breaches of data secrecy constituted lawful grounds for summary dismissal. The Court found that there were grounds to view the offences committed by the police officer very seriously. At the same time, there were circumstances in the case that spoke in his favour. The court took into account, amongst other things, that the purpose of the searches was to ascertain whether there were any links between the crime to which the police officer and his son had been subjected and the police officer’s position within the Police Authority. Furthermore, it was considered relevant that, at the time of the assaults, the police officer felt that he and his family were in danger, and that the breach of data secrecy offences could be regarded as isolated incidents resulting from a particularly stressful situation. In its overall assessment, the Labour Court found that it had not been established that the police officer was obviously unsuitable for employment with the Police Authority, even though his conduct had been both imprudent and reprehensible. Against this background, the summary dismissal was declared invalid. Nor did the Labour Court consider that there had been objective grounds for termination of the employment, citing the significant mitigating circumstances that existed. With regard to damages, the Labour Court stated that the offences of which the police officer had been guilty were, in themselves, such that they would normally constitute grounds for summary dismissal. This, combined with the fact that the police officer himself had contributed significantly to the situation that had arisen, meant that the court awarded general damages of only 50,000 kronor, which is considerably lower than the amount normally awarded in cases of unfair summary dismissal.

Setterwalls’ comment:

Firstly, the ruling serves as an important reminder to all employers of the importance of carefully considering the circumstances set out in a written notice under Section 19 of the Employment Protection Act. Although the Labour Court often takes a generous view of what may be considered to be in line with the grounds stated in the written notice, entirely different circumstances cannot be invoked. This may be of decisive importance in a legal review.

In substance, it is interesting to note that, in previous rulings, the Labour Court has taken a serious view of criminal offences committed by police officers in general, and unauthorised access to IT systems by police staff in particular. However, the Court has distinguished between searches carried out out of curiosity or for personal gain, and searches which, in some e way, have been deemed justifiable in the circumstances. This ruling falls into the latter category. Just as in the case referred to above, AD 2026 No. 19, the judgement shows that an act may be both imprudent and reprehensible, and may even constitute a criminal offence, without there being grounds for summary dismissal or even termination of employment. The assessment clearly depends on the circumstances of the individual case, including the purpose of the conduct and the employee’s situation. At the same time, the low level of general damages awarded indicates that the Labour Court continues to view such conduct seriously. It is therefore clear that an employer cannot rely on unauthorised access to IT systems, or even a conviction for breach of data secrecy against the employer, automatically constituting grounds for summary dismissal or termination of employment. Employers should therefore carefully consider all relevant circumstances before deciding on dismissal and also consider less severe measures, such as a reprimand, a warning or redeployment.