Sweden Recording Laws: One-Party Consent Rules and Penalties (2026)

---

title: "Sweden Recording Laws: One-Party Consent Rules and Penalties (2026)" meta_description: "Sweden allows one-party consent recording under Brottsbalken Ch. 4 §9a. Learn the rules for phone, in-person, and workplace recording, plus GDPR requirements and 2025 camera law changes." slug: "world-recording-laws/sweden-recording-laws" last_updated: "2026-03-21"

Sweden occupies an unusual position in European recording law. While much of the EU leans toward stricter two-party or all-party consent frameworks, Swedish criminal law permits individuals to record their own conversations without notifying anyone else involved. This one-party consent principle has been part of the Swedish Penal Code (Brottsbalken) since 1975 and remains in effect today.

But the picture is more complicated than a simple "you can record" summary suggests. Sweden layers criminal statutes, EU data protection regulation, workplace privacy guidance, and a recently overhauled camera surveillance law on top of each other. Understanding where personal recording rights end and legal liability begins requires looking at each layer individually.

The Core Statute: Brottsbalken Chapter 4, Section 9a

The foundation of Swedish recording law sits in the Penal Code. Chapter 4, Section 9a (4 kap. 9a §) defines the offense of "olovlig avlyssning" (unlawful eavesdropping). The provision was enacted through Law (1975:239) and states, in summary, that a person who uses a technical device for sound reproduction to secretly listen to or record speech in private, conversations between others, or proceedings at meetings not open to the public, where the person is not a participant, commits unlawful eavesdropping.

The penalty is fines or imprisonment for up to two years.

The critical phrase in the original Swedish is "som han icke sjalv deltager i" (in which they do not participate). This carve-out is what makes Sweden a one-party consent jurisdiction. If you are part of the conversation, Section 9a does not apply to you. You can record without telling the other participants.

What Section 9a Prohibits

The law targets three specific scenarios when you are NOT a participant:

• Recording private speech. Capturing someone talking to themselves in a private setting using a hidden device.
• Recording conversations between others. Planting a recording device in a room where two other people are talking.
• Recording closed meetings. Using technology to capture proceedings at meetings, conferences, or gatherings not open to the public.

All three require a "tekniskt hjalpmedel" (technical device). Simply overhearing a conversation with your own ears is not covered by 9a, though other privacy provisions may apply.

Penalties for Unlawful Eavesdropping

The penalty range under Section 9a is fines (boter) or imprisonment for a maximum of two years (fangelse i hogst tva ar). Swedish courts consider the severity of the intrusion, the context, the offender's prior record, and any mitigating circumstances when determining where in this range a sentence falls. The statute of limitations is five years from the date of the offense.

Section 9b of the same chapter also criminalizes preparation for unlawful eavesdropping. Installing a recording device with the intent to commit an offense under Section 9a carries the same penalty: fines or up to two years in prison. This provision was amended by Law (2013:366).

Section 8: Breach of Postal and Telecommunications Secrecy

A related provision, Brottsbalken Chapter 4 Section 8 (4 kap. 8 §), protects the confidentiality of communications handled by postal and telecommunications providers. Amended most recently by Law (2012:280), it states that a person who unlawfully obtains access to a communication that a postal or telecommunications company delivers as mail or through an electronic communications network is guilty of breach of postal or telecommunications secrecy (brytande av post- eller telehemlighet).

The penalty is fines or imprisonment for up to two years.

This provision is distinct from Section 9a. While 9a covers direct recording of conversations, Section 8 targets interception of communications in transit through postal or telecom infrastructure. Think intercepting someone's phone line at the provider level, accessing their voicemail without authorization, or reading their electronic messages through a telecom system.

Together, Sections 8 and 9a form the backbone of Sweden's criminal framework for communications privacy.

Phone Calls vs. In-Person Conversations

Swedish law draws no legal distinction between recording a phone call and recording a face-to-face conversation. The same one-party consent rule applies in both situations. If you are a participant in the conversation, you may record it regardless of the medium.

This means:

• Phone calls: You can record any call you are on. You do not need to tell the other person.
• In-person meetings: You can record a meeting you attend. No notification is required under criminal law.
• Video calls: The same logic extends to video conferences, VoIP calls, and other digital communication where you are a participant.

The consistency across formats is notable. Some jurisdictions treat phone and in-person recording differently, but Sweden does not.

GDPR and Business Recording Requirements

Here is where Sweden's permissive criminal law framework collides with the European Union's General Data Protection Regulation. While Brottsbalken says individuals can record their own conversations freely, GDPR imposes additional requirements when the recording happens in a professional or business context.

Sweden's data protection authority, Integritetsskyddsmyndigheten (IMY), enforces GDPR within the country. When businesses record calls or meetings, they must comply with several obligations.

Notification Requirement

Companies must inform the person being recorded that the recording is taking place. This is a departure from the criminal law rule. Under Brottsbalken, you do not need to tell the other party. Under GDPR, businesses do.

The notification must include:

• The fact that recording is occurring
• The purpose of the recording
• How the recording will be used
• Who controls the data

Legal Basis

Every business recording needs a lawful basis under GDPR Article 6. The most common bases used in Sweden are:

• Legitimate interest (berattigat intresse): Quality assurance, training, or dispute resolution. The company must document a balancing test showing the business interest outweighs the individual's privacy interest.
• Consent: The recorded person explicitly agrees. This is less common in practice because consent must be freely given, and power imbalances (employer-employee, business-customer) can undermine its validity.
• Legal obligation: Recording required by financial regulation or other law.

Data Handling Rules

Recorded data must be stored securely, preferably within the EU. Access should be restricted to authorized personnel. Recordings must be deleted after serving their stated purpose, typically within 3 to 12 months. Individuals can request deletion under GDPR Article 17 (right to erasure) in certain circumstances.

Penalties for GDPR Violations

IMY can impose administrative fines of up to 20 million euros or 4% of global annual turnover, whichever is higher. In 2024, IMY closed 326 supervisory matters and imposed fines in six cases totaling SEK 60.6 million (approximately EUR 5.5 million). These enforcement actions demonstrate that IMY actively pursues data protection violations.

Workplace Recording: IMY Guidance

Workplace recording is one of the most restricted areas of Swedish privacy law. The power imbalance between employers and employees makes this a sensitive topic, and IMY has issued detailed guidance.

Audio Recording in the Workplace

IMY's position is clear: recording sound is generally not permitted at a workplace. This applies even in situations where video surveillance might be justified. An employer who installs cameras with microphones in a warehouse, for example, would likely need to disable the audio function.

This prohibition stems from GDPR's proportionality principle. Audio recording captures far more personal information than video alone, including private conversations between employees. IMY considers this level of intrusion disproportionate for most workplace purposes.

Video Surveillance of Employees

Video surveillance at work is permitted but heavily restricted. Employers must demonstrate strong justification, and IMY requires a documented balancing of interests that weighs the employer's need against employees' privacy rights.

Acceptable purposes include:

• Real-time monitoring of hazardous industrial processes
• Preventing robbery or theft in retail environments
• Monitoring small, crime-prone storage areas containing valuable property

What Employers Cannot Do

IMY explicitly prohibits several workplace surveillance practices:

• Systematic monitoring of employee work performance
• Surveillance of changing rooms, break rooms, or rest areas
• Hidden cameras without proper notification
• Using surveillance footage for purposes beyond its original stated reason
• Sharing surveillance images with other employers or publishing them online

Visible signage must identify all monitored areas, including the purpose of surveillance and the controller's contact information.

Employee Recording Rights

The employer restrictions above do not limit an employee's personal rights under Brottsbalken. An employee can still legally record a conversation with their boss, a meeting with HR, or a phone call with a colleague, as long as they are a participant. The Swedish trade union SAC has publicly advised workers to record conversations with employers as a way to document workplace disputes.

However, what the employee does with that recording matters. Sharing it publicly could raise defamation concerns under Brottsbalken Chapter 5, and using it in ways that violate another person's dignity could create liability.

Recording in Public Spaces

Recording in public spaces in Sweden is generally permitted, with some qualifications. There is no law prohibiting individuals from recording video or audio in public areas. Street photography, filming in parks, and recording conversations in cafes where you are a participant are all legal.

However, publishing or distributing recordings of identifiable individuals may trigger GDPR obligations. If you record a conversation in a public square and post it online with the other person's face and voice clearly identifiable, you may need to consider data protection requirements, particularly if the recording is not for purely personal or household purposes.

The Camera Surveillance Act: 2025 Overhaul

Sweden's Camera Surveillance Act (Kamerabevakningslagen, 2018:1200) underwent a major overhaul that took effect on April 1, 2025. The Swedish Parliament (Riksdag) voted in favor of the changes on March 12, 2025.

What Changed

The most significant change: the permit requirement for camera surveillance in public spaces was eliminated. Before April 2025, public sector organizations and certain private entities needed to apply to IMY for a permit before installing surveillance cameras. That requirement is gone.

New Framework

The permit system was replaced with a self-assessment model. Organizations must now:

1. Conduct a documented legitimate interest assessment. This means analyzing whether the surveillance purpose (security, crime prevention, safety) outweighs the privacy intrusion before any cameras go up.
2. Maintain a surveillance register. All camera surveillance must be inventoried and documented.
3. Comply with GDPR. The removal of the permit does not remove data protection obligations. Organizations must still justify their surveillance under GDPR Article 6 and follow all data handling requirements.

The Camera Surveillance Act defines its scope broadly, covering "TV cameras or other optical-electronic instruments" including fixed installations, mobile equipment, and drone-based monitoring systems used for continuous or regular individual monitoring.

Law Enforcement Expansion

The 2025 changes also expanded law enforcement surveillance powers:

• Police and the Swedish Security Service (Sakerhetspolisen) gained authority to conduct video surveillance in more locations.
• A new exemption allows nationwide deployment of Automatic Number Plate Recognition (ANPR) technology without the standard balancing-of-interests requirement.
• Streamlined procedures were introduced for urgent surveillance situations.

What the Changes Mean in Practice

For private businesses, the permit removal reduces bureaucratic delay. A retail store that wants to install security cameras no longer needs to wait for IMY approval. But the store must document why the cameras are necessary, what they cover, how long footage is retained, and who has access.

For individuals, the changes mean more cameras in public spaces, particularly near government buildings, transit stations, and areas with high crime rates. The tradeoff between public safety and personal privacy shifted toward surveillance access in this reform.

State Surveillance: 2025 Expansion

Beyond camera law, Sweden has been expanding government surveillance powers in response to a surge in organized crime and gang violence. The country experienced a dramatic increase in bombings, rising from seven incidents in September 2024 to over 30 in January 2025.

Wiretapping of Minors

In January 2025, Prime Minister Ulf Kristersson announced accelerated implementation of a law permitting surveillance of children under 15 suspected of involvement in organized crime. The law applies to offenses carrying prison sentences exceeding four years and requires a higher degree of suspicion than would apply to adult suspects. Originally scheduled for summer 2026, implementation was moved up to fall 2025.

Data Retention Legislation

In April 2025, a proposed law titled "Datalagring och atkomst till elektronisk information" (Data storage and access to electronic information) drew international criticism. Over 230 organizations and individuals from more than 50 countries signed an open letter urging the Riksdag to reject the bill, which would force companies to store user communications and provide law enforcement access, including to end-to-end encrypted messages.

Critics described the proposal as creating "an encryption backdoor, akin to a master key that unlocks every door in a building." The debate continues in 2026.

Law Enforcement Wiretapping Under Rattegangsbalken

Sweden's Code of Judicial Procedure (Rattegangsbalken) Chapter 27 governs secret wiretapping (hemlig avlyssning) by law enforcement. Key requirements include:

• A court order is generally required before wiretapping can begin.
• The suspect must be reasonably suspected of a crime.
• In emergency situations, a prosecutor can authorize wiretapping temporarily while awaiting court approval.
• Room interception (bugging a physical space) has stricter requirements than telephone wiretapping.

These provisions apply to law enforcement investigations and are separate from the civilian recording rules under Brottsbalken Chapter 4.

Admissibility of Recordings in Court

Swedish courts follow a principle of free evaluation of evidence. There are no rigid rules excluding evidence based on how it was obtained. This means:

A recording is admissible as evidence in Swedish courts even if it was obtained illegally.

If someone records a conversation in violation of Section 9a (as a non-participant), that recording can still be presented in court. The judge will assess its reliability and weight alongside all other evidence. The person who made the illegal recording may face criminal charges for the act of recording, but the recording itself is not automatically excluded from proceedings.

This is a significant difference from jurisdictions like the United States, where illegally obtained evidence may be suppressed under exclusionary rules.

Sharing and Distributing Recordings

Recording a conversation is one thing. Sharing it is another. Swedish law creates several potential liability points for distributing recordings.

Defamation (Fortal)

Under Brottsbalken Chapter 5, Section 1, a person who shares information that exposes someone to contempt may be guilty of defamation. Publishing a recording that portrays someone negatively could trigger this provision. The penalty for standard defamation is a fine. Aggravated defamation (grovt fortal), which considers the scope of dissemination and potential damage, carries fines or up to two years in prison.

GDPR Implications

Distributing a recording containing personal data, especially voice recordings of identifiable individuals, triggers GDPR obligations if the distribution goes beyond purely personal use. Publishing a recording online, sharing it with media, or distributing it within an organization all potentially require a lawful basis under GDPR.

Practical Guidance

The safest approach in Sweden: you can record your own conversations freely, but think carefully before sharing those recordings with anyone beyond your lawyer or a court proceeding.

Scandinavian Comparison

Sweden's one-party consent approach aligns with its Nordic neighbors, though the details vary.

Norway

Norway follows one-party consent for personal recording. A participant can record their own conversation without notifying others. However, Norwegian authorities recommend seeking consent before recording, and businesses must comply with GDPR notification requirements. Distributing private recordings is restricted.

Denmark

Denmark also permits one-party consent recording. Participants can record conversations they are part of without informing others. For business call recording, companies must obtain explicit opt-in consent from customers as required by GDPR and rulings from the Danish Data Protection Agency (Datatilsynet). Spreading or disseminating private conversations is illegal under Danish law.

Finland

Finland permits participants to record conversations they are part of, protected under Section 12 of the Finnish Constitution (freedom of expression). As with Sweden, GDPR compliance is mandatory for businesses, meaning customers must be notified and consent obtained before commercial recording.

Common Thread

All four Nordic countries share the same basic framework: individuals can record their own conversations, but businesses face GDPR constraints, and distributing recordings carries legal risk. Sweden stands out for having one of the more explicitly codified criminal provisions (Section 9a) defining exactly what constitutes unlawful eavesdropping.

Penalties Summary

Offense	Statute	Penalty
Unlawful eavesdropping (olovlig avlyssning)	BrB 4 kap. 9a §	Fines or up to 2 years imprisonment
Preparation for eavesdropping	BrB 4 kap. 9b §	Fines or up to 2 years imprisonment
Breach of postal/telecom secrecy	BrB 4 kap. 8 §	Fines or up to 2 years imprisonment
Defamation (fortal)	BrB 5 kap. 1 §	Fines
Aggravated defamation (grovt fortal)	BrB 5 kap. 2 §	Fines or up to 2 years imprisonment
GDPR violation	EU Regulation 2016/679	Up to EUR 20 million or 4% of global turnover

Business Compliance Checklist

Companies operating in Sweden that record calls, meetings, or other interactions should take these steps:

1. Determine your legal basis under GDPR. Legitimate interest is most common for call recording, but document the balancing test.
2. Notify all parties being recorded. Use an automated message at the start of calls or clear signage for in-person recording.
3. State the purpose. Quality assurance, training, regulatory compliance, or dispute resolution.
4. Limit retention. Delete recordings after they serve their stated purpose, typically 3 to 12 months.
5. Restrict access. Only authorized personnel should be able to listen to or review recordings.
6. Encrypt and store securely. Keep recordings within the EU where possible.
7. Honor deletion requests. Respond to GDPR Article 17 requests within the required timeframe.
8. Document everything. Maintain records of your recording practices, legal basis assessments, and data processing activities.
9. Prohibit workplace audio surveillance. Following IMY guidance, do not record audio in employee work areas.
10. Update camera surveillance documentation. Under the April 2025 changes, conduct and document legitimate interest assessments for all video surveillance.