No, sharing passwords in Finland violates the Information Society Code (917/2014) and Criminal Code (39/1889), risking fines or imprisonment under unauthorized access provisions. The Finnish Transport and Communications Agency (Traficom) enforces strict cybersecurity mandates, aligning with EU’s 2026 Digital Operational Resilience Act (DORA) requirements.
Key Regulations for Sharing Passwords in Finland
- Unauthorized Access Prohibition: Under Criminal Code § 317, knowingly sharing credentials enabling third-party access to restricted systems constitutes a criminal offense, punishable by up to 2 years’ imprisonment.
- Data Protection Obligations: The General Data Protection Regulation (GDPR) and Data Protection Act (1050/2018) impose liability on organizations for negligent credential sharing, with fines up to 4% of global revenue.
- Sector-Specific Rules: Traficom’s 2024 Cybersecurity Guidelines mandate strict access controls for telecom and financial sectors, explicitly banning password sharing under Act on Electronic Communications Services (244/2021).
Exceptions exist only for explicitly authorized third-party access under contractual or statutory frameworks, such as IT support with documented consent. Employers must enforce zero-trust policies and multi-factor authentication to mitigate risks. Non-compliance triggers audits by the Finnish Data Protection Ombudsman, with potential administrative sanctions.