Q. Can I have my Stockholm University (SU) e-mail forwarded to an external e-mail provider, like Gmail?
A. No.
More precisely: Since November 2015, Stockholm University no longer allows the use of any cloud service (like webmail or box) owned by a US company since this would be in violation of Swedish laws regulating the handling of personal data.
What you can do is to configure a local mail client, or a web mail service like Gmail, to set up a new "account" for your SU mailbox (the terminology may vary between programs). Then copies of all your incoming SU mail will be fetched into a local inbox in your mail client or web mail, and you can read mails from there. All mails will remain in your SU inbox, as required by the SU policies. The only drawback is that you need to keep an eye on several inboxes instead of just one.
Q. Can I have my KTH e-mail (which is the same as my Nordita e-mail) forwarded to an external e-mail provider, like Gmail?
A. Yes.
Strictly speaking the same restrictions (see "Background" below) apply for KTH as for SU, but at KTH they have decided to be less strict, so forwarding is still allowed. Proceed like this: go to kth.se; press "login" on the gray bar at the top of the page, using your KTH username and password; select the menu item with your first name; from the drop-down menu, select "Forward KTH email".
This is all about the concern (from individual companies and organizations like Stockholm University, to Swedish authorities as well as bodies on the EU level) for the safe handling of personal data. "All kinds of information that is directly or indirectly referable to a natural person who is alive constitute personal data" in the language of the Swedish Personal Data Act (PuL), which in turn is based on an EU directive. See this Personal Data Protection fact brochure for more information.
Basically, the European Union would not object to the exchange of personal data with non-EU countries that can guarantee similar levels of data protection as within the EU. To facilitate this, the US Department of Commerce developed a set of rules, referred to as the "Safe Harbor" program, for the safe handling of personal data. US companies and organizations could then voluntarily subscribe to these rules, which would enable EU companies to exchange personal data with them.
The European Court of Justice, however, in a ruling of 6 October, 2015, does not consider the Safe Harbor principles to provide sufficient protection for personal data. In particular, companies with US ownership are governed by the Patriot Act.
This means that European companies and organizations can no longer refer to Safe Harbor for exchanging documents and other material containing personal data (like e-mails) with the US. The consequences are far-reaching.
EU and US authorities are in the process of developing a new framework, the EU-US Privacy Shield, to replace Safe Harbor. First decisive steps were taken in February 2016.
To be on the safe side, the SU Headmaster in November, 2015, decided that employees of Stockholm University (which is a Swedish governmental agency) are not allowed to use any cloud services with US ownership. This includes e-mail providers like Gmail and cloud services like Dropbox.
This policy will be enforced until new legal frameworks are in place. So until that time, you cannot forward your SU e-mail to Gmail.
You still can forward your e-mail to organizations that comply to the Personal Data Act (PuL), such as universities in Sweden and the other Nordic countries. If you forward your e-mail in this way, a copy of all incoming mail will be kept on the SU mail servers, in compliance with the Public Access to Information and Secrecy Act ("offentlighetsprincipen").
The legal situation regarding handling of personal data is of course exactly the same for KTH as for SU or any other company or organization within the EU. It remains technically possible to forward e-mails coming to your KTH e-mail address to external providers like Gmail, but this of course does not mean that it is legal to do so. The KTH policy is to discourage rather than forbid use of US cloud services like Gmail and Dropbox.
This page was printed on 2025-01-07 from old.nordita.org/email/forwarding_policies