Netnod responds to final report on secure and cost-efficient IT operations

The public investigation consists of two parts: the interim report (SOU 2021:1) and the final report (SOU 2021:97). Netnod’s comments on the interim report are available here. The response to the final report concerns both the contents of the final report and topics within the scope of secure and cost-efficient IT operations not covered by any of the reports.

We see two main an interconnected issues with the final report:

We believe that the first main issue with both the interim and the final report is that they consider existing legislation as a strict environment for digitalisation rather than fundamentally questioning what the legislative environment for secure and cost-efficient IT operations should look like. As an example, the investigation does not exhaustively comment on the inherent conflict of cost-efficiency (one of the tenets of the investigation) versus adherence to the rule of law applied in public procurement. These are two conflicting goals.

We believe that the second main issue is that neither the interim nor the final report clearly discuss and understand the IT operational needs of the public sector and therefore fall short in the analysis of the suggested solution. As an example, suppliers are mainly discussed as single entities (as private in the interim report and as public in the final report) which provide vertically integrated solutions. The networks or supply chains involved in producing those services are not problematised in enough detail.

Netnod believes that the effort put into the interim and final reports should be put to good use by further discussion and analysis of the topic before any strategic or legislative actions are taken. For Sweden to remain a successful IT nation, great care is needed to avoid causing unnecessary disruption through rushed legislation.

Netnod’s full response is available here.