Download free GDPR compliance checklist!

Tag Archives for " Norway "

Norwegian DPA launches investigation into Disqus

The Norwegian data protection authority has launched an investigation into Disqus for allegedly collecting information about Norwegians through comment areas of websites without proper information.

DPA noted that in accordance with the General Data Protection Regulation (GDPR), data processing must be legal and transparent and that, in light of this, collecting data without providing prior information is problematic. DPA stated that it has sent a letter to Disqus requesting answers on the investigated practices.

Source: Requires statement from Disqus | Inspectorate

Administrative fine of 170.000 € imposed on Bergen Municipality

The Norwegian Supervisory Authority (Datatilsynet) has imposed an administrative fine of 1.6 million Norwegian kroner, or the equivalent of 170.000 €, on the Municipality of Bergen.

The incident relates to computer files with usernames and passwords to over 35000 user accounts in the municipality’s computer system. The user accounts related to both pupils in the municipality’s primary schools, and to the employees of the same schools. Due to insufficient security measures, these files have been unprotected and openly accessible. The lack of security measures in the system made it possible for anyone to log in to the school’s various information systems, and thereby to access various categories of personal data relating to the pupils and employees of the schools.

Source: Administrative fine of 170.000 € imposed on Bergen Municipality | Datatilsynet

Software development with Data Protection by Design and by Default

The Norwegian Data Protection Authority has developed these guidelines to help organisations understand and comply with the requirement of data protection by design and by default in article 25 of the General Data Protection Regulation.

Source: Software development with Data Protection by Design and by Default | Datatilsynet

Norway prepares for GDPR with draft for new Personal Data Act

By Jan Sandtrø , Partner, Norway Last week the new Personal Data Act for implementing the GDPR in Norway was published. Norway has taken a similar approach to, for example, Ireland in translating the GDPR into Norwegian, but there are also some additional regulations proposed which are specific to Norway.

Source: NORWAY: Preparing to implement the GDPR – Draft for new Personal Data Act