fbpx

Download free GDPR compliance checklist!

Tag Archives for " Norway "

Norway pulls its coronavirus contacts-tracing app after privacy watchdog’s warning

One of the first national coronavirus contacts-tracing apps to be launched in Europe is being suspended in Norway after the country’s data protection authority raised concerns that the software, called “Smittestopp,” poses a disproportionate threat to user privacy — including by continuously uploading people’s location.

Following a warning from the watchdog Friday, the Norwegian Institute of Public Health (FHI) said today it will stop uploading data from tomorrow — ahead of a June 23 deadline when the DPA had asked for use of the app to be suspended so that changes could be made. It added that it disagrees with the watchdog’s assessment but will nonetheless delete user data “as soon as possible.”

Source: Norway pulls its coronavirus contacts-tracing app after privacy watchdog’s warning | TechCrunch

Norwegian DPA launches investigation into Disqus

The Norwegian data protection authority has launched an investigation into Disqus for allegedly collecting information about Norwegians through comment areas of websites without proper information.

DPA noted that in accordance with the General Data Protection Regulation (GDPR), data processing must be legal and transparent and that, in light of this, collecting data without providing prior information is problematic. DPA stated that it has sent a letter to Disqus requesting answers on the investigated practices.

Source: Requires statement from Disqus | Inspectorate

Administrative fine of 170.000 € imposed on Bergen Municipality

The Norwegian Supervisory Authority (Datatilsynet) has imposed an administrative fine of 1.6 million Norwegian kroner, or the equivalent of 170.000 €, on the Municipality of Bergen.

The incident relates to computer files with usernames and passwords to over 35000 user accounts in the municipality’s computer system. The user accounts related to both pupils in the municipality’s primary schools, and to the employees of the same schools. Due to insufficient security measures, these files have been unprotected and openly accessible. The lack of security measures in the system made it possible for anyone to log in to the school’s various information systems, and thereby to access various categories of personal data relating to the pupils and employees of the schools.

Source: Administrative fine of 170.000 € imposed on Bergen Municipality | Datatilsynet

Software development with Data Protection by Design and by Default

The Norwegian Data Protection Authority has developed these guidelines to help organisations understand and comply with the requirement of data protection by design and by default in article 25 of the General Data Protection Regulation.

Source: Software development with Data Protection by Design and by Default | Datatilsynet

Norway prepares for GDPR with draft for new Personal Data Act

By Jan Sandtrø , Partner, Norway Last week the new Personal Data Act for implementing the GDPR in Norway was published. Norway has taken a similar approach to, for example, Ireland in translating the GDPR into Norwegian, but there are also some additional regulations proposed which are specific to Norway.

Source: NORWAY: Preparing to implement the GDPR – Draft for new Personal Data Act

>