Datatilsynet (Norway)- 20/02254: Difference between revisions
(Created page with "{{DPAdecisionBOX |Jurisdiction=Norway |DPA-BG-Color= |DPAlogo=LogoNO.png |DPA_Abbrevation=Datatilsynet |DPA_With_Country=Datatilsynet (Norway) |Case_Number_Name= 20/02254-1...") |
mNo edit summary |
||
| Line 58: | Line 58: | ||
}} | }} | ||
In a case at the intersection of telecommunications law and data protection, the Norwegian Privacy Appeals Board (Personvernrådet) upheld the Norwegian DPA's (Datatilsynet) request for information to OpenX. | |||
== English Summary == | ==English Summary== | ||
=== Facts === | ===Facts=== | ||
The Norwegian Consumer Council (Forbrukerrådet) filed three complaints against the gay/bi dating app Grindr and five adtech companies that received personal data through the app. Subsequently, Datatilsynet sent a request for more information from one of the adtech companies; OpenX. | The Norwegian Consumer Council (Forbrukerrådet) filed three complaints against the gay/bi dating app Grindr and five adtech companies that received personal data through the app. Subsequently, Datatilsynet sent a request for more information from one of the adtech companies; OpenX. | ||
OpenX refused to respond on the basis that Datatilsynet don't have legal grounds to impose such a request on them, because, in their opinion, the issue relates to the Electronic Communications Act § 2(7)(b) (cf. Article 5(3) ePrivacy Directive 2002/58/EC), where the Norwegian Communications Authority is the right supervisory authority (and not Datatilsynet), and filed a complaint to the Privacy Appeals Board. | OpenX refused to respond on the basis that Datatilsynet don't have legal grounds to impose such a request on them, because, in their opinion, the issue relates to the Electronic Communications Act § 2(7)(b) (cf. Article 5(3) ePrivacy Directive 2002/58/EC), where the Norwegian Communications Authority is the right supervisory authority (and not Datatilsynet), and filed a complaint to the Privacy Appeals Board. | ||
=== Dispute === | ===Dispute=== | ||
Does the Datatilsynet have the legal grounds (as a supervisory authority) to impose a request for information on OpenX? | |||
=== Holding === | ===Holding=== | ||
The Privacy Appeals Board rejected OpenX's complaint as they concluded that Datatilsynet | The Privacy Appeals Board rejected OpenX's complaint as they concluded that Datatilsynet has legal grounds to impose such requests for information as per Article 58(1) GDPR. | ||
== Comment == | ==Comment== | ||
Note that this decision doesn't revolve around the initial complaints submitted by the Norwegian Consumer Council (Forbrukerrådet) or Datatilsynet view on the matters of the complaints. This matter is solely about Datatilsynet's legal grounds to impose a request for information from a data controller, data processor or their representative. | Note that this decision doesn't revolve around the initial complaints submitted by the Norwegian Consumer Council (Forbrukerrådet) or Datatilsynet view on the matters of the complaints. This matter is solely about Datatilsynet's legal grounds to impose a request for information from a data controller, data processor or their representative. | ||
== Further Resources == | ==Further Resources== | ||
''Share blogs or news articles here!'' | ''Share blogs or news articles here!'' | ||
== English Machine Translation of the Decision == | ==English Machine Translation of the Decision== | ||
The decision below is a machine translation of the Norwegian original. Please refer to the Norwegian original for more details. | The decision below is a machine translation of the Norwegian original. Please refer to the Norwegian original for more details. | ||
Revision as of 15:52, 23 October 2020
| Datatilsynet - 20/02254-1 (20/00768)/TSM | |
|---|---|
 | |
| Authority: | Datatilsynet (Norway) |
| Jurisdiction: | Norway |
| Relevant Law: | Article 57(1)(a) GDPR Article 57(1)(f) GDPR Article 58(1) GDPR Article 5(3) ePrivacy Directive 2002/58/EC Public Administration Act § 14 The Electronic Communications Act § 2(7)(b) |
| Type: | Complaint |
| Outcome: | Rejected |
| Started: | |
| Decided: | 07.09.2020 |
| Published: | 07.09.2020 |
| Fine: | None |
| Parties: | OpenX Software Ltd., OpenX Ltd. og OpenX Technologies, Inc. Privacy Appeals Board Datatilsynet |
| National Case Number/Name: | 20/02254-1 (20/00768)/TSM |
| European Case Law Identifier: | n/a |
| Appeal: | n/a |
| Original Language(s): | Norwegian |
| Original Source: | Personvernnemda (in NO) |
| Initial Contributor: | Rie Aleksandra Walle |
In a case at the intersection of telecommunications law and data protection, the Norwegian Privacy Appeals Board (Personvernrådet) upheld the Norwegian DPA's (Datatilsynet) request for information to OpenX.
English Summary
Facts
The Norwegian Consumer Council (Forbrukerrådet) filed three complaints against the gay/bi dating app Grindr and five adtech companies that received personal data through the app. Subsequently, Datatilsynet sent a request for more information from one of the adtech companies; OpenX.
OpenX refused to respond on the basis that Datatilsynet don't have legal grounds to impose such a request on them, because, in their opinion, the issue relates to the Electronic Communications Act § 2(7)(b) (cf. Article 5(3) ePrivacy Directive 2002/58/EC), where the Norwegian Communications Authority is the right supervisory authority (and not Datatilsynet), and filed a complaint to the Privacy Appeals Board.
Dispute
Does the Datatilsynet have the legal grounds (as a supervisory authority) to impose a request for information on OpenX?
Holding
The Privacy Appeals Board rejected OpenX's complaint as they concluded that Datatilsynet has legal grounds to impose such requests for information as per Article 58(1) GDPR.
Comment
Note that this decision doesn't revolve around the initial complaints submitted by the Norwegian Consumer Council (Forbrukerrådet) or Datatilsynet view on the matters of the complaints. This matter is solely about Datatilsynet's legal grounds to impose a request for information from a data controller, data processor or their representative.
Further Resources
Share blogs or news articles here!
English Machine Translation of the Decision
The decision below is a machine translation of the Norwegian original. Please refer to the Norwegian original for more details.
