https://gdprhub.eu/index.php?title=Data_Protection_in_Norway&feed=atom&action=historyData Protection in Norway - Revision history2024-03-28T23:28:45ZRevision history for this page on the wikiMediaWiki 1.39.6https://gdprhub.eu/index.php?title=Data_Protection_in_Norway&diff=33670&oldid=prev171.23.6.99: /* Age of consent */ Noted that the age of consent is not general. Children cannot, generally, handle the processing of personal data. There are just some excemptions to this rule.2023-06-23T12:53:05Z<p><span dir="auto"><span class="autocomment">Age of consent: </span> Noted that the age of consent is not general. Children cannot, generally, handle the processing of personal data. There are just some excemptions to this rule.</span></p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 12:53, 23 June 2023</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l33">Line 33:</td>
<td colspan="2" class="diff-lineno">Line 33:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>====Age of consent====</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>====Age of consent====</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>The age of consent is 13 years following § 5 of the Personal Data Act.</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>The age of consent is 13 years following § 5 of the Personal Data Act<ins style="font-weight: bold; text-decoration: none;">. There is, however, no general age when the child can handle processing of personal data on their own. There are some excemptions that give children the power to consent in some instances, such as relating to information society services in GDPR art. 8</ins>. </div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>====Freedom of Speech====</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>====Freedom of Speech====</div></td></tr>
</table>171.23.6.99https://gdprhub.eu/index.php?title=Data_Protection_in_Norway&diff=13031&oldid=prev79.160.20.140: /* National ePrivacy Law */2020-12-19T09:28:22Z<p><span dir="auto"><span class="autocomment">National ePrivacy Law</span></span></p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 09:28, 19 December 2020</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l54">Line 54:</td>
<td colspan="2" class="diff-lineno">Line 54:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Oversight of the Electronic Communications Act is placed with the Norwegian Communications Authority (Nasjonal Kommunikasjonsmyndighet - "NKOM"). Similar to other EFTA-countries (Iceland, Lichtenstein), directive 2009/136/EC is not per se implemented, as it is not amended to the EFTA-agreement. The lack of implementation is due to the creation of The Body of European Regulators for Electronic Communications ("BEREC"). Due to uncertainty concerning the EFTA-countries connection to BEREC with regards to the EFTA-agreement (and sovereignity), the amended 2009-directive requiring an explicit consent for the placement of cookies does not apply. </div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Oversight of the Electronic Communications Act is placed with the Norwegian Communications Authority (Nasjonal Kommunikasjonsmyndighet - "NKOM"). Similar to other EFTA-countries (Iceland, Lichtenstein), directive 2009/136/EC is not per se implemented, as it is not amended to the EFTA-agreement. The lack of implementation is due to the creation of The Body of European Regulators for Electronic Communications ("BEREC"). Due to uncertainty concerning the EFTA-countries connection to BEREC with regards to the EFTA-agreement (and sovereignity), the amended 2009-directive requiring an explicit consent for the placement of cookies does not apply. </div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>However, the legal situation concerning the placement of cookies is still uncertain. The legislator decided to adopt internal rules, similar to the requirements under article 5 in the amended 2009/136/EC directive, to avoid <del style="font-weight: bold; text-decoration: none;">different </del>rules from the rest of the union. The wording of § 2-7b of the Electronic Communications Act is therefore identical to the wording of article 5 in the ePrivacy-directive. </div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>However, the legal situation concerning the placement of cookies is still uncertain. The legislator decided to adopt internal rules, similar to the requirements under article 5 in the amended 2009/136/EC directive, to avoid <ins style="font-weight: bold; text-decoration: none;">divergent </ins>rules from the rest of the union. The wording of § 2-7b of the Electronic Communications Act is therefore identical to the wording of article 5 in the ePrivacy-directive. </div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>However, the adopted law did not meet the standards set out in the amended directive (and upheld in the [[CJEU - C-673/17 - Planet49|Planet-49 case]]). The national law is currently ambiguous, in large part due to statements in the preparatory works explicitly allowing for the use of "implicit" consent - requiring Do Not Track-signals and the like to <del style="font-weight: bold; text-decoration: none;">signal </del>that one does not consent. Another reason is seemingly the lack of enforcement, and lack of will to enforce, the current law by NKOM. In part, it is questionable if the clearly stated requirement of "consent" in the wording of § 2-7b, read in conjunction with Article 2(f) in the implemented directive 2002/58/EC, and the clearly stated goal of adopting national legislation for the purpose of EU harmonization, can support the statement in the preparatory works with regards to "implicit" consent. </div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>However, the adopted law did not meet the standards set out in the amended directive (and <ins style="font-weight: bold; text-decoration: none;">later </ins>upheld in the [[CJEU - C-673/17 - Planet49|Planet-49 case]]). The national law is currently ambiguous, in large part due to statements in the preparatory works explicitly allowing for the use of <ins style="font-weight: bold; text-decoration: none;">the </ins>"implicit" consent <ins style="font-weight: bold; text-decoration: none;">construction </ins>- requiring Do Not Track-signals and the like to <ins style="font-weight: bold; text-decoration: none;">indicate </ins>that one does not consent. Another reason is seemingly the lack of enforcement, and lack of will to enforce, the current law by NKOM. In part, it is questionable if the clearly stated requirement of "consent" in the wording of § 2-7b, read in conjunction with Article 2(f) in the implemented directive 2002/58/EC, and the clearly stated goal of adopting national legislation for the purpose of EU harmonization, can support the statement in the preparatory works with regards to "implicit" consent. </div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>==Data Protection Authority==</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>==Data Protection Authority==</div></td></tr>
</table>79.160.20.140https://gdprhub.eu/index.php?title=Data_Protection_in_Norway&diff=13028&oldid=prev79.160.20.140: /* Courts */2020-12-18T15:20:06Z<p><span dir="auto"><span class="autocomment">Courts</span></span></p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 15:20, 18 December 2020</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l71">Line 71:</td>
<td colspan="2" class="diff-lineno">Line 71:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>There is one court system with three instances in Norway - the District Courts (first instance); The Courts of Appeal (second instance); and the Supreme Court (third and last instance). The courts are divided into judicial districts, which is one of several elements that may decide which regional court that gets to decide the case (''verneting'' in Norwegian). Judges in Norway are generalists rather than specialists. As such, there is no specialized chambers in the courts for privacy matters. </div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>There is one court system with three instances in Norway - the District Courts (first instance); The Courts of Appeal (second instance); and the Supreme Court (third and last instance). The courts are divided into judicial districts, which is one of several elements that may decide which regional court that gets to decide the case (''verneting'' in Norwegian). Judges in Norway are generalists rather than specialists. As such, there is no specialized chambers in the courts for privacy matters. </div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>Complaints can be filed directly with the lower instance court pursuant to § 1-3 of the Dispute Act. If the filing concerns the validity of a decision by ''Personvernnemda'', the State act as defendant pursuant to the Personal Data Act § <del style="font-weight: bold; text-decoration: none;">43(5)</del>.</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>Complaints can be filed directly with the lower instance court pursuant to § 1-3 of the Dispute Act. If the filing concerns the validity of a decision by ''Personvernnemda'', the State act as defendant pursuant to the Personal Data Act § <ins style="font-weight: bold; text-decoration: none;">25</ins>.</div></td></tr>
</table>79.160.20.140https://gdprhub.eu/index.php?title=Data_Protection_in_Norway&diff=13027&oldid=prev79.160.20.140: /* National ePrivacy Law */2020-12-18T15:17:14Z<p><span dir="auto"><span class="autocomment">National ePrivacy Law</span></span></p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 15:17, 18 December 2020</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l51">Line 51:</td>
<td colspan="2" class="diff-lineno">Line 51:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>===National ePrivacy Law===</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>===National ePrivacy Law===</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>The Electronic Communications Act implements parts of the ePrivacy Directive, including the placement of cookies which is regulated under § 2-7b. Spam emails are regulated under The Marketing Control Act § 15. In addition, there is a Central Marketing Exclusion Register where consumers can opt-out of marketing, in which case businesses cannot contact them unless certain conditions are met (former consent/request or existing business relationship).</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>The Electronic Communications Act implements parts of the ePrivacy Directive, including the placement of cookies which is regulated under § 2-7b. Spam emails are regulated under The Marketing Control Act § 15. In addition, there is a Central Marketing Exclusion Register where consumers can opt-out of marketing, in which case businesses cannot contact them unless certain conditions are met (former consent/request or existing business relationship).</div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">Oversight of the Electronic Communications Act is placed with the Norwegian Communications Authority (Nasjonal Kommunikasjonsmyndighet - "NKOM"). Similar to other EFTA-countries (Iceland, Lichtenstein), directive 2009/136/EC is not per se implemented, as it is not amended to the EFTA-agreement. The lack of implementation is due to the creation of The Body of European Regulators for Electronic Communications ("BEREC"). Due to uncertainty concerning the EFTA-countries connection to BEREC with regards to the EFTA-agreement (and sovereignity), the amended 2009-directive requiring an explicit consent for the placement of cookies does not apply. </ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">However, the legal situation concerning the placement of cookies is still uncertain. The legislator decided to adopt internal rules, similar to the requirements under article 5 in the amended 2009/136/EC directive, to avoid different rules from the rest of the union. The wording of § 2-7b of the Electronic Communications Act is therefore identical to the wording of article 5 in the ePrivacy-directive. </ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">However, the adopted law did not meet the standards set out in the amended directive (and upheld in the [[CJEU - C-673/17 - Planet49|Planet-49 case]]). The national law is currently ambiguous, in large part due to statements in the preparatory works explicitly allowing for the use of "implicit" consent - requiring Do Not Track-signals and the like to signal that one does not consent. Another reason is seemingly the lack of enforcement, and lack of will to enforce, the current law by NKOM. In part, it is questionable if the clearly stated requirement of "consent" in the wording of § 2-7b, read in conjunction with Article 2(f) in the implemented directive 2002/58/EC, and the clearly stated goal of adopting national legislation for the purpose of EU harmonization, can support the statement in the preparatory works with regards to "implicit" consent. </ins></div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>==Data Protection Authority==</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>==Data Protection Authority==</div></td></tr>
</table>79.160.20.140https://gdprhub.eu/index.php?title=Data_Protection_in_Norway&diff=6386&oldid=prev10.90.129.130: /* Courts */2020-01-16T14:21:57Z<p><span dir="auto"><span class="autocomment">Courts</span></span></p>
<p><b>New page</b></p><div>{| class="wikitable" style="width: 25%; margin-left: 10px; float:right;"<br />
! colspan="2" |Data Protection in Norway<br />
[[Category:Country Overview]]<br />
|-<br />
| colspan="2" |[[File:no.png|center|250px]]<br />
|-<br />
|Data Protection Authority:||[[Datatilsynet (Norway)]]<br />
|-<br />
|National Implementation Law (Original):||[https://lovdata.no/dokument/NL/lov/2018-06-15-38 Personopplysningsloven]<br />
|-<br />
|English Translation of National Implementation Law:||n/a<br />
|-<br />
|Official Language(s):||Norwegian<br />
|-<br />
|National Legislation Database(s):||[https://lovdata.no/ Lovdata.no] (in NO) - (private foundation)<br />
|-<br />
|English Legislation Database(s):||[https://lovdata.no/register/loverEngelsk Lovdata.no] (partial, unofficial), [https://app.uio.no/ub/ujur/oversatte-lover/cgi-bin/sok.cgi?type=LOV UiO] (partial, unofficial)<br />
|-<br />
|National Decision Database(s):||[https://lovdata.no/ Lovdata.no] (paywall/subscription)<br />
|}<br />
<br />
==Legislation==<br />
===History===<br />
The first major case that the Supreme Court of Norway decided on regarding the right to privacy was ''To mistenkelige personer'' (Two Suspicious Individuals) (Rt-1952-1217) in 1952. The case concerned a movie based on a crime novel, which was based on actual events from 1926. One of the sentenced men filed for an injunction to stop the movie from being published, as he argued that he had served his time for the events depicted, and that the movie would interfere with his right to privacy. The Supreme Court agreed with this view and stopped the publishing of the movie. The ''Sykejournal''-judgement from 1977 (Rt-1977-1035) concerned a patient’s right to access of their medical records, which was granted by the Supreme Court. Both cases were decided on as a matter of unwritten law, and not on the basis of legislation.<br />
<br />
Norway passed the Personal Data Registers Act of 1978, which was in force until the enactment of the Personal Data Act of 2000, which built on Directive EC/95/46.<br />
<br />
===National constitutional protections===<br />
In 2014, human rights inspired by the ECHR was incorporated into the Constitution. The right to privacy now follows from § 102 of the Constitution.<br />
<br />
===National GDPR implementation law===<br />
The national implementation of GDPR follows from the Personal Data Act of 2018 (''personopplysningsloven''), as well as sectorial adjustments in laws regulating, amongst other, patients and healthcare, and police records.<br />
<br />
====Age of consent====<br />
The age of consent is 13 years following § 5 of the Personal Data Act.<br />
<br />
====Freedom of Speech====<br />
For the processing of personal data “exclusively” for journalistic purposes, or for academic, artistic or literary purposes, only [[Article 24 GDPR|Article 24]], [[Article 26 GDPR|Article 26]], [[Article 28 GDPR|Article 28]], [[Article 29 GDPR|Article 29]], [[Article 32 GDPR|Article 32]], and [[Article 40 GDPR|Article 40]]- [[Article 43 GDPR|Article 43]] applies, following § 3.<br />
<br />
====Employment context====<br />
Special categories of personal data can be processed in an employment context when it’s necessary for duties or rights under labour law following § 6.<br />
<br />
====Research====<br />
Personal data can be processed on the basis of [[Article 6 GDPR#1e|Article 6(1)(e)]] if it’s needed for archival in the interests of the public, or for purposes related to scientific or historic research, or statistics following § 8.<br />
<br />
Special categories of data can be processed without consent from the data subject if the processing is necessary for archival purposes in the interests of the public, for purposes related to scientific or historic research, or statistic purposes, and where the interests of society is clearly greater than the interest of the individual following § 9.<br />
<br />
====Other relevant national provisions and laws====<br />
One notable inclusion in the Norwegian implementation is that fake cameras, or signs that gives the impression of an area being monitored, are prohibited if real cameras processing personal data would be prohibited in the same place.<br />
<br />
===National ePrivacy Law===<br />
The Electronic Communications Act implements parts of the ePrivacy Directive, including the placement of cookies which is regulated under § 2-7b. Spam emails are regulated under The Marketing Control Act § 15. In addition, there is a Central Marketing Exclusion Register where consumers can opt-out of marketing, in which case businesses cannot contact them unless certain conditions are met (former consent/request or existing business relationship).<br />
<br />
==Data Protection Authority==<br />
The Norwegian Data Protection Authority (''Datatilsynet'') is the national data protection authority for Norway.<br />
<br />
The Norwegian Communication Authority (''NKOM'') oversees the Electronic Communications Act and is the responsible authority when it comes to, for instance, the placement of cookies or other instances that regards the implementation of the ePrivacy Directive within the Electronic Communication Act. If the cookies constitutes personal data, The Norwegian Data Protection Authority will handle the complaint. <br />
<br />
The Norwegian Data Protection Authority handles complaints filed with them. An appeal can be brought to [https://pvn.no Personvernnemda], an independent administrative body following § 15 of the Personal Data Act. <br />
<br />
→ Details see [[Datatilsynet (Norway)]]<br />
<br />
==Judicial protection==<br />
===Courts===<br />
There is one court system with three instances in Norway - the District Courts (first instance); The Courts of Appeal (second instance); and the Supreme Court (third and last instance). The courts are divided into judicial districts, which is one of several elements that may decide which regional court that gets to decide the case (''verneting'' in Norwegian). Judges in Norway are generalists rather than specialists. As such, there is no specialized chambers in the courts for privacy matters. <br />
<br />
Complaints can be filed directly with the lower instance court pursuant to § 1-3 of the Dispute Act. If the filing concerns the validity of a decision by ''Personvernnemda'', the State act as defendant pursuant to the Personal Data Act § 43(5).</div>10.90.129.130