The Norwegian Consumer Council and noyb filed a complaint against Schibsted for its 'Pay or Okay' system, which forces users to consent to tracking or pay a fee. The complaint argues this violates GDPR's requirement for freely given consent, and the Norwegian DPA is asked to declare the practice illegal and impose fines.
No articles specifically tagged for Norway yet. Check our blog for general compliance coverage.
Norway's Prime Minister announced plans to introduce a bill banning children under 16 from using social media, requiring tech companies to implement age verification tools. The ban would take effect on January 1 of the year the child turns 16, but passage is uncertain due to lack of parliamentary majority.
Norway is implementing a phased B2B e-invoicing mandate with mandatory sending requirements starting January 1, 2027, followed by full digital bookkeeping requirements from January 1, 2030. The mandate uses a Peppol-based exchange model with Norway's EHF standard and ELMA recipient registry, requiring businesses to adapt their systems for structured electronic invoicing.
The Norwegian Data Protection Authority has imposed a €9.63 million fine on Grindr for GDPR violations involving illegal sharing of sensitive user data with adtech companies without valid consent. This enforcement action establishes strict legal requirements for consent mechanisms and third-party data sharing in the adtech industry, signaling increased regulatory scrutiny.
The Norwegian Data Protection Authority has fined Grindr €6.34 million for GDPR violations involving illegal sharing of sensitive personal data without valid consent. This enforcement action establishes that personal data cannot be used as currency to pay for digital services and challenges behavioral advertising business models that rely on invalid consent mechanisms.
The Norwegian Data Protection Authority has imposed a temporary ban on Meta's use of behavioral advertising on Facebook and Instagram, effective August 4, 2023 for at least three months. This enforcement action follows CJEU and EDPB rulings declaring Meta's GDPR approach illegal, with potential fines of up to NOK 1 million per day for non-compliance.
A Norwegian court has confirmed a €5.7 million fine against Grindr for GDPR violations involving the sharing of sensitive user data with advertisers without proper consent. This enforcement action reinforces strict GDPR application for sensitive data processing and serves as a precedent for digital advertising practices. Companies handling sensitive personal data must ensure transparent consent mechanisms and lawful processing to avoid similar penalties.
The Norwegian Privacy Appeals Board has confirmed a €5.8 million fine against dating app Grindr for GDPR violations involving illegal sharing of sensitive personal data with third parties for surveillance-based advertising. This enforcement action signals increased regulatory scrutiny of data sharing practices in mobile apps and highlights serious consequences for unauthorized commercial use of personal data.
The Norwegian Ministry of Finance has directed Norges Bank Investment Management (NBIM) to implement enhanced due diligence requirements during the suspension of its ethical framework, with armed conflict identified as a priority area. This reflects regulatory pressure on institutional investors to maintain rigorous human rights compliance and risk assessment processes even when formal frameworks are temporarily suspended.