-
What are the privacy risks associated with communicating through a Page on Facebook? And what kind of responsibility for the processing of personal data may we have as the owner of a Page? We have carried out a risk assessment and a DPIA of Facebook, based on the obligations that follow from data protection regulations.
-
The Norwegian Data Protection Authority has issued a fine in the amount of NOK 50,000.
-
The Norwegian Data Protection Authority has reprimanded an enterprise for breach of the General Data Protection Regulation’s (GDPR) requirements concerning information about and access to one’s own personal data.
-
Are you struggling with privacy regulations related to artificial intelligence? In a way, the DPA does the same. Because in such a recent field, there is little case law to refer to. The technology is at the forefront of law. But the Data Protection Authority's sandbox for responsible artificial intelligence can provide mutual help.
-
The Norwegian Data Protection Authority has imposed a NOK 500,000 fine on Moss Municipal Council for failing to adequately protect personal data. The error has been corrected and the case closed.
-
The Norwegian Data Protection Authority’s inspection of Oslo University Hospital (OUH) reveals that the hospital cannot document satisfactory control of patient data when the hospital needs laboratory services from other countries.
-
The Norwegian Data Protection Authority has fined Innovation Norway EUR 100,000 (NOK 1,000,000). The matter concerns a credit rating without a legal basis for processing.
-
The Norwegian Data Protection Authority has ordered the company Smartere Utdanning AS to improve its solution for obtaining consent in order to comply with the requirements of the General Data Protection Regulation (GDPR).
-
The Norwegian Data Protection Authority has fined BRAbank EUR 40,000 (NOK 400,000) for violation of the General Data Protection Regulation (GDPR). This case concerns insufficient risk assessment and testing in connection with the launch of a customer portal for banking services.
-
The background for this case is a complaint from a former employee who discovered that their former employer had accessed their e-mail account.
-
The Norwegian Data Protection Authority has fined the Municipality of Oslo EUR 40,000 (NOK 400,000) for making documents containing sensitive personal data public.
-
The Norwegian Data Protection Authority has fined the Norwegian Confederation of Sport (NIF) EUR 125,000 (NOK 1,250,000) for a GDPR violation. The backdrop for this case is that personal data about 3.2 million Norwegians was available online for 87 days as a result of an error in connection with testing of a cloud computing solution.
-
The Norwegian Data Protection Authority has fined Basaren Drift AS EUR 20,000 (NOK 200,000) for a GDPR violation. The case relates to CCTV surveillance of restaurant premises.
-
The Norwegian Data Protection Authority has fined Asker municipality EUR 100,000 (NOK 1,000,000). The Municipality was fined for publishing confidential personal data and National Identity Numbers (NID) on its website.
-
The Norwegian Data Protection Authority has fined the company Miljø- og Kvalitetsledelse AS EUR 3,500 (NOK 35,000) for illegal distribution of personal data from camera recordings.
-
The Norwegian Data Protection Agency has fined the power company Dragefossen AS EUR 15,000 (NOK 150,000). The fine was imposed after the company put the city centre of Rognan under CCTV surveillance and live-streamed the images without legal basis.
-
The Norwegian Data Protection Authority has fined Ålesund municipality EUR 5,000 (NOK 50,000) for its use of the fitness app Strava.
-
A business has been fined EUR 25,000 (NOK 250,000) for illegal forwarding of an employee's e-mails. The name of the business has been withheld from public disclosure to protect the identities of its employees.
-
The Norwegian Data Protection Authority has fined an organization EUR 40 000 (NOK 400,000) for unlawfully setting up automatic forwarding of an employee’s e-mails.
-
The Norwegian Data Protection Authority has fined Cyberbook AS EUR 20 000 (NOK 200,000) for unlawfully setting up the automatic forwarding of a former employee’s e-mails.