Data Protection

  • Data Protection

    2019

    Google and Apple asked to provide better information on the use of personal data

    A recent initiative co-ordinated by the Norwegian and Dutch consumer associations has asked Google and Apple to respectively provide better information to their users.

  • Data Protection

    2019

    The UK prepares for Data Protection after Brexit: Two New Regulations

    When the UK leaves the EU, the General Data Protection Regulation (GDPR) will no longer be directly applicable in the UK. Two new sets of regulations have therefore been recently promulgated by the British Parliament to retain, as much as possible, the status quo and are meant to come into effect upon the UK's withdrawal from the EU. Both sets of regulations were issued pursuant to the UK's European Union (Withdrawal) Act 2018.

  • Data Protection

    2019

    Two recent decisions of the Norwegian Privacy Appeals Board

    The Norwegian Data Protection Authority (NDPA) has a broad set of powers, including the power to deliver warnings, reprimands or impose fines on data controllers and processors for non-compliance with the new Personal Data Act and the GDPR. As the new Personal Data Act and the GDPR only recently came into force, there are not yet many decisions based on the new legal regime. However, some of the recent NDPA decisions were appealed to the Privacy Appeals Board (PAB) and the appeal decisions have referred to the new legislation. Two such recent decisions respectively concern the data subject's right to object to processing and the right to erasure.

  • Data Protection

    2019

    List of processing operations where a DPIA is always required

    The Norwegian Data Protection Authority has recently published a list of processing operations that shall always require a data protection impact assessment (DPIA) pursuant to article 35(4) of the General Data Protection Regulation (GDPR).

  • Data Protection

    2018

    Are we entitled to know what the robots are thinking?

    When Hermon Melles (26) planed his master's thesis he decided to find a research topic that included both his major interests: law and technology. While writing his thesis at the offices of Wikborg Rein he has been given the opportunity to converse with some Norway's most competent lawyers within data protection and technology.

  • Data Protection

    2018

    Har vi rett til å få vite hva robotene tenker?

    Da Hermon Melles (26) begynte å planlegge masteroppgaven sin, fant han en problemstilling i skjæringspunktet mellom hans store interesser: jus og teknologi. Med skriveplass hos Wikborg Rein får han jevnlig sparre med noen av landets mest digitale advokathoder.

  • Protection of privacy

    2018

    Identification and mapping of processing activities (Part 1)

    With less than a year until the General Data Protection Regulation (GDPR) enters into application, many companies are investigating the extent to which they are compliant as well as identifying what tasks need to be performed to enable them to become compliant by then.

  • Protection of privacy

    2018

    Implementing the GDPR in Norway

    The General Data Protection Regulation (GDPR) starts to apply within the European Union (EU) from 25th May 2018. Since the GDPR is an EU regulation, it will have direct applicability and direct effect in all EU member states as from that date. Norway, however, is not an EU member state but a member of the European Economic Area (EEA) and a different procedure therefore applies before the GDPR can become part of Norwegian law.

  • Protection of privacy

    2018

    Identification and mapping of processing activities (Part 2)

    In the first part of this article, we examined the controller's obligation to keep records of processing activities pursuant to Article 30 of the GDPR. In this second part, we focus on the data processor's obligations to keep such records.

  • Protection of privacy

    2018

    The WP29 Opinion 2/2017 on data processing at work

    Article 29 Working Party (WP 29), consisting of data protection authorities from all EU and EEA states and the European DP Supervisor, has recently issued an Opinion 2/2017 on data processing at work ("the Opinion").