The Norwegian Data Protection Authority announces an investigation into news revelations – news Norway – Overview of news from different parts of the country

news has revealed that an online pharmacy shared with Facebook that customers were looking at chlamydia tests. And that three help services shared information about what users did on their websites. – In our opinion, these are very serious examples and cases of the spread of sensitive personal data, says the Norwegian Data Protection Authority’s director Line Coll. – Based on the revelations made by news, we have chosen to follow up these cases more closely. We do that by going to inspections, says Coll. SHARED DATA: An online pharmacy shared that users were looking at products such as Viagra and emergency contraception. Illustration: Martin Gundersen The notified inspection will start in the new year. Coll does not want to say who they will look into in more detail in the cards, but it will not target any of the organizations mentioned by news. – Notifying supervision without specifying who or in which industries has a clear signaling effect that we are going to go broad. We want as many people as possible to have cleaned up before we arrive. The Norwegian Data Protection Authority says that they will investigate websites’ use of tracking technology such as the Facebook Pixel. The consequences of the inspection can be fines or an order to stop data sharing. In the spring, the authority urged all websites to review their use of tracking technology and this summer they published a guide on the subject. Criticizes Meta for lack of transparency – How problematic is it that websites share sensitive data with Meta? – From our point of view, it is very problematic, at least when the websites themselves are not clear that they are sharing the data. That is often the case, says Coll. TRACKING FOR ADVERTISING: Meta offers tracking technology to websites and apps so they can advertise more effectively on Facebook and Instagram. In addition, Meta can use the information they receive to “customize functions and content” inside and outside Meta’s platforms. Photo: Martin Gundersen Coll believes it is difficult for Norwegian companies to understand what they are agreeing to by using tracking tools from Meta. – On the question of whether we are confident in how Meta generally processes personal data, one of the problems is that we do not know enough. They are not open about it, nor are they able to communicate it clearly enough to us as supervisory authorities, customers or users of the service. Meta, the company that owns Facebook and Instagram, does not want to comment on the authority’s statements. In an earlier reply to news, the company has said that this is the website’s responsibility. – We have been clear in our guidelines that marketers should not send us sensitive information about people through our company tools, wrote spokesperson Emil Vazquez in Meta. Positive for the Norwegian Data Protection Authority Secretary General Tove Gundersen in the Council for Mental Health is positive that the Norwegian Data Protection Authority announces that it will investigate the use of tracking technology. ASK FOR HELP: – Remember that if you are in acute danger, it will mostly pay off to ask for help, advises Tove Gundersen of the Council for Mental Health Photo: Patrick da Silva Sæther – If you live in hiding, in the closet or from various reasons not wanting to share deeply private secrets with your own environment, an anonymous help service can be what gives you a valve and balance in a chaos that takes time to resolve, says Gundersen. – Then we cannot be at the mercy of insecure systems for sensitive information that do not satisfy privacy concerns. Gundersen believes that the investigations will make the help services safer by drawing more attention to the topic and that new errors may be uncovered. – I think this is a positive consequence of an unfortunate case, says Gundersen, who leads an umbrella organization with 34 members in the field of mental health. – It must be felt as safe to share one’s history and private information. At the same time, mistakes can happen, and here it can hit in the worst possible way – namely by people stopping asking for help because they fear exposure. Gundersen encourages everyone to use the help services instead of burning inside with a need for help. Need someone to talk to? Several crisis services can be reached by telephone. Mental Health: 116 123 (open 24 hours a day) The Church’s SOS: 22 40 00 40 (open 24 hours a day) Red Cross: 800 33 321 (open between 14 and 22 all days, between 16 and 22 on public holidays) The Relatives Centre’s helpline: 90 90 48 48 (open between 10 a.m. and 5 p.m. on weekdays) Emergency call centre: 116 117 (for immediate help, open 24 hours a day) – There are many people who need to sharpen their skills – What we know from Sweden and Denmark is that public attention and getting it on the agenda means that fewer ducks with using tracking tools, says director Tore Tennøe at the Technology Council. POSITIVE: Tore Tennøe is normally exclusively critical in matters of tracking technology, but is positive about the Danish Data Protection Authority’s statements. Photo: Martin Gundersen He thinks it is good that the Norwegian Data Protection Authority is going wide. The Norwegian Technology Council’s investigations show that many websites in the public sector use tracking technology. – There are many people who need to sharpen up, says Tennøe about the current situation. The websites removed tracking – We are positive that the authorities are directing an increased spotlight on advertising technology and privacy, says marketing manager Hanne Kjærnes at Farmasiet. The online pharmacy shared information about what users looked at and added to the shopping cart with Facebook. After news made contact, Farmasiet removed the tracking technology from Facebook. The three help services that had shared information did the same. SHARED DATA: Church SOS shared that users visited their website and that users used a less used service called “SOS Melding”. The content of the conversations was never shared. Photo: Frode Fjerdingstad / news Secretary General Lasse Heimdal of Church SOS says that they take users’ privacy and data security very seriously. The help service has asked an external company to investigate their website and they have taken the initiative to arrange a seminar with several other organizations on the subject. – It is very demanding for voluntary organizations to keep abreast of how international actors track data from both private individuals and businesses. Stronger support from the authorities for organizations with limited resources will therefore be greatly welcomed, writes Heimdal.



ttn-69