On January 12, 2024, the Norwegian data protection authority (Datatilsynet) published its three-year strategy (2024-2027) for prioritizing key focus areas in their work to protect privacy in Norway.

In particular, the Datatilsynet outlined, within the strategy, the laws regulating privacy in Norway as well as the privacy principles. In addition, the Datatilsynet reinforced its vision of togetherness to achieve its strategic goals by working together with other authorities, businesses, interest organizations, and citizens.

What are the areas of focus?

Specifically, the Datatilsynet revealed that it had arrived at four key areas, each with subgoals, to use in prioritizing its tasks and work during the strategy period, including:

• society: the Datatilsynet shall promote privacy as a prerequisite for democracy and a fair balance of power;
• businesses: the Datatilsynet must contribute to good privacy protection in practice;
• individual: the Datatilsynet must work to safeguard citizens' privacy; and
• foundation wall: the Datatilsynet must be a knowledge-based, forward-looking, and solid organization.

Furthermore, the Datatilsynet emphasized its role as both reactive by supervising privacy-related laws and regulations and imposing sanctions and proactive by providing guidance and participating in public debate. It also identified three values to work towards, including preparedness, credibility, and future orientation.

What privacy trends were identified?

Finally, the Datatilsynet stated that the strategy identifies some trends and challenges that it believes will affect privacy in the years to come, including:

• threats to privacy rise with authoritarianism, invasive surveillance, and cyber attacks.
• artificial intelligence (AI) integration across all sectors amplifies data tracking and control by tech giants, raising concerns about bias and power imbalances;
• stricter data regulations like the GDPR and upcoming EU directives aim to tame tech giants and promote responsible digitization;
• AI and other technologies bring business opportunities but also concerns about data security, complexity, and dominance by global players;
• authority monitoring is still a challenge, and balancing public safety with individual privacy remains a struggle as authorities seek broader data access; and
• extensive monitoring risks a cooling effect on free expression and participation in a digital society.

You can read the press release here and the strategy available to download here, both only available in Norwegian.