Flag of NO

Privacy Regulations in Norway

3 privacy and data protection regulations that apply in Norway

All Regulations

Europe3

GDPR
EU + EEA
Flag of ATFlag of BEFlag of BG+27
Opt-inSupranational

The GDPR sets the global standard for data protection, requiring explicit opt-in consent before processing personal data of EU/EEA residents. For websites, non-essential cookies must be blocked until visitors actively consent. Pre-ticked boxes and implied consent are invalid.

ePrivacy Directive
EU + EEA
Flag of ATFlag of BEFlag of BG+27
Opt-inSupranational

Article 5(3) of the ePrivacy Directive is the primary EU legal basis requiring cookie consent. It mandates prior informed consent before storing or accessing any information on a user's device, with narrow exceptions only for transmission necessity and explicitly requested services.

Norwegian E-Com Act
Norway
Flag of NO
Opt-in

Norway's January 2025 amendment to Ekomloven marked a major shift from tolerating passive consent to strict opt-in. Pre-ticked boxes and browser settings are now explicitly invalid. Accept and reject options must have equal prominence. Datatilsynet sanctioned 6 websites for tracking pixel violations.