We have initiated a major oversight effort that includes monitoring 50 municipalities’ safeguarding of privacy and personal data security in digital learning tools for educational purposes.

– We are experiencing that the rapid and extensive digitalization of schools has come at the expense of students’ privacy, says Kristin Skolt, legal advisor at the Norwegian Data Protection Authority.

Will provide relevant and practical guidance

– Unfortunately, the reality today is that there is too little expertise and resources in municipalities to safeguard the privacy of Norwegian schoolchildren. We are concerned that many municipalities do not have an overview of what personal data is processed in the learning tools used in teaching, that sufficient risk analyses have not been carried out and that data processing agreements with suppliers are lacking, says Skolt.

The overall purpose of the audit is to provide municipalities with relevant and practical guidance. Among other things, we will prepare a summary report with the most important findings from the letter inspection, which will be published on our website.  

Supervision in two phases

The inspection will be carried out in two phases. The first phase consists of a letter inspection, where 50 municipalities are required to answer a series of questions about compliance with obligations arising from the data protection regulations. In the second phase, we will, based on the answers we receive in the letter inspections, carry out a smaller number of on-site inspections .

https://www.datatilsynet.no/aktuelt/aktuelle-nyheter-2025/tilsyn-med-skolesektoren-i-kommunene