Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:


Home / News
NORWEGIAN SUPERVISORY AUTHORITY: consultation response on investigations at the Norges Bank

NORWEGIAN SUPERVISORY AUTHORITY: consultation response on investigations at the Norges Bank

The Norwegian Data Protection Authority has provided some comments on the draft regulation on the achieving of a police certificate, information on debt and credits when working or serving for Norges Bank.

Consultation response on investigations at the Norges Bank

The proposal means that Norges Bank will have the opportunity to carry out a new processing of many personal data of its employee and other people who have the access at the Bank’s premises without consequences. This is particularly true for information on debts and crimes, which both includes personal data that need protection in which the collection is frequently pursued as inconvenience with data subjects.

The assessment of the Data Inspectorate is that a lot of changes proposed have consequences for the privacy that ask for deep assesses.

Comments of the Data Inspectorate into the proposal

  • The list of crimes that need to be written in the police certificate is ampliated in relation to the applicable legislation. The Data Inspectorate considers that there is not enough importance between breaches of the road traffic Law, article 31, and the penal code, articles 191-194 and articles 299-301, and security challenges in Norges Bank that justify the need of a police certificate.
  • It is mention also that information of the debt information register shall not be part of basic investigations, because they are not in compliance with the purpose of the debt information legislation. The Authority has frequently warned against the danger of purpose disclosure when collecting citizens ‘ debt information in a debt information company, and believe it is unfortunate that the purpose of the debt Information Act is extended through special legislation.
  • Those to whom the regulations apply today, are proposed extended to a larger circle of people. The Norwegian Data Inspectorate believes that it is not proportionate that Norges Bank will have the opportunity to conduct such extensive background surveys by other than its employees.

Personal data worthy of protection

The Data Inspectorate asks for a clarification on when Norges Bank has the access to obtain a police certificate and debts information, that will create more predictability for data subjects and for those one will carry out assessments.

Shortly, the Data Inspectorate considers that Norges Bank interests in obtaining this personal information are not over the privacy consequences that a wider recollection of personal information worthy of protection involve.

Data Inspectorate consulation responce:



Recommended to you

Advanced Research