Select your nation of interest

Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:

News

Home / News
/
NORWEGIAN SUPERVISORY AUTHORITY: sanction to Basaren Drift AS

NORWEGIAN SUPERVISORY AUTHORITY: sanction to Basaren Drift AS

The Norwegian Data Protection Authority has sanctioned Basaren Drift AS with a fin of 200.000 NOK of having breached the privacy ordinance. The case refers to the video surveillance with video cameras in restaurants premises.

The privacy ordinance requires that each personal data processing has a legal basis. After having investigated on a complainant on the video surveillance with video cameras in restaurants premises, the assessment of the Data Inspectorate is that the Bazaar has not a legal basis for the inner vigilance.

In addition, the Data Inspectorate has ended that the society has not provided sufficient information on the control and that the society has not valid signals.

Illegal surveillance with video cameras

Lawfulness and transparency principles on the personal data protection are basic and the breach of those principles are serious.

In this case, we have, among other things, considered that video cameras of surveillance have registered more than necessary into restaurant premises and that there was no need to control 24/24.

Answers for a fee

The Data Inspectorate considers that the case is so serious that it is necessary reply with a penal sanction. It is underlined that the video surveillance with video cameras has interested both employees and all the guests of the restaurant.

Everyone has the privacy right, and this also applies when we are working. There are strict conditions that need to be fulfilled in order to control with a video camera, especially in a working place.

In this case, we have underlined that the illegal video surveillance of video cameras has recorded employee. In addition, we underlined that video cameras record seating of guests into the restaurant.

Guests of a restaurant have a legitimate expectation of not being recorded while they are eating. In relaxed, leisure and socialization premises the privacy consideration of guests must weight a lot.

The fine is calculated after a complete assessment, among the other thing, of the seriousness of the breach and finances of the society.

Basaren Drift AS has a period of appeal of three weeks since the reception of the decision.

SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DELLA NORVEGIA

Team Privacy & Data Protection
21 April 2021

Recommended to you

Apple: 0-day detected in WebKit rendering engine (AL02/250312/CSIRT-ITA)

12 March, 2025

Adobe: Security Updates (AL03/250312/CSIRT-ITA

12 March, 2025

Joomla! Updates (AL04/250312/CSIRT-ITA)

12 March, 2025

HONG KONG SUPERVISORY AUTHORITY: Publishes Investigation Findingson the Data Breach Incident of the Companies...

12 March, 2025

Zoom Vulnerability (AL05/250312/CSIRT-ITA)

12 March, 2025

Laravel: Public PoC for CVE-2024-13919 Exploitation (AL06/250312/CSIRT-ITA)

12 March, 2025

Resolved vulnerabilities in Cisco products (AL07/250312/CSIRT-ITA)

12 March, 2025

ROMANIAN SUPERVISORY AUTHORITY: Sanction for violation of the GDPR

12 March, 2025

Schneider Electric: Vulnerabilities discovered in various products (AL03/250311/CSIRT-ITA)

11 March, 2025

Siemens Product Updates (AL04/250311/CSIRT-ITA)

11 March, 2025

Ivanti March Security Update (AL05/250311/CSIRT-ITA)

11 March, 2025

Fixed vulnerabilities in Google Chrome (AL06/250311/CSIRT-ITA)

11 March, 2025

ROMANIAN SUPERVISORY AUTHORITY: Sanction for violation of the GDPR

11 March, 2025

Vulnerabilities discovered in Fortinet products (AL07/250311/CSIRT-ITA)

11 March, 2025

LATVIAN SUPERVISORY AUTHORITY: Can my personal data be transferred to extrajudicial debt collection or...

11 March, 2025

CROATIAN SUPERVISORY AUTHORITY: A new coordinated action by the EDPB has begun: the right...

11 March, 2025

CISCO Product Updates (AL01/230112/CSIRT-ITA)

10 March, 2025

HONG KONG SUPERVISORY AUTHORITY: A Female Arrested for Suspected Doxxing Arising from Online Shopping Dispute

10 March, 2025

Vulnerability in QNAP Products (AL01/250310/CSIRT-ITA)

10 March, 2025

ICELANDIC SUPERVISORY AUTHORITY: Information obligation for automated decision-making

7 March, 2025

Advanced Research