Database

Browse Database

NORWAY

N/A

Pillar Online sales and transactions  |  Sub-pillar Adoption of UNCITRAL Model Law on Electronic Signature
Lack of adoption of UNCITRAL Model Law on Electronic Signatures
Norway has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.
Coverage Horizontal

NORWAY

N/A

Pillar Online sales and transactions  |  Sub-pillar Ratification of the UN Convention of Electronic Communications
Lack of signature of the UN Convention on the Use of Electronic Communications in International Contracts
Norway has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.
Coverage Horizontal

NORWAY

N/A

Pillar Online sales and transactions  |  Sub-pillar Adoption of UNCITRAL Model Law on Electronic Commerce
Lack of adoption of UNCITRAL Model Law on Electronic Commerce
Norway has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.
Coverage Horizontal

NORWAY

Since July 2002

Pillar Online sales and transactions  |  Sub-pillar Framework for consumer protection applicable to online commerce
Act Relating to Consumer Purchases (2002)
The Act Relating to Consumer Purchases (2002) complies with EU Directive 2011/83/EU (Consumer Rights), implementing strong consumer protections in Norway. The act mandates inter alia that the seller must provide a cancellation period, includes a description of how and what sales contracts should include, and specifies that the seller must provide contact information.
Coverage Horizontal

NORWAY

Since June 2018

Pillar Online sales and transactions  |  Sub-pillar Framework for consumer protection applicable to online commerce
Act on Electronic Trust Services (2018)
The Act on Electronic Trust Services (2018) implements EEA Agreement Annex XI Electronic communications, audiovisual and information society services (Regulation (EU) No 910/2014 ) in Norway. The Act provides the legal basis for electronic trust services and e-signatures.
Coverage Horizontal

NORWAY

Since 2018

Pillar Online sales and transactions  |  Sub-pillar Local presence requirement for digital services providers
Act on the processing of personal data (Personal Data Act)
The Act on the processing of personal data (Personal Data Act) implements the General Data Protection Regulation (GDPR) of the European Union in Norway. Art. 27 of the GDPR requires a local representative for data controllers or processors not established in the EU.
Coverage Horizontal

NORWAY

Since November 2003

Pillar Online sales and transactions  |  Sub-pillar Restrictions on domain names
Requirements for registration of Norwegian domain names
Only Norwegian organizations and private individuals over the age of 18 can subscribe to a Norwegian domain name. Organisations must be registered with the Central Coordinating Register for Legal Entities (Enhetsregisteret), and individuals must be registered in the National Population Register with a national identity number. Further, all subscribers must have a Norwegian postal address.
Coverage Horizontal

NORWAY

Reported in 2021

Pillar Online sales and transactions  |  Sub-pillar Threshold for ‘De Minimis’ rule
Low de minimis threshold
It is reported that the de minimis threshold, that is the minimum value of goods below which customs do not charge duties, is USD 40. However, there is exception to this rule that comes from the VAT on E-Commerce (VOEC) scheme. Under this scheme, online retailers who export more than 50,000NOK (approx. 4600 USD) worth of low-value goods (less than 3000 NOK, approx. 280 USD) into Norway annually are exempt from paying customs duty and instead must charge VAT at point-of-sale and register with the Norwegian Tax Administration, as if they were a Norwegian retailer. In effect, this creates a de minimis threshold of 3000 NOK for which customs duties are no longer imposed.
Coverage Horizontal

NORWAY

Since March 2017

Pillar Technical standards applied to ICT goods, products and online services  |  Sub-pillar Self-certification for product safety
Regulations on electromagnetic compatibility (2017)
The Regulations on electromagnetic compatibility (2017) implement Directive 2014/30/EU of the European Parliament and of the Council in Norway. Chapter 4 establishes a self-certification mechanism which is detailed fully in Annex II of the regulations.
Coverage Electromagnetic capability technologies

NORWAY

Since June 2013

Pillar Quantitative trade restrictions for ICT goods, products and online services  |  Sub-pillar Export restrictions on ICT goods, products and online services
Regulations relating to the Export of Defence-Related Products, Dual-Use Items, Technology and Services
The Regulations relating to the Export of Defence-Related Products, Dual-Use Items, Technology and Services harmonises Norway's export controls with those of the European Union by subscribing to the European Dual Use Export Control Annex. The Annex identifies a range of dual-use items that face either authorization requirements or outright bans for exportation outside of the EU.
Coverage Dual-Use items

NORWAY

Reported in 2021

Pillar Intermediary liability  |  Sub-pillar User identity requirement
Mandatory SIM card registration
It is reported that Norway imposes identity requirement for SIM registration. Anyone wanting to purchase a SIM card has to provide their national ID card, or a passport in case of foreigners, to activate a new prepaid SIM card.
Coverage Horizontal

NORWAY

Since July 2003

Pillar Intermediary liability  |  Sub-pillar Safe harbor for intermediaries for any activity other than copyright infringement
Act on certain aspects of electronic commerce and other information society services (e-commerce law)
The Act on certain aspects of electronic commerce and other information society services (e-commerce law) implements Directive 2000/31/EC (E-Commerce Directive), establishing a conditional safe harbour for Internet Service Providers (ISPs) in Norway. The limitations on liability in the Directive apply to certain clearly delimited activities carried out by internet intermediaries, rather than to categories of service providers or types of information. These are caching, conduiting and hosting (Sections 16–18), while Section 19 releases ISPs from monitoring obligations.

In addition, ISPs are responsible for illegal content (including copyright infringement) if they obtain knowledge or awareness that such content is present and do not expeditiously remove or disable access to the content. As a result, many ISPs have proactively introduced user agreements to allow them to remove any controversial content – including content that is not necessarily illegal – in order to protect themselves from liability. Finally, Norway is obliged to implement Directive 2019/790 on Copyright in the Digital Single Market, however it has not yet done so as of May 2022.
Coverage Internet service providers

NORWAY

Since July 2003

Pillar Intermediary liability  |  Sub-pillar Safe harbor for intermediaries for copyright infringement
Act on certain aspects of electronic commerce and other information society services (e-commerce law)
The Act on certain aspects of electronic commerce and other information society services (e-commerce law) implements Directive 2000/31/EC (E-Commerce Directive), establishing a conditional safe harbour for Internet Service Providers (ISPs) in Norway. The limitations on liability in the Directive apply to certain clearly delimited activities carried out by internet intermediaries, rather than to categories of service providers or types of information. These are caching, conduiting and hosting (Sections 16–18), while Section 19 releases ISPs from monitoring obligations.
In addition, ISPs are responsible for illegal content (including copyright infringement) if they obtain knowledge or awareness that such content is present and do not expeditiously remove or disable access to the content. As a result, many ISPs have proactively introduced user agreements to allow them to remove any controversial content – including content that is not necessarily illegal – in order to protect themselves from liability. The Ministry of Culture is working on the implementation of the Directive 2019/790 on Copyright in the Digital Single Market.
Coverage Internet service providers

NORWAY

Since July 2018

Pillar Domestic Data policies  |  Sub-pillar Requirement to perform an impact assessment (DPIA) or have a data protection officer (DPO)
Act on the processing of personal data (Personal Data Act)
The Act on the processing of personal data (Personal Data Act) implements the General Data Protection Regulation (GDPR) of the European Union in Norway. The GDPR requires that organizations conducting "regular and systematic monitoring of data subjects on a large scale" or whose activities include the processing of sensitive personal data on a large scale, must appoint a Data Protection Officer (DPO).
Coverage Horizontal

NORWAY

Since July 2018

Pillar Domestic Data policies  |  Sub-pillar Requirement to perform an impact assessment (DPIA) or have a data protection officer (DPO)
Act on the processing of personal data (Personal Data Act)
The Act on the processing of personal data (Personal Data Act) implements the General Data Protection Regulation (GDPR) of the European Union in Norway. Under the GDPR, Data Protection Impact Assessments (DPIAs) are mandatory for data processing activities likely to result in a high risk to the rights and freedoms of natural persons.
Coverage Horizontal