Privacy Laws

Norway's data protection in comparison to the GDPR

The Norwegian flag with a fjord background
© Chris / | #271638968

General overview

Norway, although not a member of the EU, is a part of the European Economic Area (EEA). The General Data Protection Regulation (GDPR) was incorporated into the EEA agreement and became applicable in Norway on July 20, 2018. This means that Norway is bound by the GDPR in the same manner as EU Member States. The GDPR aims to give people more control over their personal data and create a level playing field for businesses.

GDPR opening clauses

The GDPR came into effect in the EU on May 25, 2018, and was incorporated into the EEA agreement, making it applicable in Norway from July 20, 2018. This incorporation ensures that there is one set of data protection rules for all companies operating in the EU/EEA, regardless of their location.

Key differences and national specifics

Norway does not have significant differences in its data protection laws compared to the EU GDPR. Being a member of the EEA, Norway is obligated to follow the GDPR in the same way as EU Member States. This ensures uniformity in data protection regulations, benefiting both individuals and businesses.


Norway's data protection regulations are closely aligned with the EU's GDPR due to its membership in the EEA. This ensures that individuals have control over their personal data and businesses operate under a unified set of data protection rules. Therefore, companies and individuals dealing with Norway can expect a regulatory environment similar to that of the EU.