Guidelines for providers
As a provider of electronic communications services, you are subject to various duties. Here you will receive guidance and information about your obligations as a provider.
Duties for providers
We have summarised the key obligations in the document Guidelines for providers. The summary given in this document is neither complete nor exhaustive, and you as a provider have the responsibility to make yourself familiar with the regulations.
The obligations that apply to providers of electronic communications services derive from the Electronic Communications Act, the Electronic Communications Regulations and the Numbering Regulations.
Different obligations
Some obligations apply to all providers of electronic communications networks and public electronic communications services (ecom providers), while other obligations only apply to providers of public telephone services (telephony providers).
Some obligations apply to all providers of electronic communications networks and public electronic communications services (ecom providers), while other obligations only apply to providers of public telephone services (telephony providers).
If you as a provider do not comply with the obligations, sanctions such as penalties may be imposed. These sanctions are further described in the guidelines.
Nkom supervises that the requirements stipulated in or pursuant to the Act are met, and may impose an order for correction and termination of illegal conditions, or sanctions such as coercive fines, pursuant to the Electronic Communications Act Chapter 10.
Data protection obligations for ecom providers
EU regulation 2016/679 (General Data Protection Regulation (GDPR)) regulates obligations regarding data retention and communication protection. This regulation is incorporated into Norwegian law through the Personal Data Act («personopplysningsloven»). The Norwegian Data Protection Authority can answer general questions regarding duties concerning data protection and legal grounds for processing data.
The Electronic Communications Act sections 2-7 and 2-9 regulates data and communication protection and the providers duty of confidentiality, and safeguards the considerations of the end-user’s confidentiality and data protection. As a general rule the provider may not distribute information which is covered by the legally required obligation of confidentiality.
A specific regulation regarding an obligation for providers for retention of telecommunications data has not yet been implemented into Norwegian law.
More general information regarding GDPR and data protection in the EU can be found at Rules for business and organisations | European Commission (europa.eu)