The World Law Group
Find a Firm: Jurisdiction or Firm Name
Find a Person: Directory

Norway: Open Data Directive

By Øyvind Eidissen

In June 2019, the EU adopted Directive 2019/1024 on open data and the re-use of information from the public sector (the "Open Data Directive"). The purpose of the Open Data Directive is to promote the use of public data and stimulate the innovation of products and services. The proposed implementation of the Open Data Directive in Norwegian law is currently under public consultation.

On 7 April 2022, the Norwegian Ministry of Local Government and Regional Development (the "Ministry") submitted a proposal for the implementation of the Open Data Directive into Norwegian law for public consultation.

The Open Data Directive replaces existing EU directives on the re-use of public information which have been incorporated into the Norwegian Freedom of Information Act (offentleglova) with regulations. The Open Data Directive sets out a set of minimum rules for the re-use of public information and schemes to promote the re-use of such information. System critical information (sensitive data) is not covered by the Open Data Directive.

The Open Data Directive brings the EU's legal framework up to date with developments in digital technology, such as artificial intelligence.

The Open Data Directive also aims to strengthen the EU's digital economy, which more specifically aims to:

  • reduce market access barriers, especially for small and medium-sized enterprises, by limiting the exemptions which allow public bodies to charge for the re-use of their data beyond the marginal costs;
  • increase the availability of data by bringing new types of public and publicly funded data within the scope of the directive, such as data from public enterprises within the supply and transport sector and publicly funded research data;
  • minimize the risk of exaggerated first-mover advantages, e., the benefits of being first in the market, for example when dealing with new forms of exclusive rights agreements which may benefit large companies and limit the number of potential re-users of the relevant data; and
  • increase business opportunities by encouraging the dissemination of dynamic data via application programming interfaces (APIs).

The harmonization of rules and practices across national borders shall help to achieve these goals.

The most important changes introduced by the Open Data Directive are as follows:

  • The Open Data Directive introduces the concept of "high-value datasets", which are subject to certain rules for re-use. Such high-value datasets shall be available via APIs or via bulk download. As a rule, access shall be free of charge. For public bodies with earnings requirements, a two years transitional period is introduced. A specification of the available "high-value datasets" is expected to be adopted by the EU during 2022.
  • Special delivery requirements are introduced for so-called "dynamic data", which shall be made available via adequate technical solutions (for example, APIs) or as mass downloads (bulk downloads).
  • The scope of the Open Data Directive is extended to include public enterprises within the supply sector (e.g., electricity, gas, and water suppliers) and the transport sector, where the government or the municipality may exercise a dominant influence in the provision of services which are of public interest.
  • The scope is also extended to include publicly funded research data, which is aimed at researchers, research organizations, and research funding organizations.
  • The requirements for transparency and review of existing exclusive rights agreements ("data lock-in") are extended.
  • The relationship between the Open Data Directive and other EU regulations and directives are clarified, in particular the relationship between the Open Date Directive and the EU General Data Protection Regulation (the "GDPR"). The Open Data Directive emphasizes that it does not affect the privacy requirements provided under the GDPR. This means, i.a., that the re-use of personal data is only permitted if the GDPR's general principles of purpose limitation and data minimization have been followed.
  • Countries must now publish a complete list on the internet of the public bodies which may require payment beyond the marginal cost involved for the public to access public data. Some exemptions to this principle have been continued from previous directives. It is specified that the cost of anonymizing personal data, and measures taken to protect commercially confidential information, can be included as part of the marginal cost.

The Ministry has explained that a committee will be appointed to look at a more comprehensive way to regulate the re-use of public information. However, as it will take some time before this committee will deliver its report, the Open Data Directive will first be implemented into Norwegian law through amendments to the Norwegian Freedom of Information Act with regulations.

Some of the changes introduced by the Open Data Directive are already included in the Norwegian Freedom of Information Act with regulations. For example, the extension of the directive's scope to include public enterprises in the supply and transport sector, as well as publicly funded research data, is already covered. However, there is still a need for adjustments to Norwegian law and regulations, as the Open Data Directive has established new rules for certain types of data and documents. Furthermore, the Ministry's consultation memorandum proposes differing payment rates to access the public data for which payment can be demanded.

The consultation deadline is 5 July 2022. For any questions concerning the proposed implementation of the Open Data Directive into Norwegian law, please do not hesitate to contact us.

This article is intended to be a general summary of the law and does not constitute legal advice. Consult with counsel to determine applicable legal requirements in a specific situation.