The Norwegian Consumer Council made waves in early 2021 after its complaint to Norway's data protection authority, Datatilsynet, against Grindr resulted in an intention to fine the company $12 million, the highest fine ever levied by the nation’s DPA. The fine amounts to 10% of the company’s annual global turnover. Grindr has now responded to the proposed enforcement action, arguing it has refined its consent mechanism and believes the DPA will find Grindr is committed to complying with the EU General Data Protection Regulation. The NCC has long worked with other advocacy organizations to bring protections and awareness for consumers around privacy issues in the marketplace. In 2018, they released an in-depth report on “dark patterns” to demonstrate how companies nudge users into making decisions that may not always be in their best interest. IAPP Editorial Director Jedidiah Bracy, CIPP, recently caught up with the NCC’s Finn Myrstad to discuss the NCC's case against Grindr and, more broadly, what companies can do to avoid using dark patterns at the expense of their users.
23 March 2021
Finn Myrstad on privacy case against Grindr, 'dark patterns'
Related stories
Notes from the Asia-Pacific region: NZ OPC calls for 'doing privacy well'
Italy updates National Cybersecurity and Data Protection Framework
Notes from the IAPP Europe: The month of consultations — time to provide input on shaping Europe's digital future
Vietnam's data protection laws: The basics and beyond
GDPR matchup: Australia's Privacy Act 1988
This article is eligible for Continuing Professional Education credits. Please self-submit according to CPE policy guidelines.