University of Agder – €12,700 Fine (Norway, 2024)

€12,700Datatilsynet (Norway)4 September 2024Norway
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Norway's data protection authority fined the University of Agder €12,700 for not protecting personal data stored in open Microsoft Teams folders. This is important because it shows that universities and organizations must take data security seriously to protect sensitive information. Businesses should review their data protection measures to avoid similar issues.

What happened

The University of Agder was fined for allowing personal data to be accessed by employees who did not need it for their work.

Who was affected

Employees, students, and external individuals whose personal data was stored in the open folders.

What the authority found

The data protection authority found that the university failed to implement adequate technical and organizational measures to safeguard personal data.

Why this matters

This case emphasizes the need for organizations to secure personal data properly. It serves as a warning that lax data protection can lead to significant fines and reputational damage.

GDPR Articles Cited

AI-verified

Art. 24(GDPR)
Art. 32(GDPR)
View original scraped data
Art. 32(GDPR)
Art. 24(GDPR)

Original data from scraper before AI verification against source document.

Source verified 13 March 2026
articles corrected
amount discrepancy
Norway enforcementDatatilsynet (Norway) actionsAll University of Agder actions
Full Legal Summary
Detailed

The Norwegian DPA has fined the University of Agder (UiA) EUR 12,700. An employee of UiA had discovered that documents containing personal data of employees, students and external individuals were stored in open Microsoft Teams foldersand that employees with no business need were able to access them. During its investigation, the DPA found that UiA had failed to implement appropriate technical and organisational measures to protect personal data.

Related Enforcement Actions (0)

No other enforcement actions found for University of Agder in NO

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

4 September 2024

Authority

Datatilsynet (Norway)

Fine Amount

€12,700

Enforcement Tracker ID

ETid-2458

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. University of Agder - Norway (2024). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: