Insights
Home / Insights / New Ecom Act – important changes effective from 1 January 2025

New Ecom Act – important changes effective from 1 January 2025

The new Norwegian Electronic Communications Act (the Ecom Act) enters into force 1 January 2025. It will affect multiple sectors and stakeholders. In this article we give a brief overview of three important changes to be aware of as we approach 2025.
| Article | Written by Malin Tønseth , Thomas Olsen and Maria Alme Jensen
ian-keefe-rR1_WcIXlBM-unsplash_4

Extension of the Act’s scope to number-independent interpersonal communications services (NI-ICS)
The new Act broadens the definition of an «electronic communications service» to encompass number-independent interpersonal communication services (NI-ICS). NI-ICS refers to person-to-person communications services that do not connect to numbers within a national or international number plan, nor facilitate communication with such numbers. Various social media platforms, including Tiktok, Instagram, Messenger, and WhatsApp, fall under this definition and will be subject to the new Ecom Act from 1 January. While these service providers are exempt from certain provisions, such as registration with the National Communications Authority (NKOM), they must comply with specific security requirements outlined in the Act.

Strengthening of end-user rights
One of the primary objectives of the new Act is to strengthen consumer rights. To this end, the Act introduces a separate chapter on end-user rights, including a ban on discriminating terms, a requirement for clear and concise summaries of end users’ agreements with the provider, and regulations on control of prices and price comparison services. Additionally, end-user rights are extended to include multi-dwelling units, micro-enterprises, and non-profit organizations contrasting with the current law where these rights are primarily linked to the traditional definition of a consumer. This is a substantial change from today’s law, where end-user rights are more tightly connected to the traditional understanding of the consumer term.

New requirements for cookies
The cookie regulations in the new Ecom Act are significantly stricter than the current rules. Previously, consent for the use of cookies could be obtained through technical settings in the browser. From 1 January, two main requirements must be met for the use of cookies and similar technologies. Firstly, information must be provided about the data being processed, the purpose of the processing and the entity handling it. Secondly, the user must give consent that complies with the requirements of the GDPR. This includes ensuring that the consent is informed, voluntary and specific, and based on an active action from the user. Consequently, the common practice of integrating consent within browser settings and informing users through “pop-up” images when they visit websites, will likely not meet the standards for a valid consent. Providers using cookies must therefore explore technical solutions for obtaining valid consent, such as introducing a «cookie banner,» provided that the technical solution meets the stricter requirements.

You can read more about the new cookie requirements in this article (in Norwegian).