A Norway Nokia 7 Plus user notified the Norwegian media about batches of data being sent to a server in China upon powering on. Data such as the phone’s IMEI numbers, SIM card numbers, the cell ID of the base station the phone is connected to, and its network address (the MAC address), were sent unencrypted. Norway’s data protection ombudsman has launched an investigation. Although Norway is not an EU member state, the GDPR is still applicable to Norway as a member of the European Economic Area
Encryption refers to the scrambling of electronic documents and communication into an unreadable format which can be read only through the use of encryption software. Traditionally, governments were the only players who had the power and the know-how to develop and deploy powerful encryption in their military and diplomatic communications. With user-friendly packages, encryption has become affordable for any Internet users, including criminals and terrorists. This triggered many governance issues related to finding the right balance between the need to respect privacy of communication of Internet users and the need for governments to monitor some types of communication of relevance for the national security (potential criminal and terrorist activity remains an issue).
Intermediaries play a vital role in ensuring Internet functionality. In several Internet governance areas, such as copyright infringement and spam, Internet Service Providers (ISPs) are considered key online intermediaries. In other areas, such as defamation and the so-called right to be forgotten, the responsibility extends to hosts of online content and search engines.