Version 27.0, February 2013
© Bert-Jaap Koops **Portions © Analog Devices, Inc. **
Licensed under Creative Commons Attribution Share Alike 4.0 International.
SPDX-License-Identifier: CC-BY-SA-4.0
[Norway]{#no} [Sources 1, 5, 6, 8]
Norway has signed the Wassenaar Arrangement, including the (pre-December 1998) General Software Note. Export is regulated by the Strategic Goods Export Control Act of 18 December 1987, nr. 93 (Lov om kontroll med eksport av strategiske varer, tjenester og teknologi m.v.) and the accompanying regulations of 10 January 1989, nr. 51 (Forskrift til gjennomføring av utførselsreguleringen for strategiske varer, tjenester og teknologi). For more information, see the Norwegian Department of Foreign Affairs' export control page (in English). A list of technologies is available in Norwegian.
There are no import controls. The 2001 policy document (see below, at 3) states that import of cryptography will remain free.
None.
In August 2001, the Norwegian government released their Norwegian Crypto
Policy (Norsk
kryptopolitikk,
text in Norwegian). The policy in general takes a positive stance
towards cryptography, arguing its value for securing data and for the
economy. The policy declares itself against mandatory key-escrow, at
least as far as individuals' use of cryptography for private purposes
and authentication-only cryptography are concerned. Local mandatory
key-escrow is, however, recommended for companies for internal use,
because of the risk of data loss when a crypto key is lost. The policy
also indicates that telecommunications service providers, including
Internet access providers, can be required to provide plaintext to the
government, if they are in possession of the plaintext or of the keys to
produce the plaintext.
See also A basis for developing an integrated national crypto
policy
(text in Norwegian) by Lee Bygrave.
At the OECD meeting of December 1995, Norway called in question the use of Trusted Third Parties for judicial access to keys.
Back to the Table of Contents