– Nav is a ticking privacy bomb. As it stands now, Nav’s databases give the agency a strong information advantage over certain people, says Storting representative Mímir Kristjánsson in Rødt to Klassekampen.
He is supported by SV politician Freddy André Øvstegård, who, like Kristjánsson, sits on the work and social affairs committee in the Storting.
In the autumn, the Danish Data Protection Authority found a number of problems with IT security and privacy in Nav and imposed a fee of NOK 20 million on the agency. Nav has since appealed the fee, and Nav CEO Hans Christian Holte has rejected much of the criticism.
Kristjánsson believes that Nav’s access should either be limited, or that stronger protection should be built up for the information Nav possesses.
According to chapter 21 of the National Insurance Act, the agency’s employees can, among other things, order the Post Office to disclose which addresses you use and order hospitals to keep Nav up to date on whether you are enrolled or discharged. If fraud is suspected, Nav can also ask your bank to flag payments to you, without you being informed.
The article continues below the adThe article continues below the ad
However, Holte defends the current practice.
– At Nav, we are crystal clear that official needs must be the basis when employees enter into cases. I have confidence that our 22,000 employees in Nav take privacy very seriously, we work on this every single day. When we uncover breaches in some cases, there are serious consequences, Holte responds to the criticism from politicians in the Storting.
