Norway’s data protection department has indicated that ISPs must delete all personal IP address-related data just 3 weeks after collection. The instruction, initially given to two ISPs but applicable to them all, means that it will be incredibly difficult to take action against file-sharers.