Milos Novovic

Hi there! I'm Miloš.

I teach privacy and contract law.

About me

Hi! I’m Miloš Novović, and I work as an Associate Professor of Law at BI Norwegian Business School.

I live in Oslo, Norway, where I wrote my PhD in law. I love teaching about international commercial contracts, privacy, and anything tech-related. I also love talking (see my podcast or TEDx talk and podcast), writing articles (some are here), and occasionally getting some project-based work done on the ground.

Basically, I am a technology nerd who loves negotiating tech contracts.

I’m Miloš Novović, an associate professor of law at BI Norwegian Business School.

I teach courses on the GDPR, digital compliance and platform liability. I am also interested in commercial contracts, and teach courses on international commercial and arbitration law.

I hold a PhD in law from the University of Oslo, an LL.M. from the George Washington University, and a BSc. from University of Montenegro.

In addition to my academic pursuits, I’ve spent several years helping major Norwegian and international companies with privacy and IT contract-related matters. Needless to say, I am also a huge technology geek, and love learning how stuff works 🙂

My classes

Privacy and the GDPR

An Executive course covering all aspects of the General Data Protection Regulation (GDPR). Taught in Norwegian.

Legal Tech

A course on data protection, platform liability, and intellectual property law.

Digital Compliance

An Executive course on data protection, security, marketing and IT contract law. Taught in Norwegian.

International Commercial Law

A course on negotiating, drafting and enforcing international commercial agreements. It also covers arbitration and dispute settlement.

My publications

Upcoming: Digital Services Act Commentary

I am currently working on a book, an article-by-article commentary of the EU Digital Services Act. The DSA reforms the field of online platform liability, and introduces significant new obligations on information society service providers. 

Privacy Labels, App Store and the GDPR

This paper examines whether Privacy Nutrition Labels which Apple requires on the App Store help enhance transparency.

My PhD thesis

In my doctoral thesis, I examine how big platforms license user's copyrighted works through their Terms of Service agreements.

What I am working on

Digital Services Act

Right now, I am looking into the questions of platform regulation under the Digital Services Act.
I am particularly curious about how it will affect online discussions, smaller businesses and marketplaces, which compliance costs it will impose, and what it will do for our privacy.

GDPR

I have been working with data protection and privacy for a while now, and I am interested in (nearly) everything related to the field.
At this moment, I am focusing on the ways in which the GDPR affects the freedom to conduct business and freedom of contract.

Commercial contracts

Negotiating and interpreting contracts is always fun, as is learning about differences in national contract laws. Right now, I am looking into how choosing to litigate the disputes arising out of a contract in one country, without fully understanding its mandatory rules (such as those on privacy), can subvert the expectations of the contractual parties.

My podcasts and talks

Grumpy GDPR

Listen the latest episode of Grumpy GDPR, a podcast where I discuss the latest and greatest GDPR news together with Rie Aleksandra Walle – in the grumpiest way possible. 

My TEDx talk

Papers, training and resources

Arbitrability of GDPR disputes

In this article, I argue that private judges (arbitrators) must be, under the EU and international law, allowed to rule on GDPR compensation claims. I claim that this is not necessarily problematic.

(Novović, Miloš. "Arbitrability of Data Protection Disputes: Personal Data, Personalized Justice?", European Review of Contract Law, vol. 19, no. 3, 2023)

App Store Privacy Labels

Here is an article where I explore how Privacy Nutrition Labels posted in App Stores affect users and developers. My core argument is that privacy labels found in the app stores do not satisfy the GDPR transparency requirements, but that they still contribute to internal compliance.

(Novović, Miloš. Privacy nutrition labels, App Store and the GDPR: Unintended consequences?", Journal of Data Protection & Privacy, Henry Stewart Publications, 2023)

Copyright Tourism

In this article, I argue that the EU Court of Justice has created unexpected problems when it ruled that copyright disputes can be filed in any EU country where the content can be accessed from.

(Novović, Miloš. Fighting European ‘Copyright Tourism’: Lessons from Defamation Laws, European Review of Private Law, 2019)

Licensing of User-Generated Content

In my PhD thesis, I address the questions relating to mass-scale copyright licensing agreements which users enter into when they sign up for big online services.

(Novović, Miloš. Licensing of User-Generated Content: How Online Platforms Exploit Users’ Copyrighted Works, University of Oslo, 2018)

Get in touch

Privacy and cookies

This website places a single cookie necessary to render the webpage and pause/resume videos.

The only personal information I process is your IP address, which is only stored if there is a flagged security incident (in which case it is deleted after 6 months).

My website is hosted on servers in Belgium. I use no tracking or profiling technologies.

You can always ask me to give you access to, correct, or delete your personal data; or object to the way I am using it.

You are always free to lodge a complaint with the authorities. Feel free to contact me anytime you’d like; all of my contact information is on the homepage! :)

My name is Milos Novovic, and I am the person who decided how your data is used on this website. You can always contact me using the contact forms on this website, or via my email ([email protected]).

This website places a single, necessary cookie on your device. It simply tracks whether you have an active session on the website (in order to render the website theme and allow you to pause/resume videos). The cookie is deleted as soon as your session expires. Here is what it looks like:

elementor|{“__expiration”:{},”activeSession”:true}|

Your IP address is processed in order to be able to run this website securely. Under normal circumstances, it is deleted when you close your browsing session. If an automated system detects abnormal traffic from your IP address (consistent, for instance, with cyberattacks), your IP address will be stored for a period of 6 months. The legal basis for this processing is legitimate interest.

All the material is hosted on the page itself, and there are no analytical or tracking tools. The website is hosted by Elementor Cloud, on their servers in Belgium. Elementor uses a caching service called Cloudflare, which makes it faster to render webpages. Both services operate as intermediaries under the eCommerce Directive, and data processors under the GDPR. They are not allowed to use your personal data for any of their own purposes.

You can always ask me to gain you access, correct, or delete your personal data. You can also object to the processing of your IP address for security purposes, in which case I will assess the claim based on your individual situation. Automatic decision-making does not take place on this website.

You always have the right to lodge a complaint with a supervisory authority. You have no obligation to contact me with your concerns (but as a privacy nerd, I would very much like it if you did!).