Experiences of GDPR in Norway: Politics of autonomy and control | Synapse