Sweden Issues An Order 'Stop Using Google Analytics'

Uploaded on 2023-07-20 in GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms

Sweden’s  government privacy protection agency, the IMY, has ordered four companies to stop using Google Analytics due to the transfer of personal data to the US, in violation of the EU’s data protection regulation (GDPR). 

The IMY said it had examined the use of Google Analytics by the firms following a complaint by the Austrian data privacy group noyb (none of your business) which has filed dozens of complaints against Google across Europe. The four companies were fined, with telecommunications firm Tele2 receiving a penalty of  SKr. 12 million ($1.2m) and online marketplace CDON fined SKr. 300,000 ($30,000)

IMY legal adviser Sandra Arvidsson, who led the investigation, said the agency has the rulings "made clear what requirements are placed on technical security measures and other measures when transferring personal data to a third country, in this case the United States.'

The IMY deemed the data sent to Google Analytics as personal data and found the technical security measures taken by the companies insufficient to meet EU standards.

At the end of May, the European Commission said it hoped to conclude by the end of the summer a new legal framework for data transfers between the EU and United States. The GDPR, in place since 2018, can lead to penalties of up 20 million euros or four percent of a company’s global revenue. This is the first financial penalty imposed on companies for using Google Analytics in violation of the GDPR.

The national retail chain Coop and the Dagens Industri newspaper were judged to  have taken more stringent measures to protect the data being transferred to Google and were not fined.

In 2022 a number of European Union data privacy regulators, including the French and Italian authorities, warned against use of Google’s analytics tool after finding a number of users to be non-compliant with the Union’s rules on international data transfers.

 However other regulators have not issued financial sanctions, according to noyb, which was behind the original complaints, appearing to prefer a softer approach to enforcing the GDPR on users of such a familiar tool, despite the same data transfer issue underlying them all.

IMY:     noyb:   Oodaloop:   Security Week:   VOA:    The LocalTechcrunch:   Ground:   Image:  PhotoMIX 

You  Might Also Read: 

EU Still Blocking Social Media Users' Data Transfer:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« A Perfect Storm For Cybercrime
British Employees Lack The Training To Use AI Tools »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Cyber Security For Critical Assets (CS4CA)

Cyber Security For Critical Assets (CS4CA)

Cyber Security For Critical Assets is a global series of summits focusing on cyber security for critical infrastructure.

Span

Span

Span designs, develops and maintains information systems based on advanced technological solutions of global IT leaders.

Vuntie

Vuntie

Vuntie blend European craftsmanship, performance and open-source technology to deliver cybersecurity services including penetration testing, incident response, training and consultancy.

Zuratrust

Zuratrust

Zuratrust provide protection for all kinds of email related cyber attacks.

Redbelt Security

Redbelt Security

Redbelt is a cyber security consultancy. We integrate people, systems, services and products to transform how your information security is delivered.

CSC Digital Brand Services

CSC Digital Brand Services

Our brand protection and security expertise give our customers peace of mind that no matter how fast the digital world changes, their intellectual property and digital assets will be secure.

CyberCX

CyberCX

CyberCX provides services from strategic consulting, security testing and training to world-class managed services and engineering solutions.

GLIMPS

GLIMPS

GLIMPS-Malware automatically detects malware affecting standard computer systems, manufacturing systems, IOT or automotive domains.

Cyber7

Cyber7

CYBER7 is a National Cyber Security Innovation community initiated by Israel National Cyber Directorate, Ministry of Economy and Israel Innovation Authority led by Tech7 – Venture Studio.

Park Place Technologies

Park Place Technologies

Park Place Technologies' mission is to drive uptime, performance and value for critical IT infrastructure.

Resourcive

Resourcive

Resourcive is the first Value Added Sourcing “VAS” consultancy. We deliver strategic IT sourcing solutions to mid-market and enterprise clients.

BluSapphire

BluSapphire

BluSapphire is an industry-first, purpose-built, cloud-native, Hybrid XDR platform powered by AI and big data analytics.

WillJam Ventures

WillJam Ventures

WillJam Ventures are a private equity firm focused on investing in world-class cybersecurity companies that will become the next generation of leaders in protecting the world’s digital assets.

Staris

Staris

Human based defense is dead. Staris is reinventing application security for an increasingly AI driven world.

Pantherun Technologies

Pantherun Technologies

Pantherun is a pioneering force in the realm of encryption technology and data protection solutions.

GetReal Security

GetReal Security

GetReal Security is the world’s leading authority on malicious digital content and deepfake protection.