Sweden Issues An Order 'Stop Using Google Analytics'

Uploaded on 2023-07-20 in GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms

Sweden’s  government privacy protection agency, the IMY, has ordered four companies to stop using Google Analytics due to the transfer of personal data to the US, in violation of the EU’s data protection regulation (GDPR). 

The IMY said it had examined the use of Google Analytics by the firms following a complaint by the Austrian data privacy group noyb (none of your business) which has filed dozens of complaints against Google across Europe. The four companies were fined, with telecommunications firm Tele2 receiving a penalty of  SKr. 12 million ($1.2m) and online marketplace CDON fined SKr. 300,000 ($30,000)

IMY legal adviser Sandra Arvidsson, who led the investigation, said the agency has the rulings "made clear what requirements are placed on technical security measures and other measures when transferring personal data to a third country, in this case the United States.'

The IMY deemed the data sent to Google Analytics as personal data and found the technical security measures taken by the companies insufficient to meet EU standards.

At the end of May, the European Commission said it hoped to conclude by the end of the summer a new legal framework for data transfers between the EU and United States. The GDPR, in place since 2018, can lead to penalties of up 20 million euros or four percent of a company’s global revenue. This is the first financial penalty imposed on companies for using Google Analytics in violation of the GDPR.

The national retail chain Coop and the Dagens Industri newspaper were judged to  have taken more stringent measures to protect the data being transferred to Google and were not fined.

In 2022 a number of European Union data privacy regulators, including the French and Italian authorities, warned against use of Google’s analytics tool after finding a number of users to be non-compliant with the Union’s rules on international data transfers.

 However other regulators have not issued financial sanctions, according to noyb, which was behind the original complaints, appearing to prefer a softer approach to enforcing the GDPR on users of such a familiar tool, despite the same data transfer issue underlying them all.

IMY:     noyb:   Oodaloop:   Security Week:   VOA:    The LocalTechcrunch:   Ground:   Image:  PhotoMIX 

You  Might Also Read: 

EU Still Blocking Social Media Users' Data Transfer:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« A Perfect Storm For Cybercrime
British Employees Lack The Training To Use AI Tools »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

eSentire

eSentire

eSentire is the authority in Managed Detection and Response Services, protecting the critical data and applications of organizations from known and unknown cyber threats.

Redcentric

Redcentric

Redcentric is a leading UK IT managed services provider. We deliver managed IT, cloud computing, data backup, information security services and managed networks.

Daon

Daon

Daon offers a universal biometric authentication platform for mobile devices.

Professional Insurance Agents (PIA)

Professional Insurance Agents (PIA)

Professional Insurance Agents (PIA) offer commercial insurance services including Cyber Liability insurance.

NSIT

NSIT

NSIT SAS is a consulting, advisory and service provider in IT systems. Solution areas include networking & infrastructure, IT management & administration, and cyber security.

Expanse

Expanse

Expanse SaaS-delivered products plus service expertise reduce your internet edge risk to prevent breaches and successful attacks.

FraudHunt

FraudHunt

FraudHunt protects your website from account fraud, ad fraud, fraud clicks, and malicious bots.

Ntirety

Ntirety

Ntirety Managed Security Services offer enterprise businesses the advanced tools, processes, and support to ensure your infrastructure, networks, and mission-critical applications are secure.

Utility Cyber Security Forum

Utility Cyber Security Forum

The Utility Cyber Security Forum offers a focused venue in which utility executives can network one-on-one with colleagues facing issues in protecting against cyber attacks.

IT Jobs Watch

IT Jobs Watch

IT Jobs Watch provides a concise and accurate map of the prevailing IT job market conditions in the UK.

Digitpol

Digitpol

Digitpol’s Cyber Crime Investigation experts investigate hacking incidents, ransomware, extortion and conduct security audits and IT upgrades.

NWN Corp

NWN Corp

NWN Corporation is a leading Cloud Communications Service Provider (CCSP) focused on transforming the customer and workspace experience for commercial, enterprise and public sector organizations.

Advent One

Advent One

Advent One are recognised for solving intricate dilemmas, not only making technology work but building foundations that customers can grow upon in an effective and secure way.

Sendmarc

Sendmarc

Sendmarc automates the process of protecting your domain from being used in email impersonation and phishing attacks.

Unit42

Unit42

Unit 42 brings together world-renowned threat researchers, incident responders and security consultants to create an intelligence-driven, response-ready organization.

Red Maple Technologies

Red Maple Technologies

Started and run by engineers from the UK Intelligence and Defence communities, Red Maple is a technical consultancy and product company.

Netsurit

Netsurit

Managed IT, Cloud, and Security Services. Netsurit is Your IT Innovation and Digital Transformation Accelerator.