Sweden Issues An Order 'Stop Using Google Analytics'

Uploaded on 2023-07-20 in GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms

Sweden’s  government privacy protection agency, the IMY, has ordered four companies to stop using Google Analytics due to the transfer of personal data to the US, in violation of the EU’s data protection regulation (GDPR). 

The IMY said it had examined the use of Google Analytics by the firms following a complaint by the Austrian data privacy group noyb (none of your business) which has filed dozens of complaints against Google across Europe. The four companies were fined, with telecommunications firm Tele2 receiving a penalty of  SKr. 12 million ($1.2m) and online marketplace CDON fined SKr. 300,000 ($30,000)

IMY legal adviser Sandra Arvidsson, who led the investigation, said the agency has the rulings "made clear what requirements are placed on technical security measures and other measures when transferring personal data to a third country, in this case the United States.'

The IMY deemed the data sent to Google Analytics as personal data and found the technical security measures taken by the companies insufficient to meet EU standards.

At the end of May, the European Commission said it hoped to conclude by the end of the summer a new legal framework for data transfers between the EU and United States. The GDPR, in place since 2018, can lead to penalties of up 20 million euros or four percent of a company’s global revenue. This is the first financial penalty imposed on companies for using Google Analytics in violation of the GDPR.

The national retail chain Coop and the Dagens Industri newspaper were judged to  have taken more stringent measures to protect the data being transferred to Google and were not fined.

In 2022 a number of European Union data privacy regulators, including the French and Italian authorities, warned against use of Google’s analytics tool after finding a number of users to be non-compliant with the Union’s rules on international data transfers.

 However other regulators have not issued financial sanctions, according to noyb, which was behind the original complaints, appearing to prefer a softer approach to enforcing the GDPR on users of such a familiar tool, despite the same data transfer issue underlying them all.

IMY:     noyb:   Oodaloop:   Security Week:   VOA:    The LocalTechcrunch:   Ground:   Image:  PhotoMIX 

You  Might Also Read: 

EU Still Blocking Social Media Users' Data Transfer:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« A Perfect Storm For Cybercrime
British Employees Lack The Training To Use AI Tools »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Momentum

Momentum

The Cyber Security team at Momentum offers a professional and specialist recruitment service across Cyber & IT Security.

National Defence Radio Establishment (FRA) - Sweden

National Defence Radio Establishment (FRA) - Sweden

The National Defence Radio Establishment (Försvarets Radioanstalt), is the Swedish national authority for Signals Intelligence, also providing Information assurance services to government authorities.

Nohau

Nohau

Nohau provide services for safe and secure embedded software development.

RangeForce

RangeForce

RangeForce delivers the only integrated cybersecurity simulation and skills analysis platform that combines a virtual cyber range with hand-on training.

BHC Laboratory

BHC Laboratory

BHC Laboratory is a cyber capabilities’ development company for a wide range of global customers.

Knowledge Transfer Network (KTN)

Knowledge Transfer Network (KTN)

KTN links new ideas and opportunities with expertise, markets and finance through our network of businesses, universities, funders and investors.

Wolf Hill Group

Wolf Hill Group

Wolf Hill Group, a Slone Partners company, is a national recruitment firm focused on Cybersecurity.

Neptune Cyber

Neptune Cyber

Neptune is a cyber security company that works exclusively in the marine sector. Our team combines experts in shipbuilding, maintenance and operations and cyber security testing and design.

InferSight

InferSight

InferSight can help you design an architecture that takes into account security, performance, availability, functionality, resiliency and future capacity to avoid technological lock in and limitations

Digital Identification & Authentication Council of Canada (DIACC)

Digital Identification & Authentication Council of Canada (DIACC)

DIACC is a non-profit coalition of public and private sector leaders committed to developing a Canadian framework for digital identification and authentication.

BitTrap

BitTrap

BitTrap helps companies worldwide detect attackers and put an early end to breaches, preventing data exfiltration and ransomware altogether.

SIEM Xpert

SIEM Xpert

SIEM Xpert is a leader in Cyber Security Trainings and services since 2015.

Airlock Digital

Airlock Digital

Airlock Digital was created after many years of experience in implementing whitelisting/ allowlisting solutions in Federal Government and various enterprises in Australia.

Kontra

Kontra

Kontra application security training is an interactive and intuitive learning experience that engages developers.

ACDS (Advanced Cyber Defence Systems)

ACDS (Advanced Cyber Defence Systems)

ACDS was founded in the belief that cyber security can be done better. We’re combining emerging technologies and proven methods to bring a new approach to tackling the growing threat landscape.

Synergetika

Synergetika

Synergetika is a leading pure-play Privileged Access Management (PAM) consultancy and systems integrator.