Google Analytics Deemed Illegal in Austria

Google Analytics Deemed Illegal in Austria

 

The Austrian Data Protection Authority (DSB) has ruled that the use of Google Analytics is in violation of the GDPR in a case involving NetDoktor, a health portal providing medical tools and news. NetDoktor, like millions of other websites, uses GA for their site’s tracking and analytics.

 

The NGO, My Privacy is None of Your Business (noyb), filed complaints against NetDoktor and 100 other European companies that still use Google Analytics. This is because the Court of Justice of the European Union (CJEU) ruled in their “Schrems II” decision that using Google Analytics or Facebook Connect is in violation of the GDPR because user data is transferred to the U.S.

 

The upheld claims were:

  1. Unique user identification numbers, IP addresses, and browser parameters were being sent to Google as part of the user’s tracking.
  2. Standard data protection clauses between NetDoktor and Google are not adequate because all data sent to the U.S. is subject to American surveillance laws.
  3. Privacy Shield was annulled by the Schrems II decision, so there is currently no agreed upon way for the transfer of data between the EU and the U.S.

 

This decision puts pressure on tech giants and their customers to comply with GDPR to the letter of the law instead of hoping that business contracts will sufficiently protect them from penalties and fines. This could also spur the EU and U.S. government to negotiate a successor to Privacy Shield. Privacy Shield itself was the second attempt to agree upon data transfer conditions between the two blocks so that data can continue to flow between continents.

 

But, what does this mean for you and your business while these issues are being hashed out? First and foremost, you can confirm where your data is being sent to determine if you need to find alternative storage or tracking solutions. Then you can begin to address the bigger question of what those alternatives might be and how and when to implement them.

ObservePoint can help you with that initial assessment with our Privacy Compliance solution. Our easy-to-use, visual report for Technology Geolocation allows you to quickly confirm the physical location of all network request endpoints. You can set up custom rules for specific locations and get notified if your rules are broken. For more information, fill out the form for a demo or sample audit.

Related Posts

Goodbye 3rd-Party Cookies Pt. 2: Advertiser Perspectives

Hear from our special guest Rob Myers, Sr. Product Manager at NextRoll, as he shares how he's preparing their consumer advertising platform to adjust to Chrome's Privacy Sandbox.
Read More

Cheat Sheet: 3rd-Party Cookie Phase-Out 2024

Here's a cheat sheet to help you understand the 3rd-party cookie phase-out and what Chrome is doing about it in particular.
Read More

Implementing ObservePoint: How to Set Yourself up for Success

Tips on organizing your Audits and Journeys, automating as much as possible, choosing what pages to scan at the highest frequencies, and more.
Read More

FAQ: Chrome is Saying Goodbye to 3rd-Party Cookies

In 2024, Google will phase out 3rd-party cookies in their Chrome browser. At our recent DataChat Live! webinar covering this topic, many website owners had questions about how this impacts them. Here are ObservePoint’s answers to your burning 3rd-party cookie questions.
Read More

It’s Finally Happening: Goodbye 3rd-Party Cookies

What are the changes being made to third-party cookies? Particularly focusing on Google's shift in its Chrome browser.
Read More

Healthcare Websites Face Urgent Privacy Issues

What lawsuits are making healthcare providers concerned about third-party tracking? And, how can ObservePoint help?
Read More

Goodbye 3rd-Party Cookies Pt. 2: Advertiser Perspectives

Hear from our special guest Rob Myers, Sr. Product Manager at NextRoll, as he shares how he's preparing their consumer advertising platform to adjust to Chrome's Privacy Sandbox.
Read More

Cheat Sheet: 3rd-Party Cookie Phase-Out 2024

Here's a cheat sheet to help you understand the 3rd-party cookie phase-out and what Chrome is doing about it in particular.
Read More

Implementing ObservePoint: How to Set Yourself up for Success

Tips on organizing your Audits and Journeys, automating as much as possible, choosing what pages to scan at the highest frequencies, and more.
Read More

FAQ: Chrome is Saying Goodbye to 3rd-Party Cookies

In 2024, Google will phase out 3rd-party cookies in their Chrome browser. At our recent DataChat Live! webinar covering this topic, many website owners had questions about how this impacts them. Here are ObservePoint’s answers to your burning 3rd-party cookie questions.
Read More

It’s Finally Happening: Goodbye 3rd-Party Cookies

What are the changes being made to third-party cookies? Particularly focusing on Google's shift in its Chrome browser.
Read More

Healthcare Websites Face Urgent Privacy Issues

What lawsuits are making healthcare providers concerned about third-party tracking? And, how can ObservePoint help?
Read More