Sweden’s data protection watchdog has warned companies against using Google Analytics, citing the risks posed by US government surveillance, following similar moves in Austria, France and Italy last year.
The development comes as a result of an audit initiated by the Swedish Privacy Agency (IMY) against four companies: CDON, Coop, Dagens Industri and Tele2.
“In our audit, we consider data transferred to the United States via Google’s statistical tools to be personal data as it may be linked to other unique data transferred,” the IMY said. rice field.
“The authorities also conclude that the technical security measures taken by the companies are basically not sufficient to ensure a level of protection comparable to that guaranteed within the EU/EEA.”
The data protection authority also fined Swedish telecom service provider Tele2 $1.1 million and local online marketplace CDON less than $30,000 for failing to take appropriate security measures to anonymize data before transfer. imposed.
Additionally, CDON, Coop and Dagens Industri have been ordered to stop using Google Analytics. Tele2 has voluntarily stopped using the service.
The IMY added that the investigation was based on a complaint filed by privacy nonprofit None of Your Business (noyb) alleging violations of the General Data Protection Regulation (GDPR) law.
This decision was made in light of potential surveillance concerns that data stored on US servers could be accessed by domestic intelligence agencies, and that such EU-US data transfers would be Rooted in the fact that it was determined to be illegal.
Similar concerns have resulted in Meta being fined a record $1.3 billion by European Union data protection authorities. That said, the EU and US are in the process of finalizing a new data transfer agreement called the EU-US Data Privacy Framework to replace the now-defunct Privacy Shield.
