Security News > 2022 > February > France Rules That Using Google Analytics Violates GDPR Data Protection Law

French data protection regulators on Thursday found the use of Google Analytics a breach of the European Union's General Data Protection Regulation laws in the country, almost a month after a similar decision was reached in Austria.

Of the data protection decree, which govern the transfers of personal data to third countries or international entities.

"[A]lthough Google has adopted additional measures to regulate data transfers in the context of the Google Analytics functionality, these are not sufficient to exclude the accessibility of this data for U.S. intelligence services," the CNIL said.

As part of the order, the CNIL recommended one of the offending websites to adhere to the GDPR by ceasing to utilize the Google Analytics functionality or by using an alternative website traffic monitoring tool that does not involve a transfer outside the E.U., giving it a deadline of one month to comply.

The watchdog underscored that website audience measurement and analysis services such as Google Analytics should only be "Used to produce anonymous statistical data, thus allowing for an exemption from consent if the data controller ensures that there are no illegal transfers."

"If a new transatlantic data transfer framework is not adopted and we are unable to continue to rely on SCCs or rely upon other alternative means of data transfers from Europe to the United States, we will likely be unable to offer a number of our most significant products and services, including Facebook and Instagram, in Europe," the company said in an annual report issued earlier this week.

News URL

https://thehackernews.com/2022/02/france-rules-that-using-google.html