On February 10, cnil said that an unnamed local website using the services provided by Google Analytics violated the EU’s general data protection regulations (gdpr).
It is reported that cnil’s decision stems from several complaints from the European Center for digital rights (NOYB). Google Analytics, developed by Google of alphabet, is the most widely used network analysis service in the world. It can measure the number of visits to the website through the user’s unique identifier. The unique identifier (which has constituted personal data) and other relevant data are being transferred to the United States by Google. According to Article 44 of gdpr, it is prohibited to transfer personal data from the EU to “third-party countries” without equal privacy protection measures, and the United States is among the countries that fail to meet the threshold.
“Although Google has taken additional measures against Google Analytics to regulate data transmission, these measures are still not enough to rule out the possibility of U.S. intelligence agencies obtaining these data.” Cnil wrote in a statement that using Google analytics service and exporting its data to French websites may expose users to risks.
Therefore, cnil requires the above websites to be improved within one month to comply with EU regulations, and has issued similar orders to other website operators. As for the audience monitoring and analysis services of the website, cnil recommends that tools such as Google Analytics be used only to generate anonymous statistics. If the data controller ensures that there is no illegal transmission, it will be granted immunity. To this end, cnil has launched an evaluation program for such tools.
Google declined to comment on cnil’s decision. The company had previously said that Google Analytics would not track people on the Internet and that companies using the tool could control the data they collected.
In fact, European regulators, including cnil, have been investigating complaints similar to the above-mentioned cases in the past two years, affected by the ruling of the EU Supreme Court that the privacy shield agreement for data transmission in the United States is invalid. Only last month, the same complaint from NOYB made a German publisher website using Google Analytics judged by the Austrian government as violating gdpr.
The cancellation of privacy shield has shrouded the legitimacy of cross Atlantic China Welding Consumables Inc(600558) personal data transmission in uncertainty. Several major companies, including Google and meta, are calling for a new cross Atlantic China Welding Consumables Inc(600558) data transmission protocol as soon as possible.
“In the long run, either the United States provides better data protection measures or provides products for the United States and the European Union alone.” “I personally prefer the former, but it’s up to US lawmakers,” said Max schrems, NOYB’s founder
