Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Google EU Privacy

Italy's Data Watchdog Latest To Warn Over Use of Google Analytics (techcrunch.com) 5

An anonymous reader quotes a report from TechCrunch: Another strike against use of Google Analytics in Europe: The Italian data protection authority has found a local web publisher's use of the popular analytics tool to be non-compliant with EU data protection rules owing to user data being transferred to the U.S. -- a country that lacks an equivalent legal framework to protect the info from being accessed by US spooks. The Garante found the web publisher's use of Google Analytics resulted in the collection of many types of user data, including device IP address, browser information, OS, screen resolution, language selection, plus the date and time of the site visit, which were transferred to the U.S. without adequate supplementary measures being applied to raise the level of protection to the necessary EU legal standard.

Protections applied by Google were not sufficient to address the risk, it added, echoing the conclusion of several other EU DPAs who have also found use of Google Analytics violates the bloc's data protection rules over the data export issue. Italy's DPA has given the publisher in question (a company called Caffeina Media Srl) 90 days to fix the compliance violation. But the decision has wider significance as it has also warned other local websites that are using Google Analytics to take note and check their own compliance, writing in a press release [translated from Italian with machine translation]: "[T]he Authority draws the attention of all Italian managers of websites, public and private, to the illegality of transfers made to the United States through GA [Google Analytics], also in consideration of the numerous reports and questions that are being received by the Office, and invites all data controllers to verify the compliance of the methods of use of cookies and other tracking tools used on its websites, with particular attention to Google Analytics and other similar services, with the legislation on the protection of personal data."
A Google spokesperson issued the following statement: "People want the websites they visit to be well designed, easy to use, and respectful of their privacy. Google Analytics helps publishers understand how well their sites and apps are working for their visitors -- but not by identifying individuals or tracking them across the web. These organizations, not Google, control what data is collected with these tools, and how it is used. Google helps by providing a range of safeguards, controls and resources for compliance."

Google is reviewing the Italian DPA's decision, according to the spokesperson.
This discussion has been archived. No new comments can be posted.

Italy's Data Watchdog Latest To Warn Over Use of Google Analytics

Comments Filter:
  • by splutty ( 43475 ) on Thursday June 23, 2022 @05:29PM (#62646022)

    Google helps by providing as little as possible in the way of configuration that would not send all that data to Google to begin with.

    I've seen the setups for google analytics, and the defaults are... Oh boy...

    And trying to change those requires a bit more knowledge than I imagine a random "web designer" has, if they even know they're supposed to change those.

    • Google, does not say, oh this is a GDPR country, we better warn this entity they are breaking the law. It is hard to believe Google does not know full well that it originates from a GDPR country. Their policy is ask no questions, see no evil. As for Italy, offenses should result in mandatory notification to each and every user by the offending entities, an effective fine, that doubles after each offense or warning Repeat for rest of EU. Now the EU has been careless and slack in not enforcing it own rules -
  • by VeryFluffyBunny ( 5037285 ) on Friday June 24, 2022 @11:32AM (#62647892)
    ...to a legal alternative. Websites can run their own analytics software or use a GDPR compliant service, e.g. https://www.openwebanalytics.c... [openwebanalytics.com]

    I often see Google Analytics JS snippets on websites & wonder, "Who ever looks at that data & do they even have the background knowledge & skills to make anything meaningful & useful from it. It's one thing to have data & metrics & pretty graphs from analyses about it. It's another to know what it means & what you can do about it. I very much doubt that many people who run websites with Google Analytics JS snippets included have any idea what they're doing. It's simply funneling their site visitors' data to Google & the US govt.
  • by sml7291 ( 6482168 ) on Friday June 24, 2022 @11:52AM (#62647938)

    ....(or a equivalent add-on) when they browse the net. The one thing I've never allowed is Google Analytics and I, for one, would highly recommend everyone else follow that example.

    And using such a tool with your browser allows you to see just how much crap is pulled into a page from outside sources. It's positively scary, especially when you consider most web developers are so sloppy about security, especially yours. And much of the outside stuff isn't really needed to display a page, so why is it there?

    I block by default and only allow enough thru to display a page. And there is always the option of not browsing to a site that has too many questionable outside sources being pulled in. Just do a CTRL-U (works on most browsers I've used) to see the source of a page and just try to read thru the garbage you find there on most sites.

    • Yep, that's exactly what I do - and Google Analytics has always been on my "always block" list.

      I sometimes wonder if I can get rid of the ad-blocker, but I'm too lazy to do the relevant experiment. Actually, I might just do that right now.

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...