Austrian Website Found in Violation of GDPR Due to Google Analytics

Google Analytics

An Austrian data protection agent has discovered that a health-centric site has violated the GDPR because of its use of Google Analytics.

A complaint has been made to Google and as it’s found to be transferring site visitors’ personal data for processing to the United States, which spells trouble to US cloud services.

The website lacked an IP address anonymization function and violated the EU’s GDPR, or General Data Protection Regulation by sending user data out the bloc. The regulator noted that US intelligence services make use of identifiers such as unique IDs and IP addresses to conduct surveillance against individuals, and stated that they may already have collected information through the website in question.

The DPA also mentioned that Google lacked sufficient safeguards to block US intelligence services and meet the standards set by the GDPR. At this point it’s unclear whether the site will face a penalty for the breach or not.

About author

Richard is the editor-in-chief at FCT. He joined our team in 2014. He is responsible for many of the blog posts you see on our site today. Richard likes to look into technical issues and write about his findings or provide tutorials on how to solve your problem with CSS.