Is Google Analytics Banned in the EU? – TLDR

7 points

3 years ago

Finland is the latest EU country to crack down on Google Analytics. So again the question arises: Do you really need to get rid of GA in the EU?

(Full disclosure. I'm the founder of Simple Analytics. A privacy-friendly GA alternative). I intend not to advocate for you to switch or pitch my product. (Heck, please stay away from it if you love tracking every move someone makes on your website).

I want to give you an update on the EU stance toward GA. As people are raising questions, and the legislation is quite fuzzy.

Is GA illegal in the EU? No, it is not yet, in theory, however, in practice, it is. Let me explain: A few EU countries (Italy, Austria, Finland, Denmark, and France) have fined specific cases for using GA. So there is not a nationwide ban. However, these cases set a precedent. In theory, other companies might employ better safeguards than the specific cases and be safe, but this is in practice impossible.

Is every EU country for themselves? No. It seems that EU countries independently issue press releases and work on their own cases, but the EPDB has created an overarching task force to make this an EU-wide matter. So the fact that France banned a specific case from using GA, makes it very likely the Spanish or Dutch privacy authority thinks the same.

What was the problem again? The problem is the data transfers to the US. The GDPR is founded to protect EU citizens. After the Snowden revelations, noyb (a privacy NGO) argued that EU citizens' data is not protected enough when transferred to the US. Noyb won the court battle, and this issue is still the case now. Google is a US-based company that transfers data to the US. They do have an EU entity in Ireland, but this does not prevent all this. This is why Google Analytics is unlawful.

What is the solution? The US needs new legislation in place to protect EU data. The first steps are being made, the EU and the US negotiated a new data transfer agreement called Trans Atlantic Privacy Framework. US President Joe Biden signed an executive order to make the framework possible.

When can we expect a solution? This will take a while. The upcoming framework will certainly be challenged before the Court of Justice of the EU by noyb again. They already stated they are going to do this. It's difficult to say how this will play out.

In conclusion, in theory, there is not an EU-wide ban on GA. However, in practice, using GA does not comply with GPDR law.

Free feel to drop your questions or reach out to me: @ AdriaanvRossum on Twitter.

4 comments