Sweden fines Tele2, CDON for Google Analytics data transfers

Share post:

Sweden’s data protection watchdog, Swedish Authority for Privacy Protection (IMY) has fined Swedish telco Tele2 and local online retailer CDON for using Google Analytics to transfer European users’ data to the United States.

The fines, totaling over $1.1 million for Tele2 and less than $30,000 for CDON, mark the first penalties resulting from a wave of privacy complaints lodged against Google Analytics and Facebook Connect since August 2020.

IMY said it found that the transfers violated the bloc’s General Data Protection Regulation (GDPR) because they could be accessed by U.S. government surveillance. IMY also found that the companies’ use of Google’s “supplementary measures” to protect the data were not sufficient.

These measures include IP address truncation, which anonymizes IP addresses by removing the last octet. IMY said that Tele2 did not clarify whether the truncation was performed before or after the data was transferred to the U.S., so it could not be sure that the entire IP address was not accessible.

The IMY discovered that Google’s safeguards in the US to secure European users’ data did not fulfil legal norms. The process of truncating IP addresses to anonymize data was unclear, raising worries regarding full IP address access. Coop and Dagens Industries also breached GDPR by utilising Google Analytics to send data to foreign countries, but no penalties were levied.

In addition to the fines, IMY ordered the two companies to stop using Google Analytics.

The sources for this piece include an article in TechCrunch.

SUBSCRIBE NOW

Related articles

Microsoft Ends Support for Office 365 Apps on Windows 10: Hashtag Trending for Friday, January 17, 2025

Microsoft announces they won’t support  Office 365 on Windows 10, D-Wave achieves a quantum computing milestone, TikTok prepares...

Hackers Mount High Speed Microsoft 365 Attack: Cyber Security Today – January 17, 2025

Hackers exploit a high-speed Go library to target Microsoft 365 accounts worldwide, North Korea’s Lazarus group lures developers...

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways