Contact
22. September 2022

Denmark: Google Analytics declared unlawful

Google Analytics can no longer be used in a legally compliant manner without further measures. With its decision, Denmark's agency joins other data protection authorities in Europe.

It is the next momentous decision by a European data protection authority. The Danish Datatilsynet has published its assessment of the legality of Google Analytics. The result is clear: Google Analytics may no longer be used without putting further protection measures in place.

“We have carefully reviewed the possible settings of Google Analytics and have come to the conclusion that you cannot use the tool in its current form without implementing supplementary measures”, said Makar Juhl Holst, Senior Legal Advisor at the Danish Data Protection Agency.

In its assessment, the agency refers to the previous decisions of the data protection agencies in Austria, France and Italy, which came to the same conclusions on the issue of Google Analytics.

Google’s changes are not enough

Since the decision of the Austrian data protection agency, Google has implemented additional setting options that are supposed to enable legally compliant tracking. However, even these changes are not sufficient to ensure legal compliance, according to the Danish agency.

The agency recommends that users of Google Analytics take measures that will restore the legality of the tools. As a possible measure, it explicitly mentions the implementation of pseudonymisation through reverse proxy servers, referring to a solution that the French data protection agency CNIL proposed earlier this year. In doing so, the French agency confirmed the functional principle of JENTIS as a legitimate solution.

Source: datatilsynet

Update: In July 2023, the EU Commission approved the new EU-US Data Privacy Framework (DPF), removing many of the restrictions of Schrems II and making it much easier for organisations to transfer EU personal data to the US. However, the new framework will be challenged legally by NGOs (possible “Schrems III”). Therefore some legal uncertainty will remain until the Court of Justice of the EU (CJEU) rules on the matter. JENTIS Data Capture Platform enables future-proof GDPR-compliant tracking, regardless of the data privacy framework and potential challenges.

Weitere Beiträge

Product

JENTIS – The most advanced server-side tracking

Server-side tracking is the engine of the JENTIS Data Capture Platform and enables valuable features for organisations that need accurate data analysis, data protection and flexibility in processing user data.

Read more
Blog

Whitepaper: Advanced Server-Side Tracking with a Data Capture Platform

White paper: How to achieve maximum data quality for your marketing with server-side tracking while remaining privacy-compliant.

Read more
Product

Case Study: Google Analytics 4 with 100% Server-side Tracking

Learn how hosting provider World4You captures the maximum data quality for Google Analytics 4 with the JENTIS DCP.

Read more