More than $1M in fines imposed by Swedish watchdog for Google Analytics privacy violations

Swedish telecommunications provider Tele2 and local online retailer CDON have been fined by the country's data protection regulator IMY more than $1.1 million and less than $30,000, respectively, for using Google Analytics, which was found to be in violation of the European Union's General Data Protection Regulation rules, according to TechCrunch. Google's supplementary measures for protecting European users' data sent to the U.S. were inadequate, noted the IMY, which said that the company was not able to show the effectiveness of its IP address trunctation usage. "In its audits, IMY considers that the data transferred to the U.S. via Google's statistics tool is personal data because the data can be linked with other unique data that is transferred. The authority also concludes that the technical security measures that the companies have taken are not sufficient to ensure a level of protection that essentially corresponds to that guaranteed within the EU/EEA," said the regulator, which noted that Google Analytics was also used by Dagens Industries and Coop but no fines have been given to both companies.