Because Google could access data in plain text, the data wasn’t protected from potential surveillance, the body’s decision says. “This transfer was found to be unlawful because there was no adequate level of protection for the personal data transferred,” says Matthias Schmidl, the deputy head of the Austrian data regulator. He adds that website operators cannot use Google Analytics and be in line with GDPR.
At the moment, the decision applies only in Austria and isn’t final….
Source link