France’s privacy overseer has told Alphabet Inc., Google’s parent company, that an unnamed website cannot use Google Analytics because it transfers personal information to the United States in breach of the European Union’s privacy law, the agency announced Thursday (Feb 10).
The Commission Nationale de l’informatique et des Libertés (CNIL), an independent regulator that polices data privacy laws, said the ruling stemmed from complaints by the European Center for Digital Rights (NOYB), a Vienna-based non-profit founded to launch court cases in support of the General Data Protection Regulation (GDPR), the ePrivacy measure.
NOYB filed 101 complaints in the 27 EU member states and the three other European Economic Area states about the alleged transfer of personal data to the U.S. through Google Analytics. The website(s) were not named.
“The CNIL considers that these transfers are illegal and orders a French website manager to comply with the GDPR and, if necessary, to stop using this service under the current conditions,” the agency said in statement.
This is just the latest controversy for the tech giant. Last month, the District of Columbia filed suit alleging the Big Tech company recorded customers’ locations after users tried to turn off the company’s tracking on their web browsers and smartphones.
Read more: Google Faces Lawsuit Over Alleged Deceptive Location Tracking
The complaint, filed the Superior Court of the District of Columbia, asserts that Google’s location tracking system is constructed in a way that makes it impossible for users to opt out, and Google misled users about how privacy settings could protect their data within apps and at the device level on Android.
In addition, the 43-page suit contended Google relies on deceptive dark pattern design to force users into making choices counter to their own interests.
Similar lawsuits are being filed in Indiana, Texas and Washington state courts, The Wall Street Journal (WSJ) reported.
Google has disputed the claims.