Recherche avancée

Sur d’autres sites (7229)

• Data Privacy Issues to Be Aware of and How to Overcome Them

  9 mai 2024, par Erin

  Data privacy issues are a significant concern for users globally.

  Around 76% of US consumers report that they would not buy from a company they do not trust with their data. In the European Union, a 2021 study found that around 53% of EU internet users refused to let companies access their data for advertising purposes.

  These findings send a clear message : if companies want to build consumer trust, they must honour users’ data privacy concerns. The best way to do this is by adopting transparent, ethical data collection practices — which also supports the simultaneous goal of maintaining compliance with regional data privacy acts.

  So what exactly is data privacy ?

  

  Data privacy refers to the protections that govern how personal data is collected and used, especially with respect to an individual’s control over when, where and what information they share with others.

  Data privacy also refers to the extent to which organisations and governments go to protect the personal data that they collect. Different parts of the world have different data privacy acts. These regulations outline the measures organisations must take to safeguard the data they collect from their consumers and residents. They also outline the rights of data subjects, such as the right to opt out of a data collection strategy and correct false data. 

  As more organisations rely on personal data to provide services, people have become increasingly concerned about data privacy, particularly the level of control they have over their data and what organisations and governments do with their data.

  Why should organisations take data privacy issues seriously ?

  Organisations should take data privacy seriously because consumer trust depends on it and because they have a legal obligation to do so. Doing so also helps organisations prevent threat actors from illegally accessing consumer data. Strong data privacy helps you : 

  Comply with data protection acts

  Organisations that fail to comply with regional data protection acts could face severe penalties. For example, consider the General Data Protection Regulation (GDPR), which is the primary data protection action for the European Union. The penalty system for GDPR fines consists of two tiers :

  • Less severe infringements — Which can lead to fines of up to €10 million (or 2% of an organisation’s worldwide annual revenue from the last financial year) per infringement.
  • More severe infringements — This can lead to fines of up to €20 million (or 4% of an organisation’s worldwide annual revenue from the last financial year) per infringement.

  The monetary value of these penalties is significant, so it is in the best interest of all organisations to be GDPR compliant. Other data protection acts have similar penalty systems to the GDPR. In Brazil, organisations non-compliant with the Lei Geral de Proteção de Dados Pessoais (LGPD) could be fined up to 50 million reals (USD 10 million) or 2% of their worldwide annual revenue from the last financial year.

  Improve brand reputation

  Research shows that 81% of consumers feel that how an organisation treats their data reflects how they treat them as a consumer. This means a strong correlation exists between how people perceive an organisation’s data collection practices and their other business activities.

  

  Data breaches can have a significant impact on an organisation, especially their reputation and level of consumer trust. In 2022, hackers stole customer data from the Australian private health insurance company, Medibank, and released the data onto the dark web. Optus was also affected by a cyberattack, which compromised the information of current and former customers. Following these events, a study by Nature revealed that 83 percent of Australians were concerned about the security of their data, particularly in the hands of their service providers.

  Protect consumer data

  Protecting consumer data is essential to preventing data breaches. Unfortunately, cybersecurity attacks are becoming increasingly sophisticated. In 2023 alone, organisations like T-Mobile and Sony have been compromised and their data stolen.

  One way to protect consumer data is to retain 100% data ownership. This means that no external parties can see your data. You can achieve this with the web analytics platform, Matomo. With Matomo, you can store your own data on-premises (your own servers) or in the Cloud. Under both arrangements, you retain full ownership of your data.

  Try Matomo for Free

  Get the web insights you need, while respecting user privacy.

  Start for free

  No credit card required

  What are the most pressing data privacy issues that organisations are facing today ?

  Today’s most pressing data privacy challenges organisations face are complying with new data protection acts, maintaining consumer trust, and choosing the right web analytics platform. Here is a detailed breakdown of what these challenges mean for businesses.

  Complying with new and emerging data protection laws

  Ever since the European Union introduced the GDPR in 2018, other regions have enacted similar data protection acts. In the United States, California (CCPA), Virginia (VCDPA) and Colorado have their own state-level data protection acts. Meanwhile, Brazil and China have the General Data Protection Law (LGPD) and the Personal Information Protection Law (PIPL), respectively.

  For global organisations, complying with multiple data protection acts can be tough, as each act interprets the GDPR model differently. They each have their own provisions, terminology (or different interpretations of the same terminology), and penalties.

  A web analytics platform like Matomo can help your organisation comply with the GDPR and similar data protection acts. It has a range of privacy-friendly features including data anonymisation, IP anonymisation, and first-party cookies by default. You can also create and publish custom opt-out forms and let visitors view your collected data.

  

  Today’s most pressing data privacy challenges organisations face are complying with new data protection acts, maintaining consumer trust, and choosing the right web analytics platform. Here is a detailed breakdown of what these challenges mean for businesses.

  Complying with new and emerging data protection laws

  Ever since the European Union introduced the GDPR in 2018, other regions have enacted similar data protection acts. In the United States, California (CCPA), Virginia (VCDPA) and Colorado have their own state-level data protection acts. Meanwhile, Brazil and China have the General Data Protection Law (LGPD) and the Personal Information Protection Law (PIPL), respectively.

  For global organisations, complying with multiple data protection acts can be tough, as each act interprets the GDPR model differently. They each have their own provisions, terminology (or different interpretations of the same terminology), and penalties.

  A web analytics platform like Matomo can help your organisation comply with the GDPR and similar data protection acts. It has a range of privacy-friendly features including data anonymisation, IP anonymisation, and first-party cookies by default. You can also create and publish custom opt-out forms and let visitors view your collected data.

  Try Matomo for Free

  Get the web insights you need, while respecting user privacy.

  Start for free

  No credit card required

  Maintaining consumer trust

  Building (and maintaining) consumer trust is a major hurdle for organisations. Stories about data breaches and data scandals — notably the Cambridge Analytical scandal — instil fear into the public’s hearts. After a while, people wonder, “Which company is next ?”

  One way to build and maintain trust is to be transparent about your data collection practices. Be open and honest about what data you collect (and why), where you store the data (and for how long), how you protect the data and whether you share data with third parties. 

  You should also prepare and publish your cyber incident response plan. Outline the steps you will take to contain, assess and manage a data breach.

  Choosing the right web analytics platform

  Organisations use web analytics to track and monitor web traffic, manage advertising campaigns and identify potential revenue streams. The most widely used web analytics platform is Google Analytics ; however, many users have raised concerns about privacy issues. 

  When searching for a Google Analytics alternative, consider a web analytics platform that takes data privacy seriously. Features like cookieless tracking, data anonymisation and IP anonymisation will let you track user activity without collecting personal data. Custom opt-out forms will let your web visitors enforce their data subject rights.

  What data protection acts exist right now ?

  

  As time goes on and more countries introduce their own data privacy laws, it becomes harder for organisations to adapt. Understanding the basics of each act can help streamline compliance. Here is what you need to know about the latest data protection acts.

  General Data Protection Regulation (GDPR)

  The GDPR is a data protection act created by the European Parliament and Council of the European Union. It comprises 11 chapters covering the general provisions, principles, data subject rights, penalties and other relevant information.

  The GDPR established a framework for organisations and governments to follow regarding the collection, processing, storing, transferring and deletion of personal data. Since coming into effect on 25 May 2018, other countries have used the GDPR as a model to enact similar data protection acts.

  General Data Protection Law (LGPD)

  The LGPD is Brazil’s main data protection act. The Federal Republic of Brazil signed the act on August 14, 2018, and it officially commenced on August 16, 2020. The act aimed to unify the 40 Brazilian laws that previously governed the country’s approach to processing personal data.

  Like the GDPR, the LGPD serves as a legal framework to regulate the collection and usage of personal data. It also outlines the duties of the national data protection authority, the Autoridade Nacional de Proteção de Dados (ANPD), which is responsible for enforcing the LGPD.

  Privacy Amendment (Notifiable Data Breaches) for the Privacy Act 1988

  Established by the Australian House of Representatives, the Privacy Act 1988 outlines how organisations and governments must manage personal data. The federal government has amended the Privacy Act 1988 twice — once in 2000, and again in 2014 — and is committing to a significant overhaul.

  The new proposals will make it easier for individuals to opt out of data collection, organisations will have to destroy collected data after a reasonable period, and small businesses will no longer be exempt from the Privacy Act.

  United States

  

  The United States does not have a federally mandated data protection act. Instead, each state has been gradually introducing its data protection acts, with the first being California, followed by Virginia and Colorado. Over a dozen other states are following suit, too.

  • California — The then-Governor of California Jerry Brown signed the California Consumer Privacy Act (CCPA) into law on June 28, 2018. The act applies to organisations with gross annual revenue of more than USD 25 million, and that buy or sell products and services to 100,000 or more households or consumers.
  • Virginia — The Virginia Consumer Data Protection Act (VCDPA) took effect on January 1, 2023. It applies to organisations that process (or control) the personal data of 100,000 or more consumers in a financial year. It also applies to organisations that process (or control) the personal data of 25,000 or more consumers and gain more than 50% of gross revenue by selling that data.
  • Colorado — Colorado Governor Jared Polis signed the Colorado Privacy Act (ColoPA) into law in July 2021. The act applies to organisations that process (or control) the personal data of 100,000 or more Colorado residents annually. It also applies to organisations that earn revenue from the sale of personal data of at least 25,000 Colorado residents.

  Because the US regulations are a patchwork of differing legal acts, compliance can be a complicated endeavour for organisations operating across multiple jurisdictions. 

  How can organisations comply with data protection acts ?

  One way to ensure compliance is to keep up with the latest data protection acts. But that is a very time-consuming task.

  Over 16 US states are in the process of signing new acts. And countries like China, Turkey and Australia are about to overhaul — in a big way — their own data privacy protection acts. 

  Knowledge is power. But you also have a business to run, right ? 

  That’s where Matomo comes in.

  Streamline data privacy compliance with Matomo

  Although data privacy is a major concern for individuals and companies operating in multiple parts of the world — as they must comply with new, conflicting data protection laws — it is possible to overcome the biggest data privacy issues.

  Matomo enables your visitors to take back control of their data. You can choose where you store your data on-premises and in the Cloud (EU-based). You can use various features, retain 100% data ownership, protect visitor privacy and ensure compliance.

  Try the 21-day free trial of Matomo today, start your free analytics trial. No credit card required.

  Try Matomo for Free

  21 day free trial. No credit card required.

  
  

  Your email address
  

  Your website address
  

  Your Analytics subdomain will be .matomo.cloud (change)

  Choose your analytics subdomain
  

  .matomo.cloud

  I accept the terms and conditions and data processing agreement (DPA)

  
  Your information will be used to create an account on our cloud service. For more information please consult our privacy policy.
  
  
  

  Start improving your websites now

  

• Unable to Access IP Camera in OpenCV

  3 janvier 2017, par user7258890

  I’m trying to use Javafx and OpenCV to access a webcam (Axis M1013) over wireless to run vision processing for my FRC team. When I run my code, I can access the GUI that I made using Scenebuilder, but when I try to start the camera, the program crashes. It seems to me like it’s having trouble utilizing the VideoCapture class. I know for a fact that my problem is not with the camera, because i can access the feed through a browser feed, and my laptop’s webcam will work fine. I’m using OpevCV version 2.4.13, jdk 8u101x64, and ffmpeg 3.2

  I have looked at other posts at :

  stackoverflow.com/questions/18625948/opencv-java-unsatisfiedlinkerror

  answers.opencv.org/question/21720/java-webcam-capture

  answers.opencv.org/question/20071/unsatisfiedlinkerror-given-by-highghuiimread-on-java

  I have tried the solutions mentioned in all of these. So far, none have resolved my problem.

  My code is based mostly off the tutorials at :

  opencv-java-tutorials.readthedocs.io/en/latest/03-first-javafx-application-with-opencv.html

  Here is my main java code :

      @Override 
  
  public void start(Stage primaryStage) {
  
      System.load("C:\\opencv\\build\\x64\\vc12\\bin\\opencv_ffmpeg_64.dll");
  
      try {
  
          FXMLLoader loader = new FXMLLoader(getClass().getResource("Sample.fxml"));
  
          BorderPane root = (BorderPane) loader.load();
  
          Scene scene = new Scene(root, 400, 400);
  
          scene.getStylesheets().add(getClass().getResource("application.css").toExternalForm());
  
          primaryStage.setScene(scene);
  
          primaryStage.show();
  
      } catch(Exception e) {
  
          System.out.println("error opening camera gui");
  
      }
  
  }
  
  
  
  public static void main(String[] args) {
  
      launch(args);
  
  }

  And here is my camera controller :

  public class SampleController {
  
  @FXML
  
  private Button Start_btn;
  
  
  
  @FXML
  
  private ImageView currentFrame;
  
  private ScheduledExecutorService timer;
  
  private VideoCapture capture;
  
  private boolean cameraActive = false;
  
  
  
  @FXML
  
  public void startCamera()
  
  {
  
      System.loadLibrary("opencv_ffmpeg_64");
  
      if (!this.cameraActive)
  
      {
  
          try
  
          {
  
           capture = new VideoCapture("http://FRC:FRC@axis-camera-223-catapult.lan:554/mjpg/1/video.mjpg");
  
          }
  
          catch (Exception e)
  
          {
  
              System.out.println("an error occured when attempting to access camera.");
  
          }
  
          // is the video stream available?
  
          if (this.capture.isOpened())
  
          {
  
              this.cameraActive = true;
  
  
  
              // grab a frame every 33 ms (30 frames/sec)
  
              Runnable frameGrabber = new Runnable() {
  
  
  
                  @Override
  
                  public void run()
  
                  {
  
                      // effectively grab and process a single frame
  
                      Mat frame = grabFrame();
  
                      // convert and show the frame
  
                      Image imageToShow = Utils.mat2Image(frame);
  
                      updateImageView(currentFrame, imageToShow);
  
                  }
  
              };
  
  
  
              this.timer = Executors.newSingleThreadScheduledExecutor();
  
              this.timer.scheduleAtFixedRate(frameGrabber, 0, 33, TimeUnit.MILLISECONDS);
  
  
  
              // update the button content
  
              this.Start_btn.setText("Stop Camera");
  
          }
  
          else
  
          {
  
              // log the error
  
              System.err.println("Impossible to open the camera connection...");
  
          }
  
      }
  
      else
  
      {
  
          // the camera is not active at this point
  
          this.cameraActive = false;
  
          // update again the button content
  
          this.Start_btn.setText("Start Camera");
  
  
  
          // stop the timer
  
          this.stopAquisition();
  
      }
  
  
  
      System.out.println("Camera is now on.");
  
  }
  
  
  
  /**
  
   * Get frame from open video
  
   * @return
  
   */
  
      private Mat grabFrame()
  
  
  
      {
  
          Mat frame = new Mat();
  
          if (this.capture.isOpened())
  
          {
  
              try
  
              {
  
                  this.capture.read(frame);
  
  
  
                  }
  
          catch (Exception e)
  
          {
  
              System.err.println("Exception during the image elaboration: " + e);
  
          }
  
      }
  
      return frame;
  
  }
  
      private void stopAquisition()
  
      {
  
          if (this.timer!=null && !this.timer.isShutdown())
  
          {
  
              try
  
              {
  
                  this.timer.shutdown();
  
                  this.timer.awaitTermination(33, TimeUnit.MILLISECONDS);
  
              }
  
              catch (InterruptedException e)
  
              {
  
                  System.err.println("Exception in stopping the frame capture, trying to release camera now..." + e);
  
  
  
              }
  
          }
  
          if (this.capture.isOpened())
  
          {
  
              this.capture.release();
  
          }
  
      }
  
      private void updateImageView(ImageView view, Image image)
  
      {
  
          Utils.onFXThread(view.imageProperty(), image);
  
      }
  
      protected void setClosed()
  
      { 
  
          this.stopAquisition();
  
      }
  
  }

  When I try and run this as i have said before, the GUI will launch, but when i try and open the camera, i get an error message :

  Exception in thread "JavaFX Application Thread" java.lang.RuntimeException: java.lang.reflect.InvocationTargetException
  
  at javafx.fxml.FXMLLoader$MethodHandler.invoke(FXMLLoader.java:1774)
  
  at javafx.fxml.FXMLLoader$ControllerMethodEventHandler.handle(FXMLLoader.java:1657)
  
  at com.sun.javafx.event.CompositeEventHandler.dispatchBubblingEvent(CompositeEventHandler.java:86)
  
  at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:238)
  
  at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:191)
  
  at com.sun.javafx.event.CompositeEventDispatcher.dispatchBubblingEvent(CompositeEventDispatcher.java:59)
  
  at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:58)
  
  at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
  
  at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
  
  at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
  
  at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
  
  at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
  
  at com.sun.javafx.event.EventUtil.fireEventImpl(EventUtil.java:74)
  
  at com.sun.javafx.event.EventUtil.fireEvent(EventUtil.java:49)
  
  at javafx.event.Event.fireEvent(Event.java:198)
  
  at javafx.scene.Node.fireEvent(Node.java:8411)
  
  at javafx.scene.control.Button.fire(Button.java:185)
  
  at com.sun.javafx.scene.control.behavior.ButtonBehavior.mouseReleased(ButtonBehavior.java:182)
  
  at com.sun.javafx.scene.control.skin.BehaviorSkinBase$1.handle(BehaviorSkinBase.java:96)
  
  at com.sun.javafx.scene.control.skin.BehaviorSkinBase$1.handle(BehaviorSkinBase.java:89)
  
  at com.sun.javafx.event.CompositeEventHandler$NormalEventHandlerRecord.handleBubblingEvent(CompositeEventHandler.java:218)
  
  at com.sun.javafx.event.CompositeEventHandler.dispatchBubblingEvent(CompositeEventHandler.java:80)
  
  at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:238)
  
  at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:191)
  
  at com.sun.javafx.event.CompositeEventDispatcher.dispatchBubblingEvent(CompositeEventDispatcher.java:59)
  
  at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:58)
  
  at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
  
  at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
  
  at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
  
  at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:56)
  
  at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:114)
  
  at com.sun.javafx.event.EventUtil.fireEventImpl(EventUtil.java:74)
  
  at com.sun.javafx.event.EventUtil.fireEvent(EventUtil.java:54)
  
  at javafx.event.Event.fireEvent(Event.java:198)
  
  at javafx.scene.Scene$MouseHandler.process(Scene.java:3757)
  
  at javafx.scene.Scene$MouseHandler.access$1500(Scene.java:3485)
  
  at javafx.scene.Scene.impl_processMouseEvent(Scene.java:1762)
  
  at javafx.scene.Scene$ScenePeerListener.mouseEvent(Scene.java:2494)
  
  at com.sun.javafx.tk.quantum.GlassViewEventHandler$MouseEventNotification.run(GlassViewEventHandler.java:380)
  
  at com.sun.javafx.tk.quantum.GlassViewEventHandler$MouseEventNotification.run(GlassViewEventHandler.java:294)
  
  at java.security.AccessController.doPrivileged(Native Method)
  
  at com.sun.javafx.tk.quantum.GlassViewEventHandler.lambda$handleMouseEvent$354(GlassViewEventHandler.java:416)
  
  at com.sun.javafx.tk.quantum.QuantumToolkit.runWithoutRenderLock(QuantumToolkit.java:389)
  
  at com.sun.javafx.tk.quantum.GlassViewEventHandler.handleMouseEvent(GlassViewEventHandler.java:415)
  
  at com.sun.glass.ui.View.handleMouseEvent(View.java:555)
  
  at com.sun.glass.ui.View.notifyMouse(View.java:937)
  
  at com.sun.glass.ui.win.WinApplication._runLoop(Native Method)
  
  at com.sun.glass.ui.win.WinApplication.lambda$null$148(WinApplication.java:191)
  
  at java.lang.Thread.run(Unknown Source)
  
  Caused by: java.lang.reflect.InvocationTargetException
  
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  
  at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
  
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
  
  at java.lang.reflect.Method.invoke(Unknown Source)
  
  at sun.reflect.misc.Trampoline.invoke(Unknown Source)
  
  at sun.reflect.GeneratedMethodAccessor1.invoke(Unknown Source)
  
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
  
  at java.lang.reflect.Method.invoke(Unknown Source)
  
  at sun.reflect.misc.MethodUtil.invoke(Unknown Source)
  
  at javafx.fxml.FXMLLoader$MethodHandler.invoke(FXMLLoader.java:1771)
  
  ... 48 more
  
  Caused by: java.lang.UnsatisfiedLinkError:     org.opencv.highgui.VideoCapture.VideoCapture_1(Ljava/lang/String;)J
  
  at org.opencv.highgui.VideoCapture.VideoCapture_1(Native Method)
  
  at org.opencv.highgui.VideoCapture.<init>(VideoCapture.java:128)
  
  at jfxtest1.SampleController.startCamera(SampleController.java:36)
  
  ... 58 more
  
  </init>

  If anyone can help me, that would be much appreciated.

  Thanks in advance.

• Meta Receives a Record GDPR Fine from The Irish Data Protection Commission

  29 mai 2023, par Erin — GDPR

  The Irish Data Protection Commission (the DPC) issued a €1.2 billion fine to Meta on May, 22nd 2023 for violating the General Data Protection Regulation (GDPR). 

  The regulator ruled that Meta was unlawfully transferring European users’ data to its US-based servers and taking no sufficient measures for ensuring users’ privacy. 

  Meta must now suspend data transfer within five months and delete EU/EEA users’ personal data that was illegally transferred across the border. Or they risk facing another round of repercussions. 

  Meta continued to transfer personal user data to the USA following an earlier ruling of The Court of Justice of the European Union (CJEU), which already address problematic EU-U.S. data flows. Meta continued those transfers on the basis of the updated Standard Contractual Clauses (“SCCs”), adopted by the European Commission in 2021. 

  The Irish regulator successfully proved that these arrangements had not sufficiently addressed the “fundamental rights and freedoms” of the European data subjects, outlined in the CJEU ruling. Meta was not doing enough to protect EU users’ data against possible surveillance and unconsented usage by US authorities or other authorised entities.

  Why European Regulators Are After The US Big Tech Firms ? 

  GDPR regulations have been a sore area of compliance for US-based big tech companies. 

  Effectively, they had to adopt a host of new measures for collecting user consent, ensuring compliant data storage and the right to request data removal for a substantial part of their user bases. 

  The wrinkle, however, is that companies like Google and Meta among others, don’t have separate data processing infrastructure for different markets. Instead, all the user data gets commingled on the companies’ servers, which are located in the US. 

  Data storage facilities’ location is an issue. In 2020, the CJEU made a historical ruling, called the invalidation of the Privacy Shield. Originally, international companies were allowed to transfer data between the EU and the US if they adhered to seven data protection principles. This arrangement was called the Privacy Shield. 

  However, the continuous investigation found that the Privacy Shield scheme was not GDPR compliant and therefore companies could no longer use it to justify cross-border data transfers.

  The invalidation of the Privacy Shield gave ground for further investigations of the big tech companies’ compliance statuses. 

  In March 2022, the Irish DPC issued the first €17 million fine to Meta for “insufficient technical and organisational measures to ensure information security of European users”. In September 2022, Meta was again hit with a €405 million fine for Instagram breaching GDPR principles. 

  2023 began with another series of rulings, with the DPC concluding that Meta had breaches of the GDPR relating to its Facebook service (€210 million fine) and breaches related to Instagram (€180 million fine). 

  Clearly, Meta already knew they weren’t doing enough for GDPR compliance and yet they refused to take privacy-focused action. 

  Is Google GDPR Compliant ?

  Google has a similar “track record” as Meta when it comes to ensuring full compliance with the GDPR. Although Google has said to provide users with more controls for managing their data privacy, the proposed solutions are just scratching the surface. 

  In the background, Google continues to leverage its ample reserves of user browsing, behavioural and device data in product development and advertising. 

  In 2022, the Irish Council for Civil Liberties (ICCL) found that Google used web users’ information in its real-time bidding ad system without their knowledge or consent. The French data regulator (CNIL), in turn, fined Google for €150 million because of poor cookie consent banners the same year. 

  Google Analytics GDPR compliance status is, however, the bigger concern.

  Neither Google Univeral Analytics (UA) nor Google Analytics 4 are GDPR compliant, following the Privacy Shield framework invalidation in 2020. 

  Fines from individual regulators in Sweden, France, Austria, Italy, Denmark, Finland and Norway ruled that Google Analytics is non-GDPR compliant and is therefore illegal to use. 

  The regulatory rulings not just affect Google, but also GA users. Because the product is in breach of European privacy laws, people using it are complacent. Privacy groups like noyb, for example, are exercising their right to sue individual websites, using Google Analytics.

  How to Stay GDPR Compliant With Website Analytics 

  To avoid any potential risk exposure, selectively investigate each website analytics provider’s data storage and management practices. 

  Inquire about the company’s data storage locations among the first things. For example, Matomo Cloud keeps all the data in the EU, while Matomo On-Premise edition gives you the option to store data in any country of your choice. 

  Secondly, ask about their process for consent tracking and subsequent data analysis. Our website analytics product is fully GDPR compliant as we have first-party cookies enabled by default, offer a convenient option of tracking out-outs, provide a data removal mechanism and practice safe data storage. In fact, Matomo was approved by the French Data Protection Authority (CNIL) as one of the few web analytics apps that can be used to collect data without tracking consent. 

  Using an in-built GDPR Manager, Matomo users can implement the right set of controls for their market and their industry. For example, you can implement extra data or IP anonymization ; disable visitor logs and profiles. 

  Thanks to our privacy-by-design architecture and native controls, users can make their Matomo analytics compliant even with the strictest privacy laws like HIPAA, CCPA, LGPD and PECR. 

  Learn more about GDPR-friendly website analytics.

  Final Thoughts

  Since the GDPR came into effect in 2018, over 1,400 fines have been given to various companies in breach of the regulations. Meta and Google have been initially lax in response to European regulatory demands. But as new fines follow and the consumer pressure mounts, Big Tech companies are forced to take more proactive measures : add opt-outs for personalised ads and introduce an alternative mechanism to third-party cookies. 

  Companies, using non-GDPR-compliant tools risk finding themselves in the crossfire of consumer angst and regulatory criticism. To operate an ethical, compliant business consider privacy-focused alternatives to Google products, especially in the area of website analytics.