What can Google do to fix the problem?
We’d like to think that a company as big as Google must surely be willing to fix a problem of this scale. Initially, Google reacted to the NOYB complaint by referring to the encryption of Google Analytics data, but the Austrian regulator concluded that the encryption is insufficient to exclude any threat of espionage from the US. Despite the judges’ statements, internal documents reveal that Facebook, that other tech titan, is convinced there aren’t any privacy protection problems when shipping data from the EU to the US.
Darko: “I think that if this continues, Google Analytics will eventually be banned in Europe, but in the long run, US companies will simply have to adapt, or US providers will have to host foreign data outside of the United States.”
So, the most obvious solution for Google would be to move data storage centres to Europe where Google Analytics can store all data from European citizens, which would mean that Atlantic transmission of data would cease to be an issue. In that scenario, the data would then be automatically protected against possible access from US intelligence agencies.
However, when asked if Google intends to open a European data storage, a spokesperson told Wired the company has no plans to share. And even if that were the case, it is unclear if core GA services (account management, quality control, data science, etc.) would still be situated in the US, and if they were, the net result would remain unchanged: they’d still be able to access your data.
An alternative solution would be to replace the Privacy Shield that was declared invalid back in 2020, but as yet no concrete proposals for doing so have been made. Besides, reforming the late Privacy Shield is in long talks by the EU-US department of commerce and in Darko’s opinion, will not do any good, because the bigger issue here is that the EU-US data schism will not go away and will stay with us for a while. If US surveillance law remains in effect, this ping-pong issue will be with us for a long time.
Another fix for Google could be to change Google Analytics’ data collection, so they would stop trespassing on European privacy laws. Darko thinks of all the solutions, this seems the most workable: “I think that Google needs to comply 100% with the GDPR and EU laws, and stop ignoring the EU Supervisory Authority and European Court of Justice. But instead, Google has responded by insisting that local and regional authorities should be held responsible for their problem and are lobbying US and European lawmakers to come up with new regulations that secures data transmission across the Atlantic. The hope for a quick-fix like this seems to be more of an illusion than reality.