The Austrian Data Protection Authority has decided on a model case by noyb that the continuous use of Google Analytics violates the GDPR. This is the first decision on the 101 model complaints filed by noyb in the wake of the so-called “Schrems II” decision. In 2020, the Court of Justice (CJEU) decided that the use of US providers violates the GDPR, as US surveillance laws require US providers like Google or Facebook to provide personal details to US authorities. Similar decisions are expected in other EU member states, as regulators have cooperated on these cases in an EDPB “task force”.
