Google analytics has been a revolutionary tool to gain insights about user interaction with your website. The insights offered by Google analytics has motivated countless websites to revamp their content and layout, to form a better connection with the visitors.
However, the analytics service has found itself in one or another controversy over the years, as the data privacy movement gains ground. This has found Google many times, failing to comply with data protection regulations like the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA). In a bid to comply with such regulations, Google introduced new updates to meet the regulations at par with the regulations in their latest announcement. This announcement is especially useful to businesses getting traffic from European countries and California.
With this new update, marketers can now do the following to become more compliant with the GDPR or CCPA regulations;
- Disable Analytics Data Collection (from Web or App)
- Disable collection of Advertising Data (from Web or App)
- Disable Advertising Personalisation (from App and Web)
Let’s examine the impact of these updates closely.
Existing Compliant Features and Tools
Google analytics reminded their users about settings available in their tools that make them GDPR compliant. The users were reminded to make optimal use of facilities like anonymizing IP, privacy controls, data sharing settings, and other features already available with them.
More Authority Over Data
The users now have much more authority on what to do with the data generated. The new data retention feature empowers you to decide for how long the individual Google Analytics data is stored until it is automatically deleted. By default, the data will get deleted after a period of 26 months.
Also, Google Analytics now lets you delete the data of a user if they explicitly ask to delete their information.
Updated Data Processing Terms
Data processing terms provide you insights about how the data will be processed and with whom the data will be shared. Google has made considerable changes in its data processing terms to better accommodate European users as per GDPR standards. The updated document secures data privacy and highlights the responsibility of the users to intimate and seek consent from the visitors about the sharing of their data.
Google has made newer additions in its standard contract representing Google Analytics and Google Analytics Firebase as a ‘data processor’. This move is compliant to new norms established by the GDPR. However, the service becomes a ‘shared controller of data’ if you authorize Google Analytics to share your user data with Google Ads.
While some of these updates make the data collection system a little simpler, some make it a bit more complex for the users to execute. The data deletion mechanism, although empowers the visitors, turns the matter more complex for marketers. Since you can not delete the data for a single user, you need to deploy Google Analytics User Deletion API in your code to delete the data of an individual visitor.
Long Way to Go
The introduction of a newer update takes Google Analytics a few steps forward towards compliances set up by GDPR. However, the analytics service still has a long road to cover. Google uses visitor’s data from Google Analytics to make their services better. This can be seen as a privacy breach by many. Also, the agreement between IAB Europe and Google takes the data consent system in the right direction. However, it still misses establishing any reliable framework for handling analytics data.