Google Analytics, Lexbase and Personal Information: A good bad example

Lexbase have been in the news a lot. Controversially, their online search tool allows you to find people who have, or have had, convictions in your local area. It was down for several months – after intense criticism – and is now up again. Its most recent incarnation boasts a new interface and has provoked the same discussion; that a criminal record can allegedly be shown entirely out of context or, in some cases, incorrectly. Even if this is all publicly available information it’s something which is troubling for many, not least Beatrice Ask; the Swedish Justice Minister.

Not only is it an example of a contentious interpretation of Swedish law surrounding ‘yttrandefrihet’ it’s also a great example of what not to do when you install Google Analytics on your site.

The problem is this – run a search on Lexbase using someone’s name, personal number and a geographical area and all this data is sent to Google Analytics. This entirely breaks the terms and conditions of using Google Analytics which explicitly state that you cannot do this. The documentation includes the following:

“…prohibits sending personally identifiable information (PII) to Google Analytics (such as names, social security numbers, email addresses, or any similar data)…..”

Here’s what that looks like – you can see my test search terms being sent as an event, including a personal number and name:

Sceenshot from GA Debugger showing PII being passed on to Google Analytics

Lexbase’s use is an extreme example but sending PII via Google Analytics is something I see happen with websites  on a fairly regular basis, usually accidentally or in ignorance of the terms and conditions. Not only does doing so probably betray your website’s policy statement on your website, and therefore your customer’s trust, but it also risks your Google Account being terminated by Google.