According to the GDPR and e-privacy compliance firm Cookiebot’s most recent report (which can be downloaded here), many EU government websites are in breach of the EU’s new GDPR policy.

The facts are quite unnerving for anyone concerned about privacy, or at the least, ensuring that they are following GDPR policies. According to the report, the following disturbing statistics can be found:

  • 89 percent of EU government websites possess third-party trackers.
  • 52 percent of public sector health-care websites have trackers.
  • An estimated 112 third-party companies are monitoring citizens of the EU via public websites.
  • 52 different companies were found to be using trackers on citizens visiting the French government’s website.
  • 82 percent of EU websites have “Google marketing trackers.”

To gather results, researchers scanned 184,683 pages affiliated with 28 .gov domains, discovering “third-party advertising technology (ad tech) trackers from 112 companies” on 89% of the pages scanned. CookieBot claims that the vast majority of these sort of trackers were discovered on third party plugins installed on the Governments pages, including plugins for things like “video players, social sharing widgets, web analytics, galleries and comments sections.” Other trackers were secretly installed to gather information on a visitors health condition so that they could later be targeted by ads for it, a practice strictly forbidden under Article 9 of the GDPR dating back to 2019. Through it all, the only countries found to be in full compliance with their own laws were Germany, Spain and the Netherlands.