EU Proposes Google Share User Search Data with Rivals

Aiming to dismantle Google’s competitive stranglehold across Europe, the European Commission has formally proposed new measures. This landmark enforcement step under the Digital Markets Act (DMA) would require Google to share anonymized user search data with rival search engines and AI chatbots.

Announced on April 15, 2026, the Commission’s preliminary findings outline six specific compliance areas Google must address under Article 6(11) of the DMA.

These include the eligibility criteria for data beneficiaries, the scope of shareable data, frequency and technical means of sharing, anonymization standards, pricing principles under fair, reasonable, and non-discriminatory (FRAND) terms, and governance processes for data access.

Critically, AI chatbots with integrated search functionalities, such as those competing with Google’s own AI products, are explicitly included as eligible data recipients.

EU Proposes Google Share Search Data

The data types in scope cover four core categories: ranking data, query data, click data, and view data, essentially the behavioral feedback loop that continuously trains and strengthens search algorithms.

Google would be required to deliver this data via API, covering the previous 24 hours of European user search activity.

To address re-identification risks, the Commission has embedded several technical protections into its proposed framework.

These include data binning to generalize sensitive fields, suppression of rare or low-frequency queries that could identify individuals, strict contractual obligations placed on data beneficiaries restricting secondary use, and removal of direct personal identifiers before transmission.

The Commission emphasizes that the proposal does not require Google to hand over personal search histories, only anonymized, aggregated behavioral signals.digital-markets-act.

While proponents argue that equitable data access is essential for innovation, particularly as AI-powered search reshapes the digital landscape, critics have raised significant concerns.

Privacy advocates warn that even anonymized query datasets carry fingerprinting risks, as combinations of rare search terms, geolocation metadata, and behavioral patterns can re-identify individuals.

National security analysts have also flagged risks that aggregated European citizen search behavior could be accessible to foreign-owned or insufficiently vetted platforms.

The Commission opened a public consultation, inviting interested parties to submit feedback by May 1, 2026. Following review of responses from both third parties and Google, the Commission will finalize and issue a binding decision no later than July 27, 2026.

These proceedings are separate from but parallel to the Commission’s broader DMA non-compliance enforcement powers against Google, which was designated a gatekeeper platform in September 2023 and has been subject to full DMA obligations since March 2024.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.