Google’s top scientist Sergei Vassilvitskii is reportedly furious with the European Union (EU). The reason is the EU’s proposal requiring Google to share search engine data with rivals such as OpenAI. In a strongly worded message to the EU, Sergei Vassilvitskii warned that what the EU is asking Google to do risked exposing users’ private information. According to a report in Reuters this is the sternest rebuke yet in a tussle over Google’s lucrative business model. The EU proposal, which will be finalised in the coming weeks following feedback from interested parties, has triggered a furious response from Google which called it regulatory overreach that could jeopardise users’ privacy and security.The European Commission outlined a series of steps that Google should take to allow rival search engines access search data such as ranking, query, click and view data on fair, reasonable and non-discriminatory terms. The EU’s proposed measures cover the scope, means and frequency of the search data Google must share, measures to ensure personal data is made anonymous, processes governing beneficiaries’ access to search data and parameters for setting prices for search data, the commission said.
What Google’s Sergei Vassilvitskii told EU
Sergei Vassilvitskii has held the title of distinguished scientist at Google since 2012 and is widely regarded as a leader in his field. The issue is the European Commission’s proposed method to ensure anonymised personal data. Vassilvitskii has underlined fears that the proposed measures may not be strong enough to prevent modern AI tools from sifting through the data to identify people. Vassilvitskii has reportedly written to Brussels warning that the Commission’s proposed anonymisation scheme for forced search-data sharing is, by his Red team’s own demonstration, breakable in less than 2 hours. “We are concerned because the EC’s approach to anonymization fails to protect Europeans’ privacy: our red team managed to re-identify users in less than two hours,” he said in exclusive written comments to news agency Reuters.For those unaware, Red Team is the company’s dedicated group that acts as ethical hackers by simulating real-world cyberattacks against Google’s products and systems.
Google has time till July 27
Regulators will reportedly decide by July 27 on the exact measures which Google will have to implement. Failure to do so could see the company charged with breaching the Digital Markets Act. Under this Act, Google could be penalised with a fine that may go as high as 10% of its global annual revenue. This is not the first time that the European Commission is going after an American company. The European Commission, which acts as the EU competition enforcer, has in recent years cracked down on America’s biggest technology companies, commonly called Big Tech, via a slew of legislations to ensure that users in Europe have more choices as well as to help small companies in the region get room to compete. DMA was enforced in 2024 with the goal of ending what EU calls Big Tech’s monopoly in favor of fairer competition.
Security researcher Lukasz Olejnik agrees with Google
Vassilvitskii’s alarm comes days after independent security researcher Lukasz Olejnik also raised similar concerns. In a lengthy blog post, Olejnik slammed the EU plan as no less than “one of the biggest risks in Europe this year”. “Through DMA enforcement, it may compel Google to hand over sensitive search data about millions of Europeans to third parties, including entities that could be used as fronts by hostile actors. The privacy risk is serious. The national-security risk is real,” he wrote on X.
