International Cyber Digest@IntCyberDigest
🚨🇪🇺 The European Commission is about to steal your search history in one of the largest forced data grabs in the history of the open internet, and almost nobody is talking about it.
The scope is staggering:
🔴 Every query you type
🔴 Every voice and photo search
🔴 Every autocomplete you accept
🔴 Your language, your device
🔴 Your country pinned to a ~3km² grid
🔴 Every result you saw, every link you hovered
🔴 Every click and scroll
🔴 The full chronological order of your search sessions
Meaning the European Union now knows your:
🔴 Health symptoms
🔴 Pregnancy
🔴 Sexual orientation
🔴 Political views
🔴 Religious beliefs
🔴 Financial distress
🔴 Legal trouble
🔴 Addictions
🔴 Affairs
Under the proposed measures for DMA Article 6(11), Google would be ordered to ship the daily search behaviour of hundreds of millions of Europeans to multiple third parties through a daily API feed. Any approved "online search engine," AI chatbots included, would get five years of access.
The things people only ever type when they think no one is watching. All of it now scheduled to flow daily into an open-ended list of third parties scattered across the European Union.
Brussels promises "anonymisation." The reality is a thin technical veneer that has been broken in academic literature again and again for over a decade. Search behaviour is a fingerprint. Stripping a name does not change that.
Mass data leaks become inevitable. Every new beneficiary is a new attack surface, and every annual audit is a year of silent exposure between checks. The 2025 Discord vendor breach already showed how fast 70,000 government IDs can leak through a single weak link. Now imagine that link holding Europe's search history.
Surveillance without consent becomes the default. Hundreds of millions of EU citizens never agreed to have their queries packaged and shipped to companies they have never heard of. The legal fiction of "anonymisation" cannot manufacture consent that was never given.
Behavioural search data is a goldmine for phishing, blackmail, social engineering, and corporate espionage.
Foreign intelligence services get a back door without effort. They do not need to breach Google. They only need to compromise the weakest name on the beneficiary list. One insolvent startup. One compromised contractor. One approved entity quietly acquired by a hostile state.
In the name of "competition," the EU is about to manufacture a permanent, distributed, daily-refreshed copy of Europe's collective search history. A surveillance dataset Brussels itself would never approve if any other government tried to build it.
The public consultation closes Friday, May 1, 2026 at 23:59 CEST. The final binding decision lands July 27, 2026.
After that, the door does not close again.
Tag your MEPs! File a response! Make noise!
