Search engines must comply with European privacy regulations even if they aren’t based there, a group of regulators said last week.
In a statement issued after European data protection regulators met in Brussels last week, the so-called Article 29 Working Group said in part: "Search engines fall under the EU Data Protection Directive 95/46/EC if there are controllers collecting users’ IP addresses or search history information, and therefore have to comply with relevant provisions.
"These provisions also apply to such controllers who have their headquarters outside the EU, but only an establishment in one of the EU Member States, or who use automated equipment based in one of the Member States for the purposes of processing personal data."
As a result, apparently the only way U.S.-based search engines can avoid European law is if they have no hardware in any of the member states.
The EU group offered no details on how search engines will be expected to comply with European privacy law. It is expected to issue a full report in April.
Google issued a statement saying it looks forward to the report.