Another Groundbreaking EU Investigation into Google Matters
The EU's Google investigation unites competition law and GDPR, challenging whether dominant platforms can use creator data to fuel AI without real consent or economic fairness.
GDPR Compliance
AI, Data, and the Hidden GDPR Problem Behind the Antitrust Case
Gianni Dell'Aiuto | WBN News Global - WBN News USA | January 29. 2026
EU’s Google Probe Merges Antitrust With Data Rights
The European Commission’s investigation into Google, opened on 9 December 2025, may appear as a textbook antitrust case under Article 102 TFEU, abuse of dominance, market distortion, and unfair leverage. But that reading misses the deeper challenge unfolding: this is a de facto GDPR case, disguised in antitrust language.
At the center is whether Google can leverage publishers’ and YouTube creators’ content to train its AI systems without offering real choice or compensation. From a market standpoint, it’s coercive: visibility becomes the cost of feeding a dominant AI, undermining fair competition. But the issue escalates when we shift focus from “content” to “people.”
Today, content is identity. A video isn’t just a file—it’s a digital fingerprint: face, voice, style, behavior. Using this to train AI is not passive data use; it’s personal data processing. Under GDPR, this requires an explicit purpose, transparency, and the right to opt out.
If creators must allow AI training to remain visible or searchable, that’s not consent—it’s coercion. The same logic applies to web publishers. Public content isn’t free from GDPR. If it includes personal data, AI training still triggers purpose limitation, lawful basis requirements, and user rights.
This investigation reaches beyond Google. It asks whether any dominant tech platform can convert its control over visibility into a pipeline of forced data extraction. This is where competition law and data protection law converge—one protects the market, the other protects the individual. AI now lives at the intersection.
The case also dismantles a dangerous myth: that only Big Tech is under scrutiny. Clearview AI was fined for biometric scraping; Luka, maker of Replika, was penalized for unlawful data use; neither is Google-sized, but both violated European AI data laws. Size doesn’t shield misuse.
The message is clear: if you build AI on human-generated content, you are operating in a regulated zone—whether you acknowledge it or not. This isn’t regulatory hostility. It’s a principled stance: innovation must not rely on silent expropriation of identity.
The Commission isn’t targeting Google for its dominance, but for how it potentially merges that dominance with unchecked data access to build AI. Tomorrow, these same legal expectations will apply to every developer who builds intelligence on human experience.
The age of reactive compliance is over. Developers must now proactively ensure that AI is legally resilient from the first line of code. Consent, autonomy, and data integrity are no longer compliance features—they are core product requirements.
#Google Investigation, #EU Competition Law, #GDPR Compliance, #Artificial Intelligence, #Creator Rights, #Platform Accountability, #Digital Identity Protection
Gianni Dell’Aiuto is an Italian attorney with over 35 years of experience in legal risk management, data protection, and digital ethics. Based in Rome and proudly Tuscan, he advises businesses globally on regulations like the GDPR, AI Act, and NIS2. An author and frequent commentator on legal innovation, he helps companies turn compliance into a competitive edge while promoting digital responsibility. Click here to connect with him.
Editor: Wendy S. Huffman
Sources:
European Commission, GDPR text, Clearview AI regulatory actions, Luka/Replika sanctions, TFEU Article 102 proceedings.
Members Discussion