European data protection officials have written to Google warning that the search giant may be in breach of European Union (EU) privacy laws because of the way it retains data on individual searches.

The EU's Article 29 working party, made up of data protection officials from 27 European countries, asked Google to justify why it needed to retain the data for up to two years, and whether the company had "fulfilled all the necessary requirements" on data protection.

Google has not yet replied to the letter, but the company's global privacy counsel Peter Fleischer defended its privacy protection measures.

"Google recently announced a new policy to anonymise our server logs after 18-24 months," he said. "We're the only leading search company to have taken this step publicly. We believe it's an important part of our commitment to respect user privacy while balancing a number of important factors, such as maintaining security and preventing fraud and abuse."

He added: "We are committed to engaging in a constructive dialogue with privacy stakeholders, including the Article 29 working party, on how to improve privacy practices for the benefit of Google users and for everyone on the internet."

Speaking at a data protection conference in Amsterdam this week, European data protection supervisor Peter Hustinx, who chairs the Article 29 working group, took a conciliatory tone towards the Google. "I see a company which has very powerful tools, thinking about integrating privacy solutions - that's the big picture," he said.

Google's efforts to respect people's privacy were not "just window dressing" he said. "But we will hold them to what they are saying."