Overview
This report provides an analysis of Parliamentary Questions (PQs) and European Commission replies published between Monday 5 and Sunday 11 January 2026. The exchanges highlight the Commission’s intensified focus on the enforcement of core digital legislation, particularly the Digital Services Act (DSA) and Digital Markets Act (DMA). Key policy areas under scrutiny include platform accountability for systemic risks, the protection of minors, the operationalisation of the EU’s ‘sovereign cloud’ strategy, and the transition to post-quantum cryptography. The Commission’s responses consistently frame its actions within established legal frameworks, emphasising a commitment to procedural correctness, risk mitigation, and close coordination with Member State authorities. These developments are critical for digital policy professionals as they signal a definitive shift from legislative development to active implementation and enforcement, revealing the Commission’s priorities and interpretation of its new supervisory powers.
Digital Services Act (DSA) & Digital Markets Act (DMA) Enforcement
❗ Commission Highlights DSA Enforcement on Addictive Platform Design
In a reply on 9 January 2026, Executive Vice-President Virkkunen addressed concerns about platforms like Snapchat, Meta, TikTok, and YouTube allegedly being designed to be addictive. The Commission confirmed it is aware of court filings on this matter and noted that evidence may be relevant for its ongoing EU investigations (P-004782/2025). The response underscores that the DSA requires Very Large Online Platforms (VLOPs) to mitigate systemic risks to mental well-being and references open investigations into Facebook, Instagram, and TikTok regarding addictive features and the protection of minors.
❗ Commission Affirms DSA Powers to Protect Minors from Illegal and Harmful Content
On 5 January 2026, Executive Vice-President Virkkunen responded to a question about the sale of child-like sex dolls on platforms like Shein, AliExpress, and Temu (E-004488/2025). The Commission stated it is in contact with French authorities and highlighted its ongoing, broad-scope DSA proceedings against Temu and AliExpress. It also confirmed a request for information was sent to Shein regarding its systems for protecting minors and preventing the circulation of illegal products. A related answer on 6 January 2026 (E-004433/2025) reiterated these points, stressing that non-compliance with DSA obligations can lead to fines of up to 6% of global turnover.
❗ Commission Outlines Legal Framework for Protecting Minors Online
In a 7 January 2026 answer, Executive Vice-President Virkkunen outlined the EU’s legal framework for protecting minors online (E-004364/2025). The response cites the Audiovisual Media Services Directive (AVMSD) and the Digital Services Act (DSA) as key instruments. It specifically references the DSA’s requirement for platforms accessible to minors to ensure a high level of privacy and safety, and its prohibition on targeted advertising based on profiling of minors. The Commission also pointed to its recently published guidelines on the protection of minors under the DSA.
❗ Commission Cites DSA and Other Directives in Tackling Online Recruitment of Minors into Crime
Commissioner Brunner, in a reply on 5 January 2026, addressed the issue of minors’ involvement in crime and online recruitment (E-004256/2025). The Commission stated that the enforcement of the Digital Services Act, the Victims’ Rights Directive, and the Audiovisual Media Services Directive is crucial for mitigating risks to children’s wellbeing. The response also highlighted the Terrorist Content Online Regulation as a key tool for preventing the dissemination of extremist content and online recruitment.
❓ MEPs Challenge Commission Over €120M Fine Imposed on Platform X
A series of questions from MEPs scrutinise the Commission’s recent EUR 120 million fine against platform X for alleged DSA violations. A question from Jorge Martín Frías (PfE) asks for detailed criteria on how the fine was calculated and the basis for finding an infringement (E-005003/2025). An oral question from Mary Khan (ESN) and others frames the fine as politically motivated enforcement (O-000047/2025), while a priority question from Alexander Jungbluth (ESN) and others (P-005077/2025) questions the fine’s justification and alleges selective enforcement compared to other platforms. Responses from the Commission are pending.
❓ MEPs Question Scope of DSA Systemic Risk Obligations on Lawful Content
Two questions submitted by Christine Anderson (ESN) on 21 December 2025 probe the Commission’s powers under the DSA concerning lawful political expression. The first (E-005039/2025) asks whether systemic risk mitigation can require platforms to ‘downrank’ lawful content and how this aligns with the Charter of Fundamental Rights. The second (E-005040/2025) questions whether recommender systems are considered an ‘editorial function’ protected by the Charter and how compelling their alteration is justified. Commission answers are pending.
❓ MEPs Seek Clarity on Criteria for DSA Action on Electoral Interference
In a question submitted on 21 December 2025, Christine Anderson (ESN) asks the Commission to specify the objective criteria it uses to determine when alleged electoral interference triggers EU-level DSA enforcement (E-005041/2025). The query contrasts the Commission’s opening of DSA proceedings related to Romanian elections with its position that the arrest of Telegram’s founder was a purely national matter. A response is pending.
❓ MEPs Press Commission on DMA Compliance in Online Travel Sector
A cross-party group of MEPs, including Stéphanie Yon-Courtin (Renew) and Andreas Schwab (PPE), has questioned the Commission on Booking Holdings’ compliance with the Digital Markets Act (E-004981/2025). The question, submitted on 17 December 2025, asks for an assessment of the contestability in the online travel agency (OTA) sector since Booking’s designation as a gatekeeper and what actions the Commission will take if the DMA has not had a pro-competitive effect. A Commission response is pending.
❓ MEPs Seek Clarification on ‘Trusted Flagger’ Status Under the DSA
Stefano Cavedagna (ECR) submitted a question on 17 December 2025 concerning the role of ‘trusted flaggers’ under the Digital Services Act, specifically in the context of fake online reviews in the hospitality sector (E-004983/2025). The question asks what measures the Commission is taking to help businesses manage fake reviews and whether national hospitality associations could be eligible for trusted flagger status. A response from the Commission is pending.
AI Act & Fundamental Rights
❓ MEPs Follow Up on Use of Biometric Surveillance in Hungary
A large, cross-party group of MEPs led by Kim Van Sparrentak (Verts/ALE) submitted a follow-up question on 13 October 2025 regarding the Hungarian Government’s alleged use of facial recognition to identify participants in public demonstrations (E-004013/2025). The MEPs ask for the results of the Commission’s analysis, whether the practice complies with the AI Act’s prohibitions, and if the Commission will initiate infringement proceedings. A Commission response is pending.
Cybersecurity & Resilience
❗ Commission Confirms Plans to Revise Cybersecurity Act in 2026
In a reply on 7 January 2026, Executive Vice-President Virkkunen confirmed that the Commission is preparing a proposal to revise the Cybersecurity Act, planned for adoption in the first quarter of 2026 (E-004413/2025). The revision aims to strengthen and modernise the mandate of the EU Agency for Cybersecurity (ENISA) to better address the evolving cyber threat landscape and enhance the EU’s overall cyber posture.
❗ Commission Outlines Roadmap for Transition to Post-Quantum Cryptography
Executive Vice-President Virkkunen, in a 7 January 2026 response, detailed the EU’s strategy for transitioning to Post-Quantum Cryptography (PQC) (E-004525/2025). The Commission noted that experts estimate a quantum computer threatening current cryptography could be available within 16 years. The EU Roadmap recommends migrating high-risk use cases to PQC by 2030, supported by legislation like the NIS2 Directive and the Cyber Resilience Act. The Commission also stressed its close coordination with Member States and international partners like the US National Institute of Standards and Technology (NIST).
❓ MEPs Ask About Plans to Secure Critical Digital Infrastructure
Joachim Streit (Renew) submitted a question on 17 December 2025 asking the Commission about its plans and measures to ensure cybersecurity for critical digital infrastructure and sensitive communication systems, particularly in times of crisis (E-004978/2025). The question also seeks information on research programmes supported by the Commission to strengthen Member State resilience. A response is pending.
Sovereign Cloud & Data Governance
❗ Commission Clarifies Scope of European Cloud Sovereignty Framework
In two separate but similar answers on 5 and 8 January 2026, Executive Vice-President Virkkunen clarified the nature of the European Cloud Sovereignty Framework (E-004293/2025 and E-004334/2025). The Commission stated that the framework is an evaluation model for a specific procurement procedure (‘Cloud III’ Dynamic Purchasing System) and does not introduce a binding legal definition of ‘sovereign cloud’. The framework’s criteria, which were drafted with a view to initiatives like Gaia-X, are designed to ensure a holistic implementation of sovereignty objectives for cloud services used by EU institutions.
❓ MEPs Probe Commission’s Intentions for ‘Sovereign Cloud’ Legislation
Piotr Müller (ECR) has questioned the Commission about its forthcoming 2026 ‘Cloud and AI Development Act’ and the concept of a ‘sovereign cloud’ (E-005052/2025). Submitted on 22 December 2025, the question asks if the Commission will propose a legal definition that respects open market principles and how it will ensure new rules do not restrict access to cloud services or harm the EU’s ability to attract investment. A response is pending.
Data Protection & Privacy
❗ Commission Affirms GDPR Sufficiency for Regulating CCTV Surveillance
In a 6 January 2026 response from Mr. McGrath, the Commission stated that the General Data Protection Regulation (GDPR) provides a sufficient framework for protecting data subjects against unlawful video surveillance (E-004291/2025). The reply clarifies that processing personal data via CCTV is lawful if based on a proportionate Member State law and that data protection authorities have the necessary powers to investigate and enforce GDPR violations. The Commission also noted that Member States can provide more specific rules for data protection in the employment context.
❓ MEPs Raise GDPR Concerns Over Mandatory Vehicle Beacons in Spain
Dolors Montserrat (PPE) submitted two questions on 17 December 2025 regarding Spain’s decision to mandate a connected V16 emergency beacon for all vehicles from January 2026. One question (E-004993/2025) asks if the Commission has verified whether Spain conducted a data protection impact assessment under the GDPR, given the device’s geolocation capabilities. The other (E-004992/2025) questions whether the national requirement could restrict the internal market, contrary to Article 34 TFEU. Commission responses are pending.
❓ MEPs Call for EU Action on Telephone Cold Calling
A group of MEPs led by Sophie Wilmès (Renew) questioned the Commission on 19 December 2025 about the varying national rules on telephone cold calling (E-005027/2025). They ask if the Commission intends to propose an action plan to tackle nuisance calls originating from other countries and how it assesses the effectiveness of the GDPR in protecting citizens from abusive telephone marketing. A response is pending.
Copyright, Media & Online Content
❗ Commission Confirms Review of Copyright Directive Implementation
On 6 January 2026, Executive Vice-President Virkkunen responded to a question about the press publishers’ right under Article 15 of the Directive on Copyright in the Digital Single Market (DSM) (E-004542/2025). The Commission confirmed it is monitoring the implementation of this right and has launched a study to support a review of the entire DSM Directive, with a report on its main findings due no sooner than June 2026.
❗ Commission Clarifies Scope of Online Hate Speech Code of Conduct
In a reply on 6 January 2026, Ms. Lahbib addressed a question about the ‘Code of conduct on countering illegal hate speech online+’ (E-004041/2025). The Commission clarified that the ‘online knowledge hub’ mentioned in the LGBTIQ+ equality strategy refers to a commitment under this Code. It described the hub as a collection of legal resources for assessing illegal hate speech, unrelated to content moderation or surveillance, and affirmed that the Code’s implementation is fully in line with the right to freedom of expression.
❓ MEPs Seek Confirmation on Copyright Opt-Out for AI Training
A cross-party group of MEPs, including Emma Rafowicz (S&D) and Sabine Verheyen (PPE), asked the Commission to confirm the legal standing of copyright ‘opt-outs’ under Article 4 of the DSM Directive (E-0050232025). The question, submitted on 18 December 2025, specifically asks if AI music generation services like Suno and Udio must obtain explicit authorisation from French collective management organisations that have exercised their opt-out right before using their repertoire. A response is pending.
Gaming & Digital Fairness
❓ MEPs Raise Concerns About Digital Fairness Act’s Impact on Game Industry
Aura Salla (PPE) submitted a question on 17 December 2025 regarding the competitiveness of the European game industry and the forthcoming Digital Fairness Act (E-004987/2025). The question asks how the Commission will ensure the Act strengthens competitiveness while protecting consumers, and whether it will consider improving enforcement of existing rules before creating new ones. A Commission response is pending.
❓ MEPs Question Regulation of Virtual Currencies in Video Games
In a question submitted on 16 December 2025, Catherine Griset (PfE) asked the Commission why it does not ban virtual currencies in video games, which she describes as dangerous and addictive for minors (E-004963/2025). The question also suggests these currencies could give third-country companies an unfair advantage. A response is pending.
❗ Commission Defends European Competitiveness Fund’s Geographic Neutrality
On 7 January 2026, Executive Vice-President Séjourné responded to concerns about the innovation divide in the EU (E-003964/2025). The Commission stated that the proposed European Competitiveness Fund (ECF) aims to support the best projects across the EU irrespective of geography and does not include dedicated funding envelopes. It highlighted that elements like the EU4Business Network and the Value Chain Builder are designed to reduce imbalances and integrate stakeholders from all Member States.
❓ MEPs Criticise Governance of Joint Undertakings in Strategic Sectors
Mathilde Androuët (PfE) questioned the Commission on 17 December 2025 about poor governance and budget delays in EU joint undertakings for strategic sectors like semiconductors and supercomputing, citing a European Court of Auditors report (E-004976/2025). The question asks if the Commission acknowledges that this approach risks creating bureaucracy instead of achieving industrial sovereignty. A response is pending.
❗ Commission Stresses Member State Responsibility for Domestic Groups Amid FIMI Threats
In a reply on 8 January 2026, High Representative/Vice-President Kallas clarified the EU’s approach to Foreign Information Manipulation and Interference (FIMI) (E-003379/2025). The Commission stated it does not monitor domestic associations within Member States, as this falls under national competence. The European External Action Service (EEAS) focuses on external actors, particularly from Russia, and coordinates with national authorities. The response confirms the Commission is not considering a blanket ban on domestic organisations, as such matters are for Member States to decide.
❗ Commission Highlights Cross-Sectoral Approach to Energy and Digital Infrastructure Resilience
Responding on 8 January 2026 to a question about recent events in Spain and Portugal, Mr. Jørgensen outlined the EU’s framework for ensuring the resilience of interconnected energy and digital infrastructures (E-003786/2025). The Commission cited various regulations and directives, including the Resilience of Critical Entities Directive and the Cable Security Action Plan, as key tools. It also noted that EU funding instruments like the Connecting Europe Facility support investments in backup power solutions.
❓ MEPs Question EU’s Attractiveness for Tech Talent Amid Global Competition
Sandro Gozi (Renew) asked the Commission on 20 November 2025 about the impact of China’s new K visa and changes to the US H-1B visa on the EU’s ability to attract highly skilled tech talent (E-004650/2025). The question highlights potential risks to the EU’s digital sovereignty and asks if the Commission is considering an accelerated reform of its visa policy to remain competitive. A response is pending.
❓ MEPs Urge Action Against ‘Debanking’ of EU Citizens Due to Extraterritorial Sanctions
A large group of MEPs led by Nela Riehl (Verts/ALE) submitted a question on 15 December 2025 about financial services being denied to EU citizens targeted by extraterritorial US sanctions (E-004941/2025). They ask how the Commission will reinforce the EU Blocking Statute and protect citizens and EU-supported institutions from foreign coercive measures. A response is pending.
❗ Commission Affirms Commitment to Monitoring Media Freedom
In a reply on 5 January 2026 regarding the European Media Freedom Act (EMFA), Executive Vice-President Virkkunen stated that the Commission is in close contact with Member States to ensure their legal frameworks are aligned with the EMFA (E-004438/2025). While noting that Member States have primary responsibility for enforcement, the Commission confirmed it will continue to monitor media freedom and pluralism in all Member States, including through the annual Rule of Law Report, and may take action such as infringement proceedings where appropriate. A similar stance was taken in a 9 January 2026 reply concerning media freedom in Serbia (E-004101/2025).
❓ MEPs Question Legal Basis of European Centre for Democratic Resilience
Christine Anderson (ESN) and Marieke Ehlers (PfE) submitted a question on 21 December 2025 challenging the legal status of the proposed European Centre for Democratic Resilience (ECDR) (E-005042/2025). Citing EU case law, the MEPs argue that a body with the ECDR’s described functions cannot legally exist without a specific Treaty basis and secondary legislation, and ask the Commission to clarify its legal reasoning. A response is pending.
❓ MEPs Seek Information on EU Funding for Digital Rights NGOs
Alexander Jungbluth (ESN) questioned the Commission on 2 January 2026 regarding EU funding for the Digital Freedom Fund (DFF) and its grants to the Gesellschaft für Freiheitsrechte (GFF) (E-000002/2026). The question seeks to clarify a previous Commission statement that the project does not allow for redistributing EU funds to third parties and asks how the Commission ensures political neutrality. A response is pending.
Based on the Commission’s answers, three cross-cutting themes emerge. Firstly, there is a clear and decisive pivot towards active enforcement of recently enacted digital legislation. Replies concerning platforms like Temu, AliExpress, Facebook, and Instagram consistently reference the Commission’s powers under the Digital Services Act to open formal proceedings, conduct investigations into systemic risks such as addictive design and threats to minors, and ultimately impose significant fines. This indicates a shift from a legislative to a regulatory posture, positioning the Commission as a hands-on supervisor of the digital single market.
Secondly, the principle of digital sovereignty is being operationalised through concrete policy and procurement actions. The Commission’s clarification of the ‘European Cloud Sovereignty Framework’ as a procurement tool rather than a restrictive legal definition suggests a pragmatic approach to enhancing security and resilience without closing the market. This is complemented by a forward-looking strategy on cybersecurity, evidenced by the planned revision of the Cybersecurity Act and the detailed roadmap for transitioning to Post-Quantum Cryptography. Together, these actions suggest a strategic, long-term effort to secure the EU’s digital infrastructure and technological autonomy.
Finally, the Commission’s responses reveal a careful and consistent demarcation of its competences vis-à-vis those of the Member States. In answers related to CCTV surveillance, media freedom, and foreign information manipulation, the Commission repeatedly underscores that national authorities hold primary responsibility for enforcement and national security. Its role is framed as ensuring alignment with the EU acquis, coordinating action, and intervening only where a clear breach of EU law occurs. This legally grounded and procedurally cautious stance highlights the complex multi-level governance of the digital space and the Commission’s efforts to navigate it without overstepping its mandate.
All Parliamentary Questions and Commission Answers are accessible via Policy-Insider.AI.
