Overview
This report covers Parliamentary Questions (PQs) and replies published from 24.05.2026 till 31.05.2026. The intelligence gathered highlights several core policy areas currently dominating the European digital agenda, notably the enforcement of the Digital Services Act (DSA), the institutional implementation of the AI Act, advancing cybersecurity and digital infrastructure resilience, and the formulation of sectoral data policies. The Commission’s institutional tone throughout these exchanges is distinctly regulatory and assertive, focusing on defending its sovereign right to enforce digital rules, building administrative capacity (such as within the AI Office), and resisting speculative interventions outside established legal frameworks. For public affairs and digital-policy professionals, these developments matter because they signal a definitive shift in Brussels from the legislative drafting phase to the complex, resource-intensive reality of aggressive enforcement and institutional operationalisation.
❗ Commission Asserts Sovereign Right in DSA Enforcement
In Parliamentary Question E-001132/2026, submitted regarding the potential blocking of foreign websites, the limits of European censorship powers were examined. In a response on 22 May 2026, Executive Vice-President Virkkunen clarified that the Commission cannot legally block websites, a power reserved solely for Member State authorities dealing with illegal content. However, she emphasized that enforcing the Digital Services Act is the EU’s sovereign right, and the Commission maintains its responsibility to enforce these laws effectively and without discrimination against all companies operating in the EU.
❗ AI Office Staffing and General-Purpose AI Enforcement
In Parliamentary Question P-001672/2026, the Commission was asked about its capacity to monitor advanced AI models. In a response on 29 May 2026, Executive Vice-President Virkkunen confirmed that the AI Office now employs over 140 staff members, including over 40 in its AI safety unit with technical and cybersecurity profiles. The Commission noted that while it currently relies on cooperation under the General-Purpose AI Code of Practice, its enforcement powers will become mandatory in August 2026, granting the AI Office the authority to demand information and run its own model evaluations.
❗ Digital Fairness Act and Interplay with the DSA
In Parliamentary Question E-000566/2026, the scope of upcoming consumer protection rules was questioned. In a response on 27 May 2026, Commissioner McGrath announced that the Commission plans to propose the Digital Fairness Act (DFA) in the fourth quarter of 2026 to update EU consumer protection rules, particularly for minors. The Commission is currently assessing the interplay between the upcoming DFA and the existing Digital Services Act to ensure regulatory consistency, alongside a planned 2026 action plan against digital fraud.
❓ Scrutiny Over DSA Code of Practice and Disinformation Subgroups
In Parliamentary Question E-002016/2026, submitted on 13 May 2026, Virginie Joron (PfE) raised concerns regarding the Commission’s interactions with online platforms and unregistered organizations under the Code of Practice on Disinformation. The inquiry questions the transparency of the Crisis Response Subgroup and the justification for targeted content removal requests. A response from the Commission is pending.
❓ Enforcement of the DSA Regarding Election Profiling on Social Media
In Parliamentary Question E-001567/2026, submitted on 16 April 2026, Gaetano Pedulla’ (The Left) asked the Commission how it plans to audit very large online platforms concerning algorithmic transparency and systemic risks to democratic processes. The question specifically highlights allegations of mass profiling and skewed visibility of political content during recent elections. A response from the Commission is pending.
❓ Interplay Between the P2B Regulation, DMA, and DSA
In Parliamentary Question E-002054/2026, submitted on 19 May 2026, Regina Doherty (PPE) and Seán Kelly (PPE) asked the Commission to justify the potential repeal of the Platform-to-Business (P2B) Regulation. The inquiry points out that while the Digital Markets Act targets designated gatekeepers and the DSA focuses on content moderation, the P2B Regulation currently serves as the baseline transparency tool for SMEs dealing with standard online intermediaries. A response from the Commission is pending.
❓ Timelines for DMA Non-Compliance Decisions
In Parliamentary Question E-002071/2026, submitted on 19 May 2026, Oihane Agirregoitia Martínez (Renew) pressed the Commission on its timeline for enforcing the Digital Markets Act against major gatekeepers. The inquiry references preliminary findings of non-compliance regarding self-preferencing and anti-steering rules, asking when formal decisions and potential fines will be adopted. A response from the Commission is pending.
❓ DSA Obligations Regarding Fraudulent Content
In Parliamentary Question E-002011/2026, submitted on 13 May 2026, Virginie Joron (PfE) asked the Commission whether it intends to open formal proceedings against platforms failing to remove fraudulent fundraising campaigns involving fabricated animal cruelty. The inquiry questions whether such organized scams constitute a systemic risk under the DSA. A response from the Commission is pending.
❓ Use of Forensic AI Tools by National Tax Authorities
In Parliamentary Question E-002033/2026, submitted on 18 May 2026, Alvise Pérez (NI) asked the Commission to assess the deployment of forensic AI software by national tax agencies. The inquiry questions whether such tools, which process large volumes of private data from electronic devices, comply with the AI Act, the GDPR, and the principles of proportionality and data minimisation. A response from the Commission is pending.
❓ Real-Time Biometric Identification and the AI Act
In Parliamentary Question E-002061/2026, submitted on 19 May 2026, Markéta Gregorová (Verts/ALE), Leila Chaibi (The Left), and David Cormand (Verts/ALE) asked the Commission to evaluate the use of facial recognition software by national police forces on mobile devices. The inquiry seeks clarification on whether these tools qualify as real-time remote biometric identification systems and if their use meets the strict authorization and limitation requirements set by the AI Act. A response from the Commission is pending.
❗ Drone Security and Cyber Resilience Requirements
In Parliamentary Question E-001073/2026, the Commission was asked about potential import bans on specific high-risk drone manufacturers. In a response on 27 May 2026, Executive Vice-President Virkkunen stated that the Commission is not discussing an import ban on specific brands. However, she emphasized that a large majority of drones placed on the EU market will soon be subject to mandatory cybersecurity requirements under the Cyber Resilience Act, alongside existing aviation safety rules.
❗ Protection of Strategic Submarine Cable Infrastructure
In Parliamentary Question E-001072/2026, the Commission was asked about the obstruction of EU-funded digital connectivity projects in the Eastern Mediterranean. In a response on 26 May 2026, High Representative/Vice-President Kallas confirmed that the SEA-SPINE submarine cable project completed its scheduled works without disruption. The Commission underscored that it rejects any unilateral actions impeding lawful activities and is closely monitoring the situation to secure the EU’s digital resilience.
❓ Empirical Basis for Data Centre Environmental Standards
In Parliamentary Question E-002062/2026, submitted on 19 May 2026, Piotr Müller (ECR) questioned the Commission on the analytical foundation of its planned environmental performance standards for data centres. The inquiry highlights concerns from the technology sector regarding low reporting compliance by Member States, asking how the Commission justifies advancing regulations that could affect cloud computing investments without a robust empirical dataset. A response from the Commission is pending.
❓ High-Risk Suppliers and EU Cybersecurity Funding
In Parliamentary Question E-002079/2026, submitted on 20 May 2026, Juan Ignacio Zoido Álvarez (PPE) asked the Commission whether it approves of NextGenerationEU funds being used to procure IT equipment from suppliers deemed high-risk to the EU’s cybersecurity. The inquiry seeks to understand if the Commission validated specific national recovery plan purchases that contradict its own advisories on critical sector security. A response from the Commission is pending.
❓ MiCA Implementation and Market Disruption Risks
In Parliamentary Question P-002069/2026, submitted on 19 May 2026, Marcin Sypniewski (ESN) asked the Commission about the delayed national implementation of the Markets in Crypto-Assets (MiCA) regulation in certain Member States. The inquiry focuses on the risk that crypto-asset service providers may lose their ability to operate due to a lack of national authorization procedures before the transitional period ends. A response from the Commission is pending.
❓ SME Competitiveness Under the European Health Data Space
In Parliamentary Question E-002065/2026, submitted on 19 May 2026, Piotr Müller (ECR) asked the Commission how it plans to mitigate the costs of certifying systems for the European Health Data Space (EHDS). The inquiry also raises concerns about preventing non-EU entities with lower democratic and data protection standards from accessing strategic European health data. A response from the Commission is pending.
❓ Design and Implementation Safeguards for the Digital Euro
In Parliamentary Question E-001991/2026, submitted on 13 May 2026, Gerald Hauser (PfE) asked the Commission about the structural risks associated with the digital euro. The inquiry seeks guarantees that a central bank digital currency cannot be programmed to restrict usage, will remain resilient during technical blackouts, and will not undermine the continued acceptance of physical cash. A response from the Commission is pending.
❗ Exclusion of Military Applications from the AI Act
In Parliamentary Question E-001267/2026, submitted regarding the regulatory boundaries of artificial intelligence, the Commission was asked to clarify the treatment of defence technologies. In a response on 27 May 2026, Commissioner Kubilius explained that military and defence purposes are excluded from the AI Act due to the specificities of the common Union defence policy under the Treaty on European Union. However, he noted that European defence funds strictly prohibit the financing of lethal autonomous weapons that operate without human control.
❓ Transatlantic Cooperation and Tech Regulation
In Parliamentary Question E-002063/2026, submitted on 19 May 2026, Piotr Müller (ECR) asked the Commission how it plans to balance the development of European technological sovereignty with transatlantic cooperation. The inquiry questions whether new regulatory or administrative restrictions are being considered for advanced AI and cybersecurity systems provided by allied third-country companies. A response from the Commission is pending.
❓ Digital Sovereignty and Third-Country Software Dependencies
In Parliamentary Question E-002035/2026, submitted on 18 May 2026, Jonas Sjöstedt (The Left) and Hanna Gedin (The Left) asked the Commission about the risks of Member States relying on proprietary software from non-EU defense and intelligence contractors. The inquiry highlights concerns over data leaks and the loss of data sovereignty when law enforcement agencies utilize opaque algorithmic profiling tools. A response from the Commission is pending.
❓ Compatibility of National NGO Laws with the GDPR
In Parliamentary Question E-002121/2026, submitted on 22 May 2026, Nicolae Ștefănuță (Verts/ALE) asked the Commission to evaluate proposed national legislation that would require NGOs to publicly disclose the identities of their donors. The inquiry questions whether such a mandate constitutes disproportionate data processing under the GDPR and violates the EU Charter of Fundamental Rights. A response from the Commission is pending.
❓ Investigation of Spyware Use on European Officials
In Parliamentary Question E-001981/2026, submitted on 13 May 2026, Nikolas Farantouris (S&D), Yannis Maniatis (S&D), Nikos Papandreou (S&D), and Sakis Arnaoutoglou (S&D) asked the Commission about the potential cross-border implications of national wiretapping scandals. The inquiry seeks to determine if the Commission intends to investigate whether European officials were subjected to illegal surveillance via spyware during communications with their monitored national counterparts. A response from the Commission is pending.
A primary theme emerging from the Commission’s recent responses is a stringent focus on operationalizing and defending established regulatory frameworks rather than entertaining ad-hoc interventions. The material indicates that the Commission is actively building its enforcement machinery—evidenced by the rapid scaling of the AI Office to over 140 staff members—while firmly positioning the enforcement of the DSA as a sovereign right that applies uniformly to all actors operating within the single market. This suggests a transition in the executive’s posture from legislative architect to active enforcer, preparing for the mandatory application of rules like the AI Act in August 2026.
Furthermore, a clear narrative of infrastructural and procedural resilience underpins the Commission’s positioning. Whether addressing the physical security of submarine cables in the Eastern Mediterranean or the integration of drones under the Cyber Resilience Act, the Commission frames technological security through the lens of systematic, risk-based compliance rather than geopolitical exclusions or direct import bans. Similarly, the deliberate exclusion of military applications from the AI Act, balanced by strict ethical guidelines in defence funding, highlights an institutional effort to keep civilian market regulation distinct from international humanitarian law and defence policy.
Ultimately, these exchanges reveal a digital-policy environment heavily preoccupied with the mechanics of implementation. The volume of pending questions regarding algorithmic transparency, data centre standards, and the interplay between overlapping regulations (such as the DSA, DMA, and the forthcoming Digital Fairness Act) suggests that while the overarching legal architecture is largely in place, significant friction remains regarding how these rules will be audited, measured, and enforced on the ground.
All Parliamentary Questions and Commission Answers are accessible via Policy-Insider.AI.
