The European Parliament’s PEGA Committee has issued a critical report condemning abuses of spyware across several EU member states, including Poland, Hungary, Greece and Spain. A senior member of the delegation asserted that the EU should never intrude on a state’s core national security, while another described illegal surveillance in Europe as unacceptable and beyond tolerance. The Commission’s final assessment followed a year-long inquiry into how spyware has been misused inside the bloc, with a clear conclusion that spyware has been used to intimidate political opponents, suppress critical media, and influence electoral outcomes. The Parliament signaled that current EU governance structures struggle to address these attacks and that substantial reforms are needed to close the gaps.
Critique of the committee’s stance
Commissioners condemned serious violations of EU law in Poland and Hungary, where independent oversight has been weakened or dismantled, raising alarms about checks and balances within those states.
In Hungary, MPs described spyware use as part of a calculated strategy to undermine media freedom and curb free expression by the governing authorities. In Poland, Pegasus was portrayed as part of a broader surveillance regime targeting opposition figures and government critics to sustain the ruling majority’s grip on power.
The European Parliament noted these concerns in a formal statement.
To address the situation, MEPs urged Hungary and Poland to comply with European Court of Human Rights decisions and to restore judiciary independence and effective supervisory bodies.
Regarding Greece, MPs argued that spyware appears not as a systemic, long-term plan but as an ad hoc instrument pursued for political and financial gain. Although Greece maintains a relatively solid legal framework in principle, recent legal changes have weakened safeguards. Consequently, spyware has been deployed against journalists, politicians and business figures within the country.
The assembly called on the government in Athens to urgently restore and strengthen institutional and legal safeguards, suspend export licenses that fail EU export-control rules, and guarantee the independence of the Greek Authority for Communications Security and Privacy. It also noted that Cyprus has acted as a key spyware export hub and should withdraw any licenses that do not comply with EU law.
In Spain, MPs recognized the existence of an independent legal system with adequate safeguards, yet raised questions about spyware usage. Authorities are urged to continue addressing deficiencies and to ensure full, fair, and effective investigations, particularly in the 47 cases where it remains unclear who authorized the deployments or what remedies are available to victims.
The committee urged that EU rules governing law-enforcement spyware be limited to exceptional use, with a clearly defined purpose and a capped duration. It emphasized that data considered confidential or owned by political figures, doctors, or media professionals should be protected unless there is substantial evidence of criminal activity.
The report drew criticism from some members who contended that the analysis was biased or incomplete, arguing that it did not treat all impacted countries equally and relied on unverified sources. The discussions highlighted that the handling of the spyware issue reflects broader tensions within the EU about sovereignty, rule of law, and democratic accountability.
The debate also touched on the role of political groups within the European Parliament and whether certain coalitions would support or oppose the report. A reformist stance from some members contrasted with opposition from others who believed the EU should refrain from intervening in national security matters. The vote outcomes signaled a divided assembly, with supporters and critics weighing the implications for future EU policy on surveillance and civil liberties.
Observers emphasize that the next European Parliament elections heighten the urgency of addressing illegal surveillance, demonstrating solidarity against pervasive eavesdropping on political opponents. The committee’s work, they argue, is essential to reining in abuses and clarifying the UK and EU stance on national security and human rights within the bloc’s jurisdiction. This ongoing dialogue aims to strengthen democratic safeguards across member states and ensure proportionality in any surveillance measures.
Left-leaning members described the Pegasus affair as emblematic of stubborn systemic practices that echo old, repressive norms. They called for a clear and robust definition of national security that aligns with EU law and principles of proportionality and necessity, arguing that citizens’ privacy must not be treated as a secondary consideration in the name of state security.
Where Poland and Hungary are concerned, the report asserts that the spyware programs have been weaponized to suppress dissent, target independent judges, and hinder free media. Those responsible should face an independent judiciary to ensure accountability and restore the rule of law in those states.
The plenary session is expected to consider the report in mid-June, with the outcome potentially guiding future EU actions and monitoring mechanisms. The broader aim remains to reinforce democratic norms and human rights protections across the Union, regardless of political divides.
In conclusion, the PEGA inquiry underscores a critical moment for EU governance, signaling a call for tighter safeguards, transparent oversight, and steadfast adherence to European legal standards when addressing requests for surveillance and data access. The overarching message is clear: there is no tolerance for illegal surveillance in Europe, and the Union ought to defend civil liberties while safeguarding national security.
[Citation: European Parliament PEGA Commission of Inquiry report on spyware abuses in the EU]