France France ARCOM DSA national enforcement

ARCOM's 2026-2028 Plan Bets France Can Enforce the DSA Faster Than Brussels Can Harmonize It

ARCOM's new strategy pairs aggressive age-verification and AI-monitoring goals with a pending EU court test of unilateral enforcement.

ARCOM's 2026-2028 Plan, By the Numbers People of Internet Research · France 83% Minors exposed to online risk Share of 11-17-year-olds reporting… 44% Access social media before 13 French youth using social networks… ~50% Decline in porn site traffic Ajdari cites roughly halved traffi… 85% Youth using generative AI Share of 15-24-year-olds who now u… peopleofinternet.com

Key Takeaways

On May 19, 2026, ARCOM president Martin Ajdari unveiled the regulator's 2026-2028 strategic project, organized around three axes: protecting the public in digital and audiovisual spaces, safeguarding pluralistic information, and financing French creation. The headline commitment is regulatory speed. As France's Digital Services Coordinator under the DSA, ARCOM says it will "deploy in France and support in Europe a faster, more directive and more effective implementation" of the regulation — pointing to its recent proceedings against X and Meta as proof the framework has teeth.

The Evidence Behind the Alarm

ARCOM's case for urgency rests on numbers it published alongside the plan: 83% of 11-to-17-year-olds report exposure to at least one online risk — cyberbullying, shocking content, dangerous challenges — and 44% access social networks before age 13, below France's digital-majority threshold of 15. That is a real, documented harm, not a moral panic, and it's fair to steelman ARCOM's response before critiquing it. Self-declared age has manifestly failed as a gate; Ajdari told the presentation audience that mandatory age verification on pornography sites has cut traffic to compliant platforms by "nearly half." If that estimate holds, it's a rare case of an online-safety rule showing measurable, not merely aspirational, effect.

The next enforcement layer is legislative, not just regulatory: a bill to bar under-15s from social media outright, deposited at the National Assembly on November 18, 2025, adopted in first reading January 26, 2026, passed with amendments by the Senate March 31, and back before the Assembly for a second reading April 1. It would void contracts that violate the age floor, impose a nighttime "digital curfew" on 15-to-18-year-olds, and ban high-risk platforms outright for under-15s — with school phone restrictions arriving for the 2026-2027 year regardless of the bill's final text.

Where the Legal Ground Gets Shaky

Here is the tension ARCOM's plan doesn't resolve: France has tried this before. Its 2023 digital-majority law was never enforced because it collided with EU law, and the same fault line is now before the Court of Justice of the EU. In Joined Cases C-188/24 and C-190/24, brought by Czech pornography publishers WebGroup Czech Republic and NKL Associates, Advocate General Szpunar opined on September 18, 2025 that France's SREN-law age checks can bind EU-based operators — but only through the e-Commerce Directive's derogation procedure, not by unilateral French decree. The CJEU's binding judgment is still pending.

That is the opposite of "faster and more directive." The DSA was built precisely to stop 27 member states from running 27 separate compliance regimes for platforms operating across the bloc — replacing that patchwork with a single rulebook enforced through networked national coordinators reporting into the European Board for Digital Services. ARCOM's plan to out-pace Brussels risks re-fragmenting the exact single market the DSA exists to protect, and invites the very procedural pushback now sitting in Luxembourg. A more durable path is the one France is already quietly walking: it's a pilot participant in the European Commission's DSA-based age-verification blueprint, a privacy-preserving wallet architecture designed to give member states one interoperable standard instead of twenty-seven bespoke ones.

Conversational AI: A New and Vaguer Frontier

The plan's newest commitment is monitoring "conversational AI agents" for risks including deceptive or sexualized content aimed at minors and manipulation during elections. Ajdari's framing stat — 85% of 15-to-24-year-olds already use AI tools, and 16% of citizens have asked an AI system whom to vote for — is a legitimate reason for regulators to pay attention. But the DSA's remit is built around very large online platforms and search engines with defined systemic-risk obligations, not general-purpose AI systems, which fall under the AI Act and a different enforcement architecture entirely. A national broadcasting-and-platforms regulator absorbing informal oversight of AI chatbots, alongside CNIL's data-protection mandate and the AI Act's incoming enforcement bodies, risks the same fragmentation problem in miniature: three regulators, overlapping claims on the same product, and no clarity for developers about which rulebook actually governs them.

The Proportionate Path

None of this argues against child protection online — the exposure statistics are real and the age-verification results Ajdari cites are the strongest evidence yet that proportionate, technically sound rules can work. But the lesson of the 2023 law's failure, now replaying in the CJEU, is that speed bought by bypassing EU coordination tends to buy delay instead. ARCOM would do more for French minors by anchoring its ambitions to the EU wallet pilot and a clearly scoped DSA mandate than by racing ahead of a legal process it does not fully control.

Sources & Citations

  1. ARCOM — 2026-2028 Strategic Project announcement
  2. ARCOM — Martin Ajdari presentation speech
  3. Assemblée Nationale — legislative dossier on minors and social media
  4. MLex — AG Szpunar opinion on French age checks
  5. Baker McKenzie Connect on Tech — EU age verification blueprint