The European Commission has imposed a €120 million fine on X (formerly Twitter) for breaching transparency obligations under the Digital Services Act (DSA). It is the first formal non-compliance decision issued under the DSA.
According to the Commission, the violations concern the misleading design of the blue verification badge, insufficient transparency of X’s advertising repository, and the platform’s failure to provide adequate access to public data for researchers.
Misleading use of the blue checkmark
The Commission found that X’s use of the blue checkmark for “verified” accounts can mislead users. Although the DSA does not require platforms to verify users’ identities, it explicitly prohibits presenting accounts as verified when no meaningful verification has taken place. On X, users can obtain the blue badge by paying a fee without substantive checks on identity or authenticity, which, according to the Commission, undermines users’ ability to assess the credibility of accounts and content and increases the risk of deception and fraud.
Lack of advertising transparency
The Commission also concluded that X’s advertising repository does not meet DSA requirements on accessibility and transparency. Searchable and comprehensive ad databases are considered essential for researchers and civil society to identify fraud, coordinated information campaigns, and other systemic risks.
X’s repository reportedly contains design barriers, access delays, and lacks key information such as ad content, subject matter, and the legal entity paying for the advertisement, limiting independent scrutiny of online advertising risks.
Insufficient access to public data for researchers
In addition, X was found to be in breach of its obligation to provide vetted researchers with access to publicly available platform data. The Commission noted that X’s terms of service restrict independent access to public data, including through data scraping, and that the company’s procedures create unnecessary obstacles for research into systemic risks within the EU.
Next steps
X has 60 working days to inform the Commission of the measures it plans to take to end the misleading use of the blue checkmark. The company has 90 working days to submit an action plan addressing violations related to advertising transparency and researchers’ access to public data. Failure to comply could result in additional periodic penalty payments.
The Commission said it will continue engaging with X to ensure full compliance with the DSA.
Background
On December 18, 2023, the Commission opened formal proceedings against X to assess potential DSA violations related to the spread of illegal content and the effectiveness of measures against information manipulation. The investigation also covered deceptive design practices, advertising transparency, and data access for researchers. Preliminary findings were adopted in July 2024, leading to the non-compliance decision announced this week.
The Digital Services Act is intended to strengthen user protection, enhance transparency, and restore trust in the online environment across the European Union.
