The platform formerly known as Twitter has earned the dubious honor of being the first very large online platform (VLOP) to face a preliminary finding of breaching the European Union’s Digital Services Act (DSA), the bloc’s governance and content moderation rulebook. Penalties for confirmed breaches of the regime can reach up to 6% of global annual turnover.
The Commission opened an investigation of X back in December 2023, saying it was concerned the platform may have breached DSA rules on risk management, content moderation, dark patterns, advertising transparency and data access for researchers. In May, it sought more information from the company about aspects of the ongoing probe.
Now it has reached preliminary conclusions on three grievances.
Firstly, it found that the design of the blue check on X is an illegal dark pattern.
Previously this symbol denoted account verification but — under X’s current owner Elon Musk — the legacy system was deprecated and replaced with a confusing alternative where the badge denotes either a paid account or some level of platform profile.
The DSA bans deceptive or manipulative design and the Commission’s view is that X has designed an illegal system that may mislead users into thinking an account with a check mark has been verified or is otherwise trustworthy. It also pointed out that X’s algorithms prioritize the replies of accounts that have a check mark in threads, with further risks that users will be misled.
In a second preliminary finding, the Commission says X’s ad repository does not comply with DSA requirements. The technical implementation of this DSA requirement is below par, with results missing key info or otherwise displaying partial and unreliable information. Anyone wanting to use the ad archive to investigate the ads being served on X’s platform are being thwarted, it suggests.
The EU’s third preliminary grievance is a finding that X has failed to facilitate access to data for researchers. X did rush to put a system in place in November 2023, a few months after the August deadline for VLOPs’ compliance with the DSA. But the Commission said it falls far below the required standard.
It said X requires what are often EU-based researchers seeking access to data to study the flow of information on the platform to go through a U.S. screening process that takes months, is non-transparent and does not provide them with feedback. The Commission suggested only a tiny number of researchers have actually been approved by X to get data for study.
A key goal of the DSA is to drive accountability on big tech through transparency, which is a big part of the reason why some of these first findings on X focus on elements of compliance where the company looks to be impeding that goal.
The EU is continuing its other investigations on X, including related to the spread of illegal content and disinformation.
Commenting in a statement, Margrethe Vestager, the Commission EVP in charge of digital policy, said: “The DSA has transparency at its very core, and we are determined to ensure that all platforms, including X, comply with EU legislation.”
X was contacted for a response.
The company will now have a chance to respond to the Commission’s findings. The outcome of the investigation, including the possibility of penalties if breaches are confirmed, is likely to depend on how it responds. The EU could still end up being persuaded X has not breached the DSA, or X could offer to make changes to remedy the grievances raised hoping the EU accepts. Or the Commission could conclude it has infringed the rules and slap it with a penalty and a compliance order. So it looks like an interesting few months ahead for Musk.