The European Commission fined social media giant X €120 million for failing to meet Digital Services Act (DSA) requirements. The investigation found that the platform used deceptive account verification, withheld information about online advertising, and restricted access to public data required for independent research. The decision followed a formal inquiry into how X managed verification, transparency, and data access for users in the European Union.
Regulators said the paid verification system, introduced after policy changes at X, misled users because it allowed any subscriber to display a blue badge previously reserved for identity-verified public figures. According to the Commission, the system created confusion about account authenticity and increased the risk of impersonation and fraud. It was categorised as a deceptive design under the DSA, which prohibits interface features that mislead or manipulate users.
Officials also determined that X failed to maintain a public advertising repository. The DSA requires very large online platforms to disclose information about all adverts shown to users, including who paid for them and why specific users were targeted. Regulators said that X either provided incomplete information or withheld it entirely. This prevented researchers, civil society groups, and regulators from examining advertising practices or identifying fraudulent or harmful campaigns.
A further violation concerned access to public data. The DSA obliges platforms of X’s scale to provide researchers with access to specified public data to support studies on online risks, including disinformation and illegal content. The Commission said X denied this access without a valid justification, limiting oversight of how the platform influences public discourse.
The United States criticised the decision. Officials argued that the enforcement action targeted American technology firms and created an uneven regulatory environment. European regulators rejected this claim. They said the fine reflected the seriousness of the violations and was unrelated to the nationality of the company. The investigation and penalty were framed as enforcement of digital safety rules that apply equally to all platforms operating in the EU.
The DSA allows fines of up to 6 % of global revenue for non-compliance. X must now present a remediation plan to the Commission. The plan must address the misuse of verification, restore full advertising transparency, and provide researcher access as required by law. The company has a fixed period to implement corrections. Continued non-compliance could lead to additional penalties or service restrictions within the EU.
The case reflects increasing regulatory pressure on large platforms. Authorities have said that the DSA is designed to ensure safety, transparency, and accountability at scale. Other platforms remain under active investigation. The outcome of the X case is expected to shape how regulators approach enforcement in the future.