The European Commission (EC) has imposed its first fine under Europe’s landmark Digital Services Act (DSA) and it’s against Elon Musk’s X.
EC disputes the fact that X allowed anyone to purchase a “blue checkmark,” the platform’s long-standing symbol that used to indicate that a user has been verified as who they claim to be.
Calling the design of the blue check mark system “misleading”, the European Union’s executive arm fined X 120 million euros (about $140 million) on Friday, saying the company had breached transparency obligations under the DSA.
The commission said other violations of the law include the lack of transparency of X’s ad repository and the failure to provide investigators with access to public data.
Before Musk bought the company, Twitter used to issue blue checks to journalists, celebrities, politicians and public figures on the platform after verifying their identities. Musk removed that policy in 2023, and all the “verified” blue check shows today is that a user is an X Premium subscriber and meets certain eligibility criteria, such as having a profile photo, a display name, and linking their account to a phone number.
“X’s use of the ‘blue check mark’ for ‘verified accounts’ deceives users,” the Commission wrote in statement. “This violates the DSA obligation for online platforms to prohibit deceptive design practices on their services. On X, anyone can pay to obtain ‘verified’ status without the company actually verifying who is behind the account, making it difficult for users to judge the authenticity of the accounts and content they interact with.”
The Commission added that such a system exposes users to fraud, impersonation and manipulation.
Techcrunch event
San Francisco
|
13-15 October 2026
The regulator also found that X’s ad repository does not comply with the DSA’s transparency and accessibility requirements, saying the company imposes excessive delays in processing access requests. The commission also said that the ad repository does not contain important information such as the content or topic of the ads, and who paid for those ads.
“This prevents researchers and the public from independently examining any potential risks in online advertising,” the Commission wrote.
Access to public data is another area of concern for the EU. The DSA stipulates that public platforms allow researchers to access public data to study systemic risks, and the EC investigation found that X does not allow researchers to do this independently.
“Furthermore, X’s procedures for researchers’ access to public data impose unnecessary barriers, effectively undermining research into various systemic risks in the European Union,” the EC wrote.
The ruling comes two years after the EC launched an investigation into the company over suspected breaches of rules related to risk management, content containment, dark patterns, advertising transparency and access to data for researchers.
“Scamming users with blue ticks, hiding information in ads and blocking researchers have no place on the EU internet,” Henna Virkkunen, executive vice-president for Technological Sovereignty, Security and Democracy at the European Commission, said in a statement.
X now has 60 days to describe how it plans to address the blue checkmark complaint and 90 days to respond with an action plan to address violations related to ads and public data transparency and accessibility.
Confirmed violations of the DSA may face a range of significant penalties, including fines of up to 6% of global annual turnover.
