EC Tentatively Finds X Breaches Digital Services Act
X is violating the Digital Services Act (DSA) in areas linked to dark patterns, advertising transparency and data access for researchers, the European Commission said Friday. These are the first preliminary findings issued under the DSA. They follow a separate…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
pending investigation launched in December on different issues, EC officials said at a briefing. X didn't immediately comment. Officials voiced concerns about three aspects of X's setup. One is the interface for "verified" accounts with a "blue checkmark." The EC believes the checkmarks mislead users into thinking accounts and content they're seeing are trustworthy and reliable. But when EC researchers looked at reply feeds on particular posts, they found that X prioritizes content from blue checkmark accounts. This breaches DSA rules against dark patterns - defined as interfaces and user experiences on social media platforms that cause users to make unintended, unwilling and potentially harmful decisions about processing of their personal data -- because anyone can obtain such "verified" status simply by paying for it. That prevents users from making informed decisions about the authenticity of the accounts and content they're seeing. The EC's second "grievance" arises from X's failure to maintain a searchable, publicly available advertisement repository that would allow researchers to inspect and supervise tweets to track emerging risks from online ads, officials said. X formerly gave researchers such access, but Elon Musk rescinded it. The repository is a key obligation under the DSA because it allows anyone to search for an ad on the platform to find out who placed it and what its targeting criteria are, officials said. The third item concerns the lack of a process for giving researchers access to X's public data for scraping, and its procedure for allowing qualified researchers to access its application programming interfaces is too slow and complex, officials said. This falls well below DSA requirements that third parties be able to inspect what's happening on the platform, they said. If the findings are confirmed, X could be fined up to 6% of its total worldwide annual revenue and ordered to remedy the breaches, the EC added. The DSA designated X a very large online platform in April 2023 after it declared it reached more than 45 million monthly active users in the EU, the EC noted.