EU opens proceedings against X for possible breaches of the DSA

X has become the first company to have formal proceedings for potential breaches of the Digital Services Act (“DSA”) launched against it by the European Commission. In a press release published earlier this week, the Commission announced that it was opening these formal infringement proceedings to assess whether X (formerly Twitter) has breached the DSA’s rules on risk management, content moderation, dark patterns, advertising transparency and providing data access for researchers.

Background to the formal proceedings 

X was designated as a “Very Large Online Platform” or VLOP under the DSA by the Commission earlier this year, meaning it (like other VLOPs) has been required to comply with the DSA since 25 August 2023 (see our previous blog here).

The opening of these formal proceedings follows:

• a letter that Thierry Breton, European commissioner for the internal market, sent to X owner Elon Musk on 10 October this year. It warned that in the wake of “terrorist attacks carried out by Hamas against Israel, we have indications that your platform is being used to disseminate illegal content and disinformation in the EU.” The letter also reminded Musk that “following the opening of a potential investigation and a finding of non-compliance, penalties can be imposed”. Breton published this letter on X and although Musk challenged this, asking for Breton to list the violations, X CEO Linda Yaccarino responded summarising how the platform was managing content related to the Hamas attack; and 
• a formal request for information by the Commission made on 12 October. The Commission’s decision to now open infringement proceedings has been made based on how X responded to that request for information as well as on an analysis of a risk assessment report X submitted in September and the Transparency Report X published in November.

Even before the letter sent to X on 10 October, it was clear that the platform was squarely in the sights of Commissioner Breton. In May and November 2022, Breton posted clips on X of meetings with Musk about the Act, welcoming Musk’s intent to prepare for the new law. However, a post from May this year indicated a less positive relationship after X withdrew from the EU’s Voluntary Code of Practice on Disinformation, with Breton warning X (then Twitter) that “You can run but you can’t hide” from DSA obligations. 

What potential breaches of the DSA are being investigated?

The formal request for information had focussed on the alleged spreading of illegal content and disinformation, and in particular the spreading of terrorist and violent content and hate speech. The Commission has now indicated that the formal proceedings will address not only compliance with DSA obligations related to tackling the dissemination of illegal content (including X’s risk assessment and mitigation measures, and its notice and action mechanism for reporting and dealing with illegal content) but also: 

• the effectiveness of measures taken to combat information manipulation, notably the effectiveness of X's Community Notes' system (a crowed sourced fact checking system) and the effectiveness of related policies mitigating risks to civic discourse and electoral processes;
• suspected shortcomings in giving researchers access to X's publicly accessible data as required by Article 40 of the DSA, as well as shortcomings in X's ads repository; and 
• a suspected deceptive design of the user interface, specifically in relation to checkmarks linked to certain subscription products. These are the so-called Blue checks that were previously only available to verified public figures but which are now available to users who pay for them. 

X is likely to need to convince the Commission that the measures it has in place meet the new standards imposed by the DSA. So far, X has published a statement that saying that it remains committed to complying with the DSA and is cooperating with the regulatory process. The statement adds that “It is important that this process remains free of political influence and follows the law. X is focused on creating a safe and inclusive environment for all users on our platform, while protecting freedom of expression, and we will continue to work tirelessly towards this goal.”

Next steps

The Commission has indicated that it will continue to gather evidence, for example by sending further requests for information and by conducting interviews or inspections. There is no legal deadline set by the DSA as to how long the proceedings must take.

The DSA provides for potentially huge fines to be imposed for violations (up to 6% of global worldwide annual turnover). As the Commission alluded to in its press release, it may also require X to put interim measures in place prior to making any final non-compliance decision where there is an urgency due to the risk of serious damage to users. The Commission may also accept a commitment made by X to remedy any matters subject to the proceedings, which the DSA empowers the Commission to make binding on a platform provider. 

X was the first company to be issued with a request for information under the DSA but it is not the only one. The decision to open proceedings against X will be of particular interest to the other VLOPs that have already been issued with requests (to date including Meta, Ali Express, YouTube, TikTok and Snap). Some of those other requests for information have, like the one issued to X, related to the dissemination of illegal content and disinformation. However, others have focussed on the protection of consumers online with regard to the dissemination of illegal products (AliExpress) or to the protection of minors (YouTube, TikTok, Meta and Snap).