X, Sanctions, and the Blue Check: How Premium Perks for Iranian Officials Spark a High-Stakes Compliance Crisis

Background

When Elon Musk promised to make X (formerly Twitter) the global town square for unfiltered speech, few imagined that one of the thorniest constraints on that vision would be export controls and financial sanctions. Yet that is exactly where the platform now finds itself. A new investigative report indicates that premium perks on X were extended to prominent figures in Iran’s government—some of whom are likely listed under U.S. sanctions—before several of those badges disappeared following questions from journalists.

This is more than a PR headache. U.S. sanctions law treats platforms like X as “U.S. persons,” subject to rules that prohibit providing goods or services to designated individuals, entities, and governments. Complicating matters, the United States has also tried to carve out room for internet freedom tools that help ordinary Iranians bypass censorship. Navigating those sometimes-competing aims—promoting open access while denying benefits to sanctioned officials—requires precise compliance controls and careful policy judgments.

The episode is a litmus test for whether today’s social media companies can run subscription businesses at global scale while maintaining disciplined sanctions screening. It is also a reminder that the blue check is no longer just a vanity emblem; it can alter visibility, reach, and monetization—privileges that may change the balance between civic discourse and state propaganda.

What happened

• An investigative report surfaced evidence that X accounts tied to senior Iranian government figures sported paid premium badges and features.
• After the outlet sought comment from X, some of those checkmarks reportedly vanished, suggesting the platform took remedial action once the issue was flagged.
• The core question: Did X sell (or otherwise provide) subscription services to individuals or offices connected to the Government of Iran or other sanctioned entities, and if so, was that permitted under U.S. law?

Why this matters legally

U.S. sanctions on Iran are expansive. Under the International Emergency Economic Powers Act (IEEPA) and a suite of executive orders, the Treasury Department’s Office of Foreign Assets Control (OFAC) bars U.S. persons from providing most goods and services to the Government of Iran and individuals on the Specially Designated Nationals and Blocked Persons (SDN) List. That prohibition typically applies whether compensation changes hands or not. In other words, free or paid, a “service” is still a service.

There are important exceptions. The United States broadly permits the exchange of informational materials, and OFAC has issued a general license designed to support internet freedom in Iran—allowing certain communications tools to reach ordinary people. However, those permissions do not extend to the Government of Iran or to SDNs. The goal is to enable private citizens to communicate and organize without empowering sanctioned officials or institutions.

If X provided premium services—paid or comped—to individuals who are sanctioned or part of the Government of Iran, the platform could face sanctions exposure. OFAC operates under a form of strict liability in civil cases: a violation can exist even if the company didn’t intend to break the rules. Penalties can be significant, potentially reaching hundreds of thousands of dollars per violation or more, depending on the facts and the value of the transactions.

Why this matters politically and ethically

The optics are striking. During protests in Iran, Elon Musk publicly championed connectivity for demonstrators, including efforts to bring satellite internet capacity to people on the ground. At the same time, if regime-aligned figures received algorithmic boost, longer posts, or other perks tied to premium accounts, it could help official narratives outcompete independent voices. Whether by design or inadvertence, granting a stronger megaphone to state actors undermines the core rationale behind internet freedom carve-outs.

X Premium is not just a badge

X’s subscription tiers have changed, but in general, X Premium (and higher tiers) can include:

• Elevated algorithmic ranking and increased reach
• Ability to publish longer posts and videos
• Edit functions and enhanced formatting
• Reduced advertising or ad-related tools
• Eligibility for revenue sharing and other monetization

For public officials—especially those in authoritarian systems—these features are strategically valuable. They can amplify state messaging abroad and extend influence into diaspora communities and international audiences, even if the service is heavily restricted within their own country.

Background: Sanctions, speech, and the Iran exception

To understand the stakes, it helps to map the legal terrain.

• Core prohibition: U.S. persons (including American companies) are generally barred from exporting goods, services, or technology to Iran, the Government of Iran, and anyone on OFAC’s SDN List absent authorization.
• Informational materials: U.S. law protects the exchange of informational content across borders, often referred to as the “Berman Amendment.” That is why Iranians can, for example, read open websites or share news even under sanctions.
• Internet freedom license: OFAC’s general license for Iran authorizes specific communications tools—such as messaging apps, anti-censorship technologies, and certain cloud or developer services—so that ordinary people can access and share information. But that license does not authorize services provided to the Government of Iran or to blocked persons, and it does not permit high-end, enterprise, or commercial hosting for government entities.

In practice, platforms have to thread a needle. They may permit ordinary Iranian users to access basic social features and even certain paid tools that fit under the license. But they must block premium capabilities for sanctioned officials and institutions, regardless of whether the service is paid or free, direct or through intermediaries.

How could this have happened?

The mechanics of a breach can be surprisingly mundane. Potential pathways include:

• App store purchases: If a premium subscription was initiated via a third-party app store, the platform still bears responsibility for sanctions compliance. Screening failures at either layer can create exposure.
• Third-party payment processors: If a non-U.S. payment intermediary routed funds, a platform must still ensure the subscriber is not sanctioned.
• Complimentary upgrades: Even if X granted verification or premium features at no cost—such as to accounts over a follower threshold—the provision of services to blocked persons can still be prohibited.
• VPN and identity obfuscation: Iranian officials frequently use VPNs to access Western platforms. Geofencing by IP is insufficient. Robust identity and sanctions screening must rely on more than location signals.
• Reduced compliance resourcing: Since 2022, X has publicly reduced headcount across trust and safety and other operational functions. Fewer dedicated compliance personnel and tooling can make gaps more likely at scale.

None of these possibilities exonerate a company in OFAC’s eyes. The regulator expects U.S. firms to build risk-based controls tailored to the sanctions profiles they face—especially for high-visibility, high-risk user cohorts like foreign officials.

The gray areas—and why they likely don’t help here

Some might argue that a social media subscription is merely an “informational” service. OFAC’s guidance suggests otherwise. While reading or posting content is generally protected, premium features are commercial services that confer distinct advantages, and they are not automatically covered by the informational exception or the internet freedom license when provided to blocked persons.

Another edge case is whether an official personally listed as an SDN differs from a lower-level government employee who is not individually listed. OFAC’s bar on services to the “Government of Iran” is broad. In many instances, dealing with government-controlled accounts risks running afoul of that prohibition even if a specific individual is not named on a list. When in doubt, platforms are expected to block access or seek a specific license—something rarely granted for services that advantage state actors.

The compliance playbook X will need

If X wants to avoid a repeat, the path is clear—and not unique to this company:

• Strengthen sanctions screening: Implement automated and manual screening for subscribers, including phonetic and transliteration matching for names in Persian and Arabic scripts, and match on known official titles and affiliations.
• Vet notable accounts: Create a secondary review for accounts that are public officials, state media, or government-adjacent. Premium access should be denied unless clearly authorized by OFAC.
• Payment controls: Work closely with app stores and payment processors to ensure end-to-end screening and consistent blocking. Do not delegate compliance blindly.
• No complimentary loopholes: Treat complimentary perks as “services” and subject them to the same screening thresholds as paid subscriptions.
• Logging and audit trails: Maintain robust records that show screening decisions and escalations. OFAC looks favorably on good-faith, well-documented programs even when errors occur.
• Public policy clarity: Publish a transparent policy on how sanctions impact verification, premium perks, and monetization, especially for government officials in comprehensively sanctioned countries.

Key takeaways

• A report indicates X extended premium features to figures connected to Iran’s government, then removed some badges when asked for comment—raising potential U.S. sanctions issues.
• Under OFAC rules, providing services to sanctioned individuals or the Government of Iran is generally prohibited, regardless of whether the service is paid or complimentary.
• OFAC’s internet freedom license aims to help ordinary Iranians access communication tools but does not authorize benefits for state actors or SDNs.
• Because X Premium can materially boost reach and influence, giving those perks to regime voices undermines the policy intent of sanctions and internet freedom carve-outs.
• OFAC uses strict civil liability; intent is not required for a violation, and penalties can be substantial.
• Stronger sanctions screening, vetting for notable accounts, and clear public rules are essential to reconcile global speech ambitions with legal obligations.

What to watch next

• X’s formal response: Will the company disclose how the premium features were assigned, whether payments were accepted, and what corrective actions it has taken?
• OFAC engagement: The Treasury Department may request information or open an inquiry. Outcomes can range from no action to settlements with penalties and mandated compliance improvements.
• Congressional scrutiny: Lawmakers have already shown interest in how social platforms manage foreign propaganda and sanctions. Expect letters, hearings, or requests for documents.
• App store policies: Apple and Google could examine whether in-app subscription flows met sanctions requirements, potentially tightening their own compliance checks for all developers.
• Industry ripple effects: Other platforms offering paid tiers for verification, reach, or monetization may proactively audit government-affiliated accounts from sanctioned jurisdictions.
• Updated guidance: If ambiguity remains around which premium features qualify as permitted “communications tools,” OFAC could issue FAQs or revise general licenses to clarify boundaries.

FAQ

• What is X Premium, and why does it matter here?

  • X Premium (and its higher tiers) offers enhanced visibility, longer posts, media uploads, verification badges, and sometimes monetization. These are tangible services, not just cosmetic, which is why they trigger sanctions analysis.

• Aren’t Iranians allowed to use U.S. social platforms?

  • Ordinary Iranian users can generally access social platforms under exemptions for informational materials and specific licenses supporting internet freedom. However, those allowances do not extend to the Government of Iran or individuals and entities on U.S. sanctions lists.

• Does it count as a violation if a service was free?

  • Potentially, yes. OFAC’s prohibitions often cover the provision of services regardless of payment. Complimentary premium features can still be prohibited if provided to blocked persons.

• What penalties could a company face for violations?

  • Civil penalties can reach substantial amounts per violation, sometimes the greater of a six-figure cap or twice the transaction value. OFAC also considers factors like the company’s compliance program, cooperation, and remedial actions.

• Could the internet freedom license shield a platform in this scenario?

  • Unlikely if the recipients are government officials or sanctioned individuals. The license is designed to help the Iranian public communicate, not to furnish enhanced services to state actors.

• How might X have avoided this?

  • By integrating robust sanctions screening into all premium and verification flows, ensuring special handling for government-affiliated accounts, and removing any automatic, follower-based comping that could sweep in blocked persons.

• Is this an isolated case?

  • The risk is systemic across platforms that sell reach, verification, or monetization. Any company running a subscription business globally must treat sanctions compliance as a core product requirement, not a back-office afterthought.

Source & original reading

Original report: https://www.wired.com/story/elon-musk-x-premium-accounts-iran/