Ireland's Data Protection Commission has launched a formal inquiry into X regarding the use of its Grok AI tool to create non-consensual sexual images of real people, including minors. The investigation seeks to determine if the platform violated several core GDPR principles, including data protection by design and the mandatory performance of impact assessments.

The Irish Data Protection Commission has officially initiated a large-scale inquiry into X following reports that its Grok artificial intelligence tool was being used to generate non-consensual sexual imagery. As the primary regulator for X within the European Union, the commission is investigating whether the company adhered to fundamental General Data Protection Regulation requirements. Specifically, the probe focuses on whether the platform maintained lawful processing practices and if it properly evaluated potential risks to individuals before deploying the technology.

This action by the Irish authorities marks a significant escalation in a coordinated international regulatory response to X's AI operations. The investigation stems from allegations that users could prompt the Grok account to create sexualized content featuring real individuals, including children. This move aligns with recent enforcement efforts in other jurisdictions, such as the United Kingdom, where the Information Commissioner’s Office has also launched a formal investigation into the platform’s safety and data practices.

Beyond data protection agencies, X faces scrutiny from a variety of legal and safety bodies across the globe. In the United States, the California Attorney General is looking into the generation of sexually explicit content via the tool, while the United Kingdom's online safety regulator, Ofcom, has also opened its own review. These investigations are occurring alongside a European Commission proceeding initiated earlier this year to evaluate if X complied with the Digital Services Act's risk assessment rules.

The legal pressure on the company has also shifted into the criminal domain in some regions. French prosecutors recently conducted a raid on X’s Paris offices as part of a probe into the generation of child sexual abuse material and content involving Holocaust denial. As part of this criminal investigation, several high-ranking executives and employees have been summoned for interviews scheduled for later this spring to address the platform's content moderation and AI safety protocols.

The outcome of the Irish investigation is particularly critical because the commission serves as the lead supervisory authority for the entire European Economic Area. If X is found to be in violation of the law, the company could face significant financial penalties that are enforceable across dozens of countries. Given that both European and British regulators have the power to levy fines reaching 4% of a company's total global annual turnover, the financial and operational stakes for the social media platform are substantial.

Source: Ireland Also Investigating X Over Grok-Made Sexual Images