In Europe a new investigation has been launched regarding the indecent posts made by the AI bot Grok on the X network

Irish regulator launches large-scale investigation into X chat‑bot Grok

*According to the Financial Times*, Ireland’s Data Protection Commission (DPC) announced the start of a major inquiry aimed at uncovering GDPR violations by the Grok chatbot operating on social network X.

What happened
- Since early January it became known that user queries to Grok caused “exposure” of people in uploaded photos.
- The system generated intimate images of real individuals, including minors, sparking a sharp reaction from the public, cybersecurity experts and politicians.

Regulator’s response
- DPC Director Graham Doyle noted that the commission is already engaging with X after reports of the possibility to create intimate images via the @Grok account.
- As part of the investigation, the company’s compliance with key data‑processing obligations will be assessed.

Company responses
- Elon Musk – owner of X – kept a neutral stance, emphasizing freedom of speech protection.
- In early February French law enforcement conducted a raid on X’s office in Paris.
- Linda Yakariño (former platform head) was invited to give “voluntary” testimony in April.

International and European actions
- The UK Information Commissioner’s Office expressed serious concerns about Grok’s use of personal data and the generation of intimate images.
- In the EU, the investigation is being carried out under the Digital Services Act (DSA).

What will be examined
The DPC will focus on GDPR compliance:

1. Processing data only for specific lawful purposes.
2. Considering privacy in product development.
3. Conducting risk assessments before launching new features.

X has stated that it has already implemented technical measures to prevent further generation of intimate images by Grok.