Ireland’s Data Protection Commission (DPC), acting as the lead EU regulator for X, has launched a probe into Elon Musk’s X over its AI chatbot Grok and the alleged creation of sexualised deepfake images.
The "large-scale inquiry" will examine potential breaches of the European Union’s General Data Protection Regulation (GDPR), focusing on the alleged generation and publication of harmful, non-consensual intimate or sexualised images involving Europeans, including children, using Grok.
“The purpose of this investigation is to determine whether X complied with its obligations under the GDPR regarding the personal data of EU/EEA subjects,” the DPC said in a statement.
As X’s European operations are headquartered in Ireland, the DPC serves as the EU’s primary regulator for the platform. Deputy Commissioner Graham Doyle said the authority has “been engaging” with X since media reports surfaced weeks ago about the alleged ability of users to prompt Grok to generate sexualised images of real people, including minors.
The investigation follows similar probes launched in other countries in January, amid rising international scrutiny. The European Union has also opened a separate inquiry under the Digital Services Act (DSA) to determine whether X has met its legal obligations for online platforms.
In response to criticism, X restricted Grok’s image generation and editing features to paying subscribers last month.
Regulation of US tech firms like X has intensified tensions between the EU and Washington, with past US administrations framing such enforcement as threats to free speech and unfair targeting of American companies.
The DPC notified X of the investigation on Monday. X had not responded to inquiries by Monday evening.
This move builds on an earlier investigation opened by the Irish regulator in April 2025 into X’s use of personal data for training AI models, particularly Grok.
With input from agencies
Bd-pratidin English/ Jisan
