Ireland’s Data Protection Commission (DPC), acting on behalf of the European Union, has initiated an investigation into how personal data from users of the social media platform X, formerly Twitter, has been utilized to train its AI chatbot, Grok. This inquiry centers on whether X has lawfully processed publicly accessible posts from EU users, a critical issue given the platform’s ongoing development of generative AI models.
Grok, the name of the AI-powered chatbot developed by Elon Musk’s platform, uses large language models (LLMs) that are trained on vast amounts of publicly available data. The DPC’s investigation seeks to determine whether personal data contained in posts made by European users was handled in compliance with the EU’s General Data Protection Regulation (GDPR). The inquiry will specifically assess whether X processed this data with “lawfulness and transparency,” ensuring that the rights of users were respected.
The controversy dates back to last year, when X began using personal data from public posts made by European users to enhance its AI models. This prompted the DPC to file a court case, arguing that X’s actions violated EU privacy laws. However, in August, X agreed to halt its use of this data while working with the DPC, leading to the case being dropped. Despite this, X has continued its efforts to develop new AI models, raising concerns about ongoing privacy implications.
The DPC’s new inquiry will focus on compliance with key provisions of the GDPR, including data processing fairness, transparency, and the protection of user privacy. As X has its European headquarters in Ireland, the DPC is the lead regulatory body overseeing the company’s compliance with EU data protection laws.
This investigation underscores the growing scrutiny over how tech giants use personal data for AI development, especially in light of the EU’s stringent data privacy regulations. As AI technologies continue to evolve, the inquiry will likely set important precedents for the future of data protection in Europe.
