The Irish data protection regulator is investigating the activities of Elon Musk’s company X. On Friday, the country’s Data Protection Commission (DPC) announced (via Reuters) that it was launching an investigation into the social platform’s use of European users’ public posts to train its artificial intelligence chatbot Grok. In this case, Ireland is responsible for compliance with EU law, as X’s European headquarters is located in Dublin.
The DPC stated that it would examine “the processing of personal data contained in publicly available posts made on the social media platform “X” by EU/EEA users”. Under the European rules of the General Data Protection Regulation (GDPR), Ireland has legal grounds to fine X up to four percent of its global revenue.
“The purpose of this investigation is to determine whether this personal data was lawfully processed for the purpose of training Grok’s Masters of Laws,” the Irish DPC said.
If this sounds familiar, in 2024, the DPC sued Company X, demanding that it be banned from training Grok users on EU users’ data without their consent. This followed a policy change in July that allowed the social network to use public posts to train its AI chatbot. However, a few weeks later, the Irish data regulator dropped the legal proceedings, saying that the company had agreed to permanently restrict the use of personal data of EU users by Grok. The DPC did not specify why it now believes that the company may be in violation of the GDPR.
The last fine imposed by the DPC on the company (then known as Twitter) was €450,000 in 2020 for failing to notify the regulator of a data breach within 72 hours.
