EU Opens Digital Services Act Investigation Into X’s Grok Over Sexually Explicit Deepfakes
The European Commission opened a formal investigation into X under the Digital Services Act (DSA) over concerns that its GenAI chatbot Grok enabled the creation and dissemination of manipulated sexually explicit images, including content that may amount to child sexual abuse material (CSAM). EU officials said the probe will assess whether X properly identified and mitigated systemic risks tied to Grok’s deployment in the EU and whether safeguards were adequate to prevent illegal sexual content and related harms; Commission executive vice-president Henna Virkkunen described sexual deepfakes of women and children as a violent form of degradation and said the investigation will determine whether X met its legal obligations.
Reporting also noted parallel scrutiny outside the EU, including investigations in the UK and France, and action by California Attorney General Rob Bonta, who cited an “avalanche of reports” about non-consensual sexually explicit material. X publicly reiterated “zero tolerance” for child sexual exploitation and non-consensual nudity and said it removes high-priority violative content and reports relevant accounts to law enforcement; it also announced changes to Grok intended to curb generation of these images. Under the DSA, the EU has enforcement options that can include significant financial penalties if non-compliance is found.
Related Entities
Organizations
Sources
Related Stories
EU Digital Services Act Investigation Into X’s Grok Over Sexualized Deepfakes
The **European Commission** opened formal proceedings against **X** under the **Digital Services Act (DSA)** to examine risks linked to the rollout of its AI tool **Grok** in the EU, focusing on whether the platform adequately assessed and mitigated systemic risks tied to the spread of **illegal content**. Regulators cited the apparent materialization of harms including **manipulated sexually explicit images** and content that may amount to **child sexual abuse material (CSAM)**, and will assess whether X met DSA obligations around risk identification, mitigation measures, and reporting—potentially including whether an **ad hoc risk assessment** was completed and submitted before Grok-related features were deployed. The Commission is also expanding its earlier DSA investigation into X’s **recommender systems**, including risks associated with a shift toward a **Grok-based recommender model**, and is coordinating with Ireland’s media regulator **Coimisiún na Meán** (as Ireland is X’s EU establishment). Reporting also notes parallel international scrutiny and responses: the UK regulator **Ofcom** has opened a probe into Grok, **Malaysia and Indonesia** have banned the chatbot, and xAI/X have claimed to implement technical measures and restrict some Grok functionality (including limiting certain image generation and restricting access to paying subscribers) amid concerns that mitigations have been insufficient to prevent sexualized deepfakes and related harms.
1 months ago
Regulatory Investigations Into X’s Grok Over Non-Consensual Sexual Image Generation
Ireland’s **Data Protection Commission (DPC)** opened a formal GDPR investigation into X’s use of the **Grok** AI tool after reports that users could prompt `@Grok` to generate non-consensual sexualized images of real people, including children. The DPC said it will examine whether X’s EU subsidiary (**X Internet Unlimited Company**) met core GDPR obligations, including lawful processing, *data protection by design*, and whether appropriate **data protection impact assessments** were conducted. The Irish inquiry adds to a widening set of actions focused on Grok-related harms and platform safety governance. UK authorities have also moved to tighten expectations for AI chatbot providers following Grok-linked sharing of non-consensual intimate images, with the UK government signaling faster rule updates and enforcement for child-safety duties; separately, the UK **ICO** has opened its own investigation, and the European Commission has initiated proceedings under the **Digital Services Act** to assess whether X adequately evaluated risks before deploying Grok. Additional reported scrutiny includes investigations by California’s Attorney General and UK regulator **Ofcom**, and a separate criminal probe in France involving a raid of X’s Paris offices.
3 weeks ago
French prosecutors raid X’s Paris offices over Grok deepfakes, CSAM allegations, and algorithm manipulation probe
French prosecutors raided **X’s Paris offices** as part of a criminal investigation led by the Paris prosecutor’s cybercrime unit with support from France’s National Gendarmerie and **Europol**. Authorities said the probe—opened in **January 2025** after complaints from French officials—covers allegations including **fraudulent/automated data extraction**, **tampering with automated data processing systems**, and potential **organized manipulation of X’s recommendation algorithms**, including concerns about possible influence by foreign actors. Prosecutors also summoned **Elon Musk** and X executive **Linda Yaccarino** for **voluntary interviews** in Paris in April, and called additional employees as witnesses; no charges or arrests were reported at the time of the search. The investigation expanded to include X’s AI chatbot **Grok**, following complaints that it facilitated or generated illegal content, including **sexually explicit deepfakes** (including alleged depictions of minors), **Holocaust denial** content, and alleged complicity in the **possession/distribution of child sexual abuse material (CSAM)**, alongside allegations of operating an illicit online platform. UK regulators also opened parallel scrutiny: the **ICO** launched a formal investigation into X and Grok over potential generation of nonconsensual sexualized images (including of children), and **Ofcom** had previously announced its own inquiry into related concerns. Separately, European policy pressure on youth social media access continued, with the Netherlands considering a higher minimum age and stricter platform oversight, but that debate is distinct from the French criminal case.
1 months ago