The Irish Data Protection Commission (DPC) has taken legal action against X, the company formerly known as Twitter, over alleged data privacy violations. This lawsuit is part of the DPC’s efforts to enforce data protection laws in the European Union.
The case centers on X’s use of data from its platform to train xAI’s “Grok” artificial intelligence model. Reports from Irish news site RTE say the DPC decided to sue X after the company refused to stop collecting data from EU users.
Recently, the DPC tried to resolve the issue through negotiations. On July 25, the DPC was optimistic about receiving a response from X but did not get it in the expected time. As a result, the DPC chose to take the matter to court.
Elon Musk owns both X and xAI, which developed the Grok AI model. Musk has emphasized the connection between X and xAI, noting that Grok uses data from X to improve its AI capabilities. Although users can opt out of having their data used for training, the DPC claims that data was collected before this option was available and that X has not adequately addressed privacy concerns.
The court records show that the legal process has started, but it is not clear how it will affect X or xAI users in the EU. The judge has approved fast-tracking the case, but the impact on users is still unknown.
Broader Legal Challenges and Compliance Issues
The DPC is worried that X’s handling of data for AI training might breach the EU’s General Data Protection Regulation (GDPR). GDPR requires companies to have a valid reason to process user data. X is accused of using data without getting proper consent or informing users. Many users only discovered their data was being used after noticing changes in their account settings. Additionally, the option to opt out was only available through the web version of X.
The DPC plans to ask the European Data Protection Board (EDPB) to check X’s compliance with GDPR. The DPC is also concerned about X’s plan to release a new version of Grok this month. They have asked X to stop processing EU users’ data or delay the launch, but X has not agreed.
Besides this lawsuit, X faces other legal problems in the EU. Last month, the European Commission criticized X’s updated verification system for violating the Digital Services Act (DSA). Another investigation is looking into X’s content moderation practices. Recently, a Dutch user sued X, claiming the platform shadowbanned their account. The court ruled that X violated both the DSA and GDPR in this case.
As X deals with these legal challenges, its future in Europe is uncertain. The outcomes of these cases could significantly impact how X manages user data and follows EU regulations.
