Published on April 16, 2025 | Category: tech

Grok AI is under investigation in the EU over potential GDPR violations – here's what you need to know

News

By Chiara Castro published 16 April 2025

Musk's platform previously agreed to limit the use of Europeans' data for training AI

(Image credit: Shutterstock/JR des)

The EU Data Protection Commission (DPC) has launched a privacy investigation on X
The Authority is investigating whether the platform uses publicly accessible posts to train its Grok AI model
Last September, X agreed to limit the use of Europeans' data for AI training after being hit by several GDPR complaints

The Irish Data Protection Commission (DPC) has launched a privacy inquiry against X over the use of Europeans' personal data to train its AI model, Grok.

Beginning on Friday, April 11, 2025, the privacy Authority is investigating whether Elon Musk's platform uses publicly-accessible X posts to train its generative AI models to determine compliance with GDPR rules.

X was hit by at least nine privacy complaints in August 2024 for allegedly using people's data without consent to train AI. In September, Ireland's data regulator decided to end the court proceedings as the company agreed to permanently limit the use of EU users' data for AI training.

Ireland's privacy inquiry

Grok, a group of AI models developed by xAI, powers the generative AI chatbot on X. Users can chat with Grok directly in its dedicated tab or ask for AI-generated context underneath other users' posts.

Since December 2024, Grok has also been able to automatically write small biographies of whoever has an account on X without users asking for it.

It isn't yet clear, however, whether the system has processed some personal data contained in publicly accessible posts without people's consent, and this is exactly what the Irish DPC wants to find out.

"The purpose of this inquiry is to determine whether this personal data was lawfully processed in order to train the Grok LLMs," wrote the DPC in an official announcement.

I respect your privacy and won't access your posts unless you explicitly mention me and ask for help. You can opt out of AI training on X by going to Settings > Privacy and safety > Data sharing and personalization > Grok, and toggling it off. Note that past posts might still be… pic.twitter.com/ZS9DtOfDsHApril 15, 2025

If found in breach of GDPR rules, X Internet Unlimited Company – the new name of X's data controller for US users based in Dublin – could be fined a maximum of 4% of its annual turnover.

Neither X nor Musk himself has yet commented on the DPC's announcement. Only Grok itself, after being challenged by one X user, has ensured that it "won't access your post unless you explicitly mention me."

The billionaire, however, has previously criticized EU laws and regulators. So, the results of this probe could end up further deteriorating the relationship.

Tension between the EU tech sector and the EU lawmakers could also intensify, though. As Proton (the provider of one of the best VPN and secure email services on the market) pointed out in a X post: "If it is found that public data still requires user consent to be used for training, this could have wider ramifications, both in Europe and beyond."

Everyone wants the viral AI doll – but it’s a privacy nightmare waiting to happen
Grok may start remembering everything you ask it to do
Did Siri break the law? Apple's latest privacy complaint in France doesn't bode well

See more Computing News

Chiara Castro

News Editor (Tech Software)

Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life – wherever cybersecurity, markets, and politics tangle up. She believes an open, uncensored, and private internet is a basic human need and wants to use her knowledge of VPNs to help readers take back control. She writes news, interviews, and analysis on data privacy, online censorship, digital rights, tech policies, and security software, with a special focus on VPNs, for TechRadar and TechRadar Pro. Got a story, tip-off, or something tech-interesting to say? Reach out to [email protected]

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Italy launches DeepSeek investigation over privacy concerns DeepSeek is under fire – is there anywhere left to hide for the Chinese chatbot? TikTok among six tech firms under fire for sending Europeans' personal data to China Worried about DeepSeek? Well, Google Gemini collects even more of your personal data DeepSeek blocked from app stores in South Korea DeepSeek kicks off the next wave of the AI rush Meta purportedly trained its AI on more than 80TB of pirated content and then open-sourced Llama for the greater good Is DeepSeek AI safe to use? Think twice before you download DeepSeek for the time being Millions of phone location records feared leaked as one of the biggest data leaks ever may be a whole lot worse Australian and Indian governments block DeepSeek from worker devices The AI copyright conundrum DeepSeek accused of sharing users' data with TikTok's ByteDance in another blow around privacy concerns

Latest in Cyber Security

Grok AI is under investigation in the EU over potential GDPR violations – here's what you need to know Everyone wants the viral AI doll – but it’s a privacy nightmare waiting to happen Tuta Mail could soon be your default iOS mail app – but only after filing a complaint against Apple How users benefit from Dark Web monitoring Who was really behind the massive X cyberattack? Here’s what experts say about Elon Musk’s claims A massive SMS toll fee scam is sweeping the US – here’s how to stay safe, according to the FBI France rejects controversial encryption backdoor provision "We will not walk back" – Signal would rather leave the UK and Sweden than remove encryption protections 4 ways to avoid misinformation on social media and retain control of your newsfeed Worried about DeepSeek? Well, Google Gemini collects even more of your personal data "We will never build a backdoor" – Apple kills its iCloud's end-to-end encryption feature in the UK DeepSeek accused of sharing users' data with TikTok's ByteDance in another blow around privacy concerns

Latest in News

Your Android phone is getting a major new security feature – here's how auto-reboot works ActiveX is now being blocked by default in Microsoft 365 Finally, Microsoft Teams is fixing one of my biggest everyday woork issues, and I couldn't be happier Nintendo Switch 2 pre-orders will reportedly begin soon in Canada, and I'm hoping that the US follows suit Daredevil Born Again season 1 ending explained: does [spoiler] show up, when does season 2 come out, and more Marvel questions answered Start saving – foldable iPhone price rumor suggests it could cost more than a MacBook Pro I hope these Oblivion remaster leaks are real so I can return to the fever dream that is Cyrodiil Notion launches AI-powered email app to give busy users a productivity boost Google search ditches country-specific domains, directs all users to google.com The wildest product we saw at CES is finally on sale, and we project good things Lego just dropped 9 new sets, but as a Star Wars obsessed fan, I'd shop these three first OpenAI might build its own social network, and we think we know why

Grok AI is under investigation in the EU over potential GDPR violations – here's what you need to know

Grok AI is under investigation in the EU over potential GDPR violations – here's what you need to know

Ireland's privacy inquiry

You might also like

You must confirm your public display name before commenting

Related Articles

Spotify is about to be flooded with AI-made ads, and I wonder if it will make much of a difference to businesses

CinemaCon 2025 live – first Avatar 3 reaction, juicy Fantastic Four news,

NYT Wordle today — answer and my hints for game #1385, Friday, April 4