The UK's ICO has opened a formal investigation into X and xAI over reports that Grok AI was used to generate nonconsensual sexual images, examining whether proper data protection safeguards were in place.
The United Kingdom's data protection authority has launched a formal investigation into X and its Irish subsidiary over reports that the Grok AI assistant was used to generate nonconsensual sexual images. This announcement comes after the Information Commissioner's Office (ICO) contacted X and xAI on January 7, seeking urgent information on the measures taken to comply with data protection law following reports that Grok created sexually explicit images using individuals' personal data.
The ICO said today that it will examine whether X Internet Unlimited Company (XIUC) and X.AI LLC (X.AI) processed personal data lawfully and whether adequate safeguards were in place to prevent Grok from creating harmful, manipulated images. The privacy watchdog can impose fines of up to £17.5 million or 4% of a company's worldwide annual turnover.
"The reports about Grok raise deeply troubling questions about how people's personal data has been used to generate intimate or sexualised images without their knowledge or consent, and whether the necessary safeguards were put in place to prevent this," said William Malcolm, ICO's head of regulatory risk and innovation. "Losing control of personal data in this way can cause immediate and significant harm. This is particularly the case where children are involved."
This investigation is part of a broader international scrutiny of X's AI practices. French prosecutors have also raided X's Paris offices as part of a criminal probe examining whether Grok generated child sexual abuse material and Holocaust denial content. The French authorities have summoned Elon Musk, X CEO Linda Yaccarino, and additional X employees for interviews in April.
In January 2026, the European Commission launched its own formal investigation to determine whether X properly assessed risks under the Digital Services Act before deploying Grok on its platform after it was used to generate sexually explicit images. Additionally, X is being investigated by the Office of California Attorney General Rob Bonta and Ofcom (the UK's independent online safety watchdog) over nonconsensual sexually explicit content generated using Grok.
The investigation highlights growing concerns about AI-generated content and the potential for abuse when personal data is used without consent. As AI image generation technology becomes more sophisticated, regulators worldwide are grappling with how to protect individuals from having their likenesses used to create harmful or explicit content without their permission.
The outcome of this investigation could have significant implications for how AI companies implement safeguards and handle personal data, particularly when it comes to preventing the generation of nonconsensual intimate imagery. It also underscores the need for robust regulatory frameworks to address the unique challenges posed by AI-generated content and its potential for misuse.
Comments
Please log in or register to join the discussion