The DPC is the lead European Union (EU) regulator for X because the United States (US) company’s European Union operations are based in Ireland. It can levy fines of up to 4% of a company’s global revenue under the bloc’s General Data Protection Regulation (GDPR).

The decision to begin the inquiry was notified to X on Monday, the DPC said in a statement and its purpose was to determine whether X had complied with its obligations under GDPR with regard to the personal data processed. Grok flooded X last month with AI-altered, near-nude images of real people in response to user requests, triggering widespread global outrage and investigations. X announced curbs to stop Grok’s account on the platform from producing such images, but the Grok chatbot continued to do so when prompted, Reuters found earlier this month.

US President Donald Trump and other members of his administration have criticised EU regulation of US tech companies and described fines imposed on them by the 27-member bloc as a form of taxation. X’s owner, Elon Musk, who is the world’s richest man, has also expressed his objections to EU regulations, mainly those imposed directly by Brussels on online content.

“The DPC has been engaging with XIUC (X Internet Unlimited Company) since media reports first emerged a number of weeks ago concerning the alleged ability of X users to prompt the @Grok account on X to generate sexualised images of real people, including children”, said Deputy Commissioner, Graham Doyle.

–Reuters–