X faces legal action in EU for processing user data to train its AI chatbot Grok

Users have to click on Settings and uncheck the box in order to opt-out of the AI training process. Concerned by the default processing of user posts for AI training, the data protection watchdog said that it is seeking an injunction against X as the move threatens the rights and freedoms of users on the social media platform.

What does the law say?

According to the European Union’s General Data Protection Regulation (GDPR), companies like X are allowed to process user data only if there is a proper and valid legal basis for it. This could mean that X was required to obtain users’ consent before repurposing their data for AI training.

However, users were not notified by the platform that their posts are going to be used to train its AI models. The data processing came to light only after a few users noticed a change in the settings of the platform. Additionally, users were able to opt-out of the data processing mechanism through an option that was only accessible via the web version of X.

The DPC said that it will be asking the European Data Protection Board (EDPB) to look into X’s compliance with the GDPR, according to a report by RTE. It also expressed concern over X’s plan to roll out a newer model of Grok this month, saying that the social media company had refused its requests to stop processing European users’ data or delay the launch.

X’s legal woes in EU

Last month, the European Commission said that X’s revamped verification (blue check) mechanism violated provisions of the Digital Services Act (DSA). The social media company’s compliance with the DSA is being probed in a second case which has to do with X’s content moderation practices.

Recently, X was taken to court by a user in the Netherlands who accused the platform of shadowbanning their account. The court held that the platform had violated various provisions of the DSA as well as GDPR.