Ireland's Data Protection Commission (DPC) has commenced an investigation into social media platform X, examining the utilisation of personal data from European Union users to train its generative artificial intelligence system, Grok. This inquiry was announced on Friday and has foregrounded the DPC's role as the principal EU regulator for X, which operates from the country.

The DPC's investigation will focus on how personal data, specifically contained in publicly-accessible posts made by EU/EEA users, is processed for the purposes of training artificial intelligence models. In its statement, the DPC noted that it would scrutinise the methods employed by X to handle this data under the framework of the EU's General Data Protection Regulation (GDPR), which grants the regulator authority to impose fines of up to 4% of a company's global revenue for breaches of the data protection rules.

The establishment of the investigation follows a prior court case in which the DPC sought an injunction to prevent X from processing data of EU users for AI development until users had the opportunity to withdraw their consent. Subsequently, X conceded to halt this practice and has agreed to adhere to these limitations indefinitely, leading the Irish regulator to cease those court proceedings shortly thereafter.

X, formerly known as Twitter, has historically faced criticism regarding compliance with EU regulations, including vocal opposition from prominent figures such as former U.S. President Donald Trump, who characterises such regulatory measures as a form of taxation on American companies. Elon Musk, the owner of X and a notable figure in the tech industry, has similarly expressed discontent with EU regulations surrounding online content.

The DPC has a track record of imposing substantial fines on major tech companies, including Meta, TikTok, and Microsoft's LinkedIn, since gaining enforcement powers in 2018. To date, fines levied against Meta have approached nearly 3 billion euros. Comparatively, X has not incurred penalties since a 450,000 euros ($511,000) fine in 2020, marking its first sanction under the GDPR framework.

As the investigation proceeds, it could have significant implications for X, particularly regarding the methodologies deployed in leveraging user data, and may contribute to broader discussions about the accountability of tech firms operating within the European market.

Source: Noah Wire Services