Ireland investigates X over personal data use for AI training

On April 11, 2025, the Data Protection Commission of Ireland announced an investigation into the social media platform X, owned by Elon Musk. The focus of the inquiry is on the use of personal data obtained from publicly accessible posts made by European users to train the Grok artificial intelligence chatbot. This investigation is significant due to the requirements set forth under the General Data Protection Regulation (GDPR), which governs how personal information can be processed and used within the European Union. The GDPR aims to protect individuals’ privacy and personal data, which is a critical concern in the digital age. The inquiry will examine whether X’s processing of publicly accessible posts complies with the stringent data privacy laws outlined in the GDPR. Under these regulations, X has a responsibility to ensure that personal data is processed lawfully, fairly, and transparently. The Data Protection Commission, acting as the lead regulator for X because its European headquarters are located in Dublin, has the authority to impose significant penalties for violations, including fines reaching up to 20 million euros or 4% of the company’s total annual revenue. The implications of this investigation could be immense for X and other tech companies utilizing personal data for training AI systems. In essence, this initiative by the Data Protection Commission represents a broader trend in Europe towards greater scrutiny and regulation of how tech companies handle personal data. The evolution of AI technology has raised numerous questions about privacy and users’ rights, prompting regulators to take action to ensure compliance with existing legal frameworks. With consumers increasingly aware of the risks associated with data privacy, regulators are under pressure to safeguard personal information and enforce laws that protect individual rights in the digital landscape. While X has not responded to requests for comment in light of the investigation, the ongoing inquiry underscores the need for transparency and accountability in the management of data used for AI. The research and development of AI chatbots like Grok depend significantly on vast amounts of data derived from user interactions. However, this necessity cannot come at the expense of user privacy or legal compliance. The outcome of the Data Protection Commission’s investigation may set important precedents regarding the intersection of AI advancements and data privacy regulations.