The European Commission has launched a formal investigation against X into Grok’s manipulated sexually explicit images, including content that may amount to child sexual abuse material.
The new investigation will assess whether the company properly assessed and mitigated risks associated with the deployment of Grok’s functionalities into X in the EU.
Grok is an artificial intelligence (‘AI’) tool developed by the provider of X. Since 2024, X has deployed Grok in its platform in various ways, enabling users, for example, to generate text and images and to provide contextual information to users’ posts.
As a designated very large online platform (VLOP) under the Digital Services Act (DSA), X has obligations to assess and mitigate any potential systemic risks related to its services in the EU.
“Sexual deepfakes of women and children are a violent, unacceptable form of degradation,” said EC executive vice-president Henna Virkkunen: “With this investigation, we will determine whether X has met its legal obligations under the DSA, or whether it treated rights of European citizens – including those of women and children – as collateral damage of its service.”
In parallel to the new investigation, the Commission is extending its ongoing probe launched in December 2023 into X’s compliance with its recommender systems risk management obligations.
The risks seem to have materialised, says the Commission, exposing citizens in the EU to serious harm. In light of this, the Commission will further investigate whether X complies with its DSA obligations to:
Diligently assess and mitigate systemic risks, including of the dissemination of illegal content, negative effects in relation to gender-based violence, and serious negative consequences to physical and mental well-being stemming from deployments of Grok’s functionalities into its platform.
Conduct and transmit to the Commission an ad hoc risk assessment report for Grok’s functionalities in the X service with a critical impact on X’s risk profile prior to their deployment.
Separately, the Commission has extended its ongoing formal proceedings opened against X in December 2023 to establish whether X has properly assessed and mitigated all systemic risks, as defined in the DSA, associated with its recommender systems, including the impact of its recently announced switch to a Grok-based recommender system.
The Commission will now carry out an in-depth investigation as a matter of priority. The opening of formal proceedings does not prejudge its outcome.
In preparing for this investigation, the Commission says it has closely collaborated with Coimisiún na Meán, the Irish Digital Services Coordinator. Coimisiún na Meán will be associated to this investigation, as the national Digital Services Coordinator in the country of establishment in the EU.
Help and support is available at national level for individuals who have been negatively affected by AI-generated images, including child sexual abuse material or non-consensual intimate images. Under the DSA, citizens have the right to make a complaint about a breach of the DSA to the Digital Services Coordinator of their Member State.
