X faces EU legal complaints for alleged AI data misuse under Musk
Social media platform X, owned by Elon Musk, is under scrutiny after a series of complaints were filed in nine European Union countries.
The allegations center on the illegal collection of personal data from over 60 million users to develop artificial intelligence technologies, including the Grok chatbot, without their consent.
Who’s behind allegation?
The complaints were spearheaded by None Of Your Business (Noyb), a Vienna-based privacy advocacy nongovernmental organization (NGO). Noyb, co-founded by Austrian lawyer and privacy activist Max Schrems, filed the complaints with data protection authorities in Austria, Belgium, France, Greece, Ireland, Italy, the Netherlands, Poland, and Spain, citing violations of the EU’s General Data Protection Regulation (GDPR), which mandates that companies must inform users and obtain their consent before using their data.
What did X do
Noyb claims that X has been unlawfully using personal data to train its AI systems since at least July 2023. Unlike Meta, which recently halted AI training in the EU after facing similar scrutiny, X allegedly did not inform its users or request their permission before utilizing their data. The allegations suggest that many users only became aware of this data usage through a viral post by an X user on July 26, long after the data collection had started.
Irish action against X
Last week, Ireland’s Data Protection Commission (DPC) initiated legal action against X to stop what it described as the illegal processing of data. However, Noyb criticized the DPC for focusing on mitigation measures rather than addressing the root issue: the mass, unauthorized data collection.
What’s next
Noyb has called for a thorough investigation into how X handles user data and has posed several key questions:
- How does X separate the data of its European clients from that of other users?
- What happened to the data that has already been fed into the AI systems?
The NGO stressed that X could have easily avoided this controversy by simply asking for user consent.