Britain’s data protection authority has initiated formal inquiries into X and xAI following concerns that Grok, an artificial intelligence system developed by Elon Musk’s companies, generated sexually explicit deepfake images without individuals’ permission. The Information Commissioner’s Office emphasizes that these allegations raise serious questions about data protection compliance and safeguard implementation within the AI tool’s design and operation.
The investigation centers on whether adequate protections were established to prevent misuse of personal data. William Malcolm, the regulatory executive at the ICO, highlighted that unauthorized creation of intimate images represents significant harm to individuals, particularly when minors are involved. The agency is examining whether appropriate safeguards existed before Grok’s deployment to users.
Ofcom, the communications regulator, clarified its position regarding the dual entities involved. While investigating X, the social media platform where Grok operates, Ofcom determined it would not formally probe xAI, which distributes the standalone Grok application. However, the agency continues demanding clarification from xAI regarding potential risks the service poses to users.
Ofcom is specifically evaluating whether xAI complies with regulations mandating age verification systems for platforms hosting adult material. The regulator stated that current legislation restricts its ability to investigate AI chatbot image generation separately from other regulatory frameworks, creating jurisdictional limitations in addressing the standalone service’s conduct.
Officials acknowledged that X has implemented corrective actions in response to the situation. Ofcom stressed the company deserves fair opportunity to present its position and defense, while warning that the regulatory process could extend over several months as evidence gathering continues. The investigation remains in preliminary stages with significant factual assessment still required.
