UK regulator launches investigation into Elon Musk’s X after Grok deepfakes controversy
Official investigations have been launched into whether Elon Musk’s X and xAI comply with data protection law after chatbot Grok was used to create sexually explicit deepfake images.
The Information Commissioner’s Office (ICO) confirmed it had opened investigations on Tuesday afternoon. In a statement, it was stated that the reports raised “serious concerns” under UK data protection laws, such as “whether appropriate safeguards were taken in the design and distribution of Grok”.
This follows outrage over Grok’s ability to digitally ‘undress’ victims without their consent and create deepfake images of them naked or minimally clothed. women told Independent They were left feeling “violated and humiliated” after “dehumanizing” images were created by the chatbot.
X said it has since taken measures to resolve the issues raised.
William Malcolm, the ICO’s executive director of regulatory risk and innovation, said the office was “working closely with Ofcom and other regulators” to “ensure people’s safety and privacy are protected”.
He added that losing personal data in this way “could lead to immediate and serious harm.”
In January, technology secretary Liz Kendall encouraged Ofcom to use its “full powers” under the Online Safety Act after the regulator announced it was launching an investigation into whether X complies with UK law.
Ofcom had previously said in a statement that it would determine whether X “complies with its duties to protect people in the UK from illegal content”.
But in a separate statement on Tuesday, the regulator said that, unlike the ICO, it was not investigating xAI, which provides the standalone Grok chatbot app.
Ministers have introduced a bill to ban the creation of sexual deepfakes without consent, following outrage over the chatbot. Following the ban, Sir Keir Starmer said X must take action “immediately” to comply with UK law and that “images of young women are not in the public domain and their safety is not open to question”.
William Malcolm, the ICO’s regulatory director of risk and innovation, said: “Reports about Grok raise deeply troubling questions about how people’s personal data is being used to create intimate or sexualised images without their knowledge or consent, and whether appropriate safeguards are being taken to prevent this. Losing control of personal data in this way can cause immediate and serious harm. This is particularly true where children are involved.”
“Our role is to address the data protection concerns at the heart of this, recognizing that other organizations also have significant responsibilities. We work closely with Ofcom and international regulators to ensure our roles are aligned and people’s security and privacy are protected. We will continue to work in partnership as part of our coordinated efforts to build trust in UK digital services.
“Our investigation will assess whether XIUC and
