• The Irish Data Protection Commission (DPC) is investigating whether X (formerly Twitter) unlawfully processed EU users' public posts to train its Grok AI chatbot.
  • This probe raises significant questions about compliance with the EU's General Data Protection Regulation (GDPR), particularly around transparency and legal basis for data use.
  • The investigation occurs as X's Irish operation recorded a pre-tax loss of €753 million in 2022 and follows the company's recent acquisition by Musk's xAI in a $33 billion all-stock deal.

Elon Musk's X is facing a formal investigation by Ireland's data protection watchdog over its use of European users' publicly accessible posts to train its Grok artificial intelligence chatbot, according to people familiar with the matter. The Irish Data Protection Commission confirmed it is examining whether this data processing complies with the EU's strict privacy rules.

The core concern centers on whether X had a proper legal basis under GDPR for scraping and utilizing personal data from EU users' public posts for AI model training. Of particular scrutiny is the company's initial approach of automatically "opting-in" users by default, rather than obtaining explicit consent. A spokesperson for the DPC declined to comment on the ongoing investigation's specifics but confirmed the probe is active.

This isn't the first regulatory challenge for X in Europe. The company previously agreed to suspend using EU user data for AI training during an earlier inquiry, and this new investigation may examine compliance with that agreement, according to two people briefed on the matter. X has been operating under increased regulatory pressure as a designated "Very Large Online Platform" under the EU's Digital Services Act, which mandates stricter content moderation and algorithmic transparency requirements.

Company representatives did not respond to multiple requests for comment on the investigation. However, internal communications seen by Roic AI indicate the company's legal team is preparing a defense arguing that using publicly available data for AI training falls under "legitimate interests" provisions within GDPR.

The timing presents additional complications for Musk, who serves as a key technology advisor to the US administration. The investigation emerges amid broader transatlantic regulatory tensions, though Irish regulators have clarified this specific case isn't directly linked to current tariff disputes between the US and EU.

For the broader tech industry, the outcome could establish important precedents governing how companies collect and utilize public data for AI development across the European Union. Several other platforms, including OpenAI with its ChatGPT service, face similar GDPR investigations over data accuracy and personal information usage.

Correction: An earlier version of this article misstated the year of X's acquisition by xAI. The transaction occurred in March 2025, not 2024.