Ireland’s DPC brings X to court over AI data concerns

7 Aug 2024

Image: © ryzhi/Stock.adobe.com

X is taking user data to train its AI chatbot Grok, but the DPC claims the company is breaching GDPR through this activity.

Ireland’s Data Protection Commission (DPC) has taken legal action against Twitter – now known as X – over concerns around how the data of EU citizens will be used to train AI.

This was prompted by the recent decision by X to automatically use posts and interactions from the site to train Grok, the chatbot developed to challenge more mainstream models such as ChatGPT.

The decision by X means those who do not consent to their data being used in this way have to manually turn it off. The move brought concerns from data experts and the EU. The DPC said at the end of July that it was surprised by the decision and that it would probe the matter further.

Now, the DPC has launched High Court proceedings against Twitter International Unlimited Company – X’s Irish entity – and claims the company is not complying with GDPR, RTÉ reports. The DPC is also concerned that X plans to launch a new version of Grok this month, which has been trained on the personal data of EU citizens.

The DPC is seeking orders against X that will either suspend or prohibit the company from processing the personal data of its users for the training of Grok, or any other large language model.

Matthew Hodgson, CEO and co-founder of UK-based encrypted messaging platform Element, recently said that the decision by X to utilise user data for its Grok chatbot without explicit consent raises significant privacy concerns.

“It is also important to remember that X is rampant with fake news and extremist views, which is not what you want an LLM trained on,” he said. “This practice not only undermines user trust but also has potential implications for data misuse.

“There’s a risk that sensitive information could be inadvertently incorporated into the AI model, leading to privacy breaches or the creation of biased algorithms.”

The DPC told SiliconRepublic.com that it would be inappropriate to comment on a matter that is before the Court. RTÉ reports that the DPC also intends to refer the matter to the European Data Protection Board.

Last year, X owner Elon Musk implemented a temporary reading limit onto the social media site after he claimed hundreds of organisations were scraping data from the site “extremely aggressively”.

In another post, Musk blamed AI as the cause and said “almost every company doing AI” was scraping vast amounts of data from the site.

“It is rather galling to have to bring large numbers of servers online on an emergency basis just to facilitate some AI start-up’s outrageous valuation,” Musk said.

Find out how emerging tech trends are transforming tomorrow with our new podcast, Future Human: The Series. Listen now on Spotify, on Apple or wherever you get your podcasts.

Leigh Mc Gowran is a journalist with Silicon Republic

editorial@siliconrepublic.com