The probe follows a similar inquiry by the UK regulator Ofcom in January, amid growing concerns over the misuse of AI-generated content. If X is found to have violated the EU’s Digital Services Act (DSA), the Commission could impose fines of up to 6% of the company’s global annual turnover.
The investigation focuses on whether Grok was used to generate sexually explicit images of individuals without their consent. X’s Safety account previously stated that the platform had stopped Grok from digitally altering pictures to remove clothing in “jurisdictions where such content is illegal.”
Regina Doherty, a member of the European Parliament from Ireland, said the Commission would examine if “manipulated sexually explicit images” were displayed to users in the EU. Campaigners and victims have argued that the ability to create such images should “never have happened.” Ofcom confirmed that its investigation into the UK implications of Grok remains ongoing.
The Commission warned it could implement “interim measures” if X fails to make meaningful adjustments. The EU has also extended an ongoing investigation launched in December 2023 into the risks posed by X’s recommender systems, which guide which posts users see.
Before the announcement, Elon Musk posted an image on X appearing to mock new restrictions on Grok. Musk has previously criticised regulators, particularly the UK government, describing scrutiny of Grok’s image-editing function as “any excuse for censorship.” Meanwhile, the Grok account on X reported that over 5.5 billion images were generated by the tool in a 30-day period.
Investigations into Grok are not limited to Europe. Authorities in Australia, France, and Germany are reviewing the chatbot, while Indonesia and Malaysia temporarily banned the service, with Malaysia later lifting the ban.
Henna Virkkunen, Executive Vice-President for Tech Sovereignty, Security and Democracy at the European Commission, described sexual deepfakes as a “violent, unacceptable form of degradation.” She added, “With this investigation, we will determine whether X has met its legal obligations under the DSA, or whether it treated the rights of European citizens—including those of women and children—as collateral damage of its service.”
Doherty emphasised the EU’s responsibility to hold platforms accountable, saying, “The European Union has clear rules to protect people online. Those rules must mean something in practice, especially when powerful technologies are deployed at scale. No company operating in the EU is above the law.”
The move comes a month after the EU fined X €120 million over misleading blue tick verification, prompting criticism from U.S. officials. U.S. Secretary of State Marco Rubio and the Federal Communications Commission said the fine represented an attack on American tech firms, a sentiment Musk shared online.
The Commission’s investigation highlights ongoing tensions between Europe’s regulatory approach to online platforms and U.S.-based technology companies as AI tools grow in influence and complexity.
