The Data Protection Commission (DPC), Ireland’s data protection regulator, has launched High Court proceedings against Twitter International Unlimited Company, X Corp’s European subsidiary, over the rollout of Grok, its AI-powered enhanced search tool.
The DPC’s concerns are around the use of the personal data of millions of European users of X to train AI systems powering Grok.
The regulator claims that the way X Corp’s European subsidiary collects this data to launch the next version of Grok, expected for August 2024, is breaching the EU’s General Data Protection Regulation (GDPR).
Although Twitter International recently started implementing mitigation measures that were not in place when the data processing to build Grok began, the regulator claims these are not enough to comply with GDPR.
Additionally, the DPC claimed that Twitter International has refused its requests to cease processing the personal data in question or to delay the launch of the next version of Grok, which should be available for X’s Premium and Premium + users.
Therefore, the Irish regulator considered it urgent to challenge X Corp and its European branch and decided to take action through court proceedings.
The DPC is represented by Remy Farrell SC from Philip Lee Solicitors.
This is the first time a legal challenge of this kind has been brought before the Irish courts.
The judge overseeing the case, Ms Justice Leonie Reynolds, granted the DPC permission to expedite legal proceedings against Twitter on August 6 and scheduled a follow-up hearing later that week.
The DPC said it will also refer the matter to the European Data Protection Board, the EU's top data protection authority, for consideration.
Ireland’s DPC is at the forefront of data protection enforcement in Europe. Many Big Tech companies’ European headquarters are located in Dublin, including Alphabet and Meta.