European regulators have opened a formal investigation into X, the social media platform owned by Elon Musk, after its chatbot Grok was linked to the spread of nonconsensual, sexually explicit deepfake images. The European Commission said it is assessing whether X complied with its obligations under the Digital Services Act (DSA) to identify and reduce systemic risks associated with illegal content on major platforms.
The Commission said the inquiry covers “manipulated sexually explicit images,” including content that “may amount to” child sexual abuse material, and argued the risks have already caused “serious harm” for users. Under the DSA, “very large” platforms face heightened obligations, including conducting risk assessments and implementing mitigation measures when systemic harms are identified.
EU regulators also widened a separate, ongoing DSA investigation into X’s recommendation systems after the platform said it would rely more on Grok’s AI to help determine which posts users see, adding new scrutiny to how content may be amplified or curated.
How Grok’s Image Features Became A Regulatory Flashpoint
The investigation follows weeks of backlash over Grok’s image generation and editing tools, which researchers said were used to create altered images portraying real people in sexualized or revealing ways without consent. Researchers warned that some outputs appeared to involve minors, prompting warnings and inquiries outside Europe.
The Associated Press reported that xAI launched Grok’s image tool last summer, but regulators said the problem escalated late last month as Grok appeared to approve a high volume of image-editing requests. Because Grok’s responses can be visible on X and reshared, officials and researchers said problematic material could spread quickly once generated.
Some governments restricted access during the controversy. Malaysia and Indonesia temporarily blocked Grok earlier in January, and Malaysian authorities later lifted their restriction after saying X had added security and preventive measures.
X Response, Enforcement History, And Potential Penalties
X directed reporters to an earlier statement saying the company is “committed to making X a safe platform for everyone” and has “zero tolerance” for child sexual exploitation, nonconsensual nudity, and unwanted sexual content. The statement, dated Jan. 14, said X would stop allowing depictions of people in “bikinis, underwear or other revealing attire” — but only in places where such depictions are deemed illegal.
In related reporting, Grok limited image generation and editing for non-paying users on X while keeping those functions available for paid subscribers, though European officials said the paywall did not resolve their concerns about harmful and illegal imagery.
The EU’s action adds to prior DSA enforcement involving X. In December, Brussels issued X a €120 million fine in a separate proceeding, citing verification-related “deceptive design practices” that, regulators said, could expose users to scams and manipulation. The Commission said there is no deadline for resolving the new Grok case, which could end with behavioral changes pledged by X or additional penalties; Reuters noted that DSA violations can carry fines of up to 6% of global turnover.
European officials framed the Grok inquiry as a test of whether X took adequate precautions before scaling the feature. Henna Virkkunen, a European Commission executive vice president, called nonconsensual sexual deepfakes involving women and children “violent” and “unacceptable,” and said investigators will determine whether X met its legal obligations under the DSA.
Beyond the EU case, the episode has intensified scrutiny of how platforms apply their own policies to synthetic media. X’s rules ban intimate images produced or shared without consent, including digitally manipulated content that places a person’s face onto another nude body, but regulators argue that generative tools raise new challenges around prevention, detection, and rapid takedown.
Grok can be used through X by tagging the chatbot in posts or replies, and it is also available through a standalone website and app—services that EU officials noted are outside the scope of this specific DSA inquiry, which focuses on the largest online platforms and Grok’s integration within X.
