Elon Musk Surprises by Opting User Data into Grok AI Training

The Irish Data Protection Commission is looking into whether X, which used to be Twitter, broke GDPR rules when it added user data to its Grok AI training pool without getting clear permission from users.

X, which was previously Twitter, quietly made a change that seems to add user data to its Grok AI training pool. Grok users became aware of this on Friday.

Elon Musk’s company X created Grok, a conversational AI known as a large language model (LLM). Elon Musk’s company X designed Grok to rival OpenAI‘s popular ChatGPT chatbot, incorporating less political correctness and more humour.

If users wish to prevent Musk’s chatbot from receiving their X information, this page provides instructions on how to disable the feature.

The Irish Data Protection Commission (DPC), which is in charge of protecting privacy in Europe for X, is interested in the change and said it was “surprised” by the launch. Following up with X, the watchdog said it is still awaiting a response.

Graham Doyle, deputy commissioner of the DPC, said, “The DPC has been talking to X about this issue for several months. Our most recent conversation was yesterday.” “Because of this, we are surprised by what happened today.”

We called X today to follow up and are waiting for a response. We expect more interaction to start early next week.

The DPC is in charge of making sure that X is following the General Data Protection Regulation (GDPR) of the European Union. The GDPR is a law that applies to the whole EU, and penalties for breaking it can be up to 4% of global annual turnover.

The default setting for sharing Grok data on X includes the text, “Permit Grok to use your posts, interactions, inputs, and results for training and fine-tuning.” In smaller print, it says, “To keep making your experience better, we may use your X posts as well as your user interactions, inputs, and results with Grok for training and fine-tuning purposes.”

The document further states that we may share this information with our service provider, xAI, for these purposes. Because the language isn’t clear, it’s unclear if X is making all user data available to train Grok, or if this processing only involves interactions between users and the chatbot (This is exclusively available to X’s paid subscribers).

EU Regulators Scrutinize Meta’s AI Data

In either case, the company needs a valid legal reason to process people’s data in the EU because of the privacy laws in that area. However, it’s not clear that it has one.

Last month, complaints about GDPR prompted regulators in Ireland and the U.K. to scrutinize Meta‘s similar plan to train AI using Facebook and Instagram user data. The DPC anticipates learning more about the Grok AI data-sharing issue next week.

We reached out to X to determine the legal basis for using Europe’s data to train Grok. However, at the time of writing, the company’s press email only conveyed the standard automated message, “We’re busy now, please check back later.”