Elon Musk has agreed to stop turning Europeans’ X posts into AI training fodder for his Grok chatbot — for now.
Ireland’s Data Protection Commission (DPC), which leads on privacy oversight of X under the bloc’s General Data Protection Regulation (GDPR), announced the development in a press release Thursday, saying it welcomed the social media firm’s decision to “suspend its processing of personal data for the purpose of training AI tool ‘Grok.’”
Earlier this week it emerged that the DPC had instigated court proceedings seeking an injunction against X over the data processing without consent. The regulator was also reported by Ireland’s national broadcaster, RTE, which is intending to refer the matter to the European Data Protection Board (EDPB).
In a statement on X’s abrupt U-turn, DPC commissioner Des Hogan, said, “My colleague, commissioner Dale Sunderland, and I welcome X’s agreement to suspend processing while the DPC, working in conjunction with our EU/EEA [European Economic Area] peer regulators, continue to examine the extent to which the processing complies with the GDPR.
“One of our main roles as an independent regulator and rights based organisation is to ensure the best outcome for data subjects and today’s developments will help us to continue protecting the rights and freedoms of X users across the EU and EEA. We will continue to engage with all data controllers to ensure the rights of our citizens under the EU Charter of Fundamental Rights and the GDPR are upheld.”
The DPC has been contacted with questions, including whether it will seek to ensure that any unlawfully processed data is deleted.
The legality of any AI models trained on unlawfully obtained data, and what to do about them, is another pertinent question. But it remains unclear how privacy watchdogs might interpret the law in this area.
OpenAI’s rival chatbot, ChatGPT, attracted early attention from some GDPR enforcers as a result of the public data of Europeans being processed to train the model. Back in January, Italy’s privacy watchdog put OpenAI on notice over multiple suspected breaches of the regulation.
However an EDPB taskforce that looked at how to apply the GDPR to ChatGPT — issuing its first report back in May — was largely undecided on crux issues such as the lawfulness and fairness of processing.
Ordering the deletion of models trained on unlawful data would represent a further decision leap for privacy watchdogs.
