The United Kingdom’s data protection authority launched a formal investigation into X and its Irish subsidiary over reports that the Grok AI assistant was used to generate nonconsensual sexual images.
This announcement comes after the ICO contacted X and xAI on January 7, seeking urgent information on the measures taken to comply with data protection law following reports that Grok created sexually explicit images using individuals’ personal data.
The Information Commissioner’s Office (ICO) said today that it will examine whether X Internet Unlimited Company (XIUC) and X.AI LLC (X.AI) processed personal data lawfully and whether adequate safeguards were in place to prevent Grok from creating harmful, manipulated images.
The ICO also noted that losing control over personal data, when safeguards are not in place to prevent the creation of AI-generated intimate imagery, can cause immediate and significant harm, particularly involving children.
“The reports about Grok raise deeply troubling questions about how people’s personal data has been used to generate intimate or sexualised images without their knowledge or consent, and whether the necessary safeguards were put in place to prevent this,” said William Malcolm, ICO’s head of regulatory risk and innovation.
“Losing control of personal data in this way can cause immediate and significant harm. This is particularly the case where children are involved.”
As the UK’s independent data protection regulator, the privacy watchdog can impose fines of up to £17.5 million or 4% of a company’s worldwide annual turnover.
Today, French prosecutors also raided X’s Paris offices as part of a criminal probe examining whether Grok generated child sexual abuse material and Holocaust denial content. The French authorities also summoned Elon Musk, X CEO Linda Yaccarino, and additional X employees for interviews in April.
In January 2026, the European Commission launched its own formal investigation to find whether X properly assessed risks under the Digital Services Act before deploying Grok on its platform after it was used to generate sexually explicit images.
X is also being investigated by the Office of California Attorney General Rob Bonta and Ofcom (the UK’s independent online safety watchdog) over nonconsensual sexually explicit content generated using Grok.
Modern IT infrastructure moves faster than manual workflows can handle.
In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.