Summary:
X (formerly Twitter) and Elon Musk’s xAI are facing criticism for allegedly using the personal data of over 60 million EU users without consent to train the conversational AI chatbot, Grok. The European privacy group NOYB has filed GDPR complaints in nine countries, claiming X’s practices violate EU data protection laws. Although the Irish Data Protection Commission (DPC) had previously launched legal proceedings, NOYB argues that the DPC’s focus on “mitigation measures” rather than the core issue of unlawful data processing is inadequate. The case highlights broader concerns about AI systems’ compliance with GDPR, particularly regarding the “right to be forgotten” and data accuracy. The recent EU AI Act aims to address these issues by emphasizing privacy and data protection throughout AI development.

Security Officer Comments:
X is in hot water for using personal data from over 60 million EU users to train its AI chatbot, Grok, without asking for permission. This is a big deal because it raises questions about privacy, legal rules, and how fairly AI is being developed. The situation shows why it’s important for companies to follow data protection laws.

Suggested Corrections:
The case highlights how important it is for regulatory bodies to enforce data protection laws and could change how tech companies deal with user data. It also brings up key issues about getting users' permission and being open about how AI is developed, which affects public trust and legal standards in the tech world.

Link(s):
https://www.malwarebytes.com/blog/n...of-more-than-60-million-users-to-train-its-ai