The European Commission has initiated a new formal investigation into social media platform X, formerly known as Twitter, under the Digital Services Act (DSA), citing concerns over the spread of sexual deepfakes and other illegal content. The announcement was made via a statement published on the Commission’s official website.
Grok AI at the Centre of Investigation
The investigation follows reports that Grok, X’s artificial intelligence chatbot, may have been used to create non-consensual sexually explicit images. Similar concerns have already triggered regulatory action in countries such as the UK, Malaysia, and Indonesia.
According to the Commission, the inquiry will focus on whether X adequately identified, assessed, and reduced risks associated with the circulation of illegal content within the EU. This includes digitally manipulated sexual images, some of which could fall under child sexual abuse material as defined by EU law.
EU authorities warned that these risks appear to have already materialised, potentially causing serious harm to users across the bloc.
Scope of the EU Investigation
The Commission said it will examine whether X has fulfilled its obligations under the DSA, particularly whether the platform has:
- Effectively assessed and mitigated systemic risks, including the spread of illegal content
- Addressed gender-based harms linked to the misuse of its services
- Prevented significant threats to users’ physical and mental well-being arising from Grok’s integration
- Prepared and submitted a specific risk assessment report for Grok’s functionalities before deployment where they materially affect the platform’s risk profile
EU Official Denounces Sexual Deepfakes
Henna Virkkunen, Executive Vice-President for Tech Sovereignty, Security and Democracy, described sexual deepfakes as a serious violation of individual rights.
“Sexual deepfakes targeting women and children represent a violent and unacceptable form of abuse. This investigation will determine whether X complied with its obligations under the DSA or allowed the rights of European citizens to be undermined by its services,” Virkkunen said.
Possible Violations of EU Law
The Commission stated that any failure by X to meet these requirements could amount to breaches of Articles 34(1) and (2), 35(1), and 42(2) of the Digital Services Act.
It added that X is required to carry out and submit a standalone risk assessment covering Grok’s capabilities that could significantly alter the platform’s exposure to systemic risks before such features are deployed.
Earlier DSA Probe Also Expanded
In addition to the new investigation, the Commission confirmed that a separate DSA probe launched in December 2023 has been expanded.
This earlier case will now also assess whether X properly evaluated and mitigated systemic risks linked to its recommender systems, including the platform’s recent shift to a Grok-driven recommendation engine.
About the Digital Services Act
The Digital Services Act is the EU’s landmark regulation designed to strengthen oversight of major online platforms, enhance user protection, and improve transparency and accountability in the digital space.
Under the DSA, companies found to be in violation of their obligations may face substantial fines and additional enforcement measures, depending on the severity of the breaches.
