Ireland’s Data Protection Commission (DPC) has launched a major investigation into xAI’s Grok chatbot, examining whether the AI tool violated the European Union’s General Data Protection Regulation (GDPR). The investigation marks another escalation in the EU’s crackdown on AI-generated deepfake content. ## The Investigation: What We Know The DPC, acting as the lead authority for X in the EU since the company’s European headquarters are in Dublin, announced the investigation on February 16, 2026. The probe will examine whether X (formerly Twitter) and its Grok AI chatbot complied with fundamental data protection obligations. Ireland’s decision to investigate comes after the EU itself launched a separate investigation into Grok under the Digital Services Act (DSA) in late January. Under the DSA, violations can result in fines of up to 6% of global revenues, while GDPR breaches can cost companies up to 4% of total global revenue. ## The Spark: Grok’s “Spicy Mode” Controversy The investigation was triggered by revelations about Grok’s image generation capabilities. An analysis by Paris-based nonprofit AI Forensics, published in January 2026, examined over 20,000 Grok-generated images and found that more than half depicted individuals in “minimal attire.” The findings were disturbing: - Over 50% of analyzed images showed individuals in suggestive clothing - Majority of these individuals were women - 2% appeared to be minors The chatbot’s so-called “Spicy Mode” allowed users to create sexually explicit images with simple prompts such as “remove her clothes” or “put her in underwear.” ## Global Backlash The Grok controversy has sparked a worldwide response: - Malaysia and Indonesia blocked the chatbot completely - Several governments pressured xAI to modify Grok’s capabilities - The UK targeted all AI chatbots following the Grok uproar In response, X announced new restrictions on Grok, preventing the chatbot from undressing images of real people and limiting image creation to paid users only. ## EU-US Tensions Escalate The Irish investigation adds another layer to existing tensions between the EU and US over tech regulation. The Trump administration has accused the EU of targeting American companies and restricting free speech, especially as Elon Musk is a close ally of President Trump. Despite these tensions, Ireland has proceeded with the investigation—the DPC had already been examining X’s use of personal data to train AI models since 2025. ## What This Means for AI Companies The Grok investigation signals that the EU is taking a increasingly aggressive stance on AI safety. For AI companies operating in Europe, the message is clear: generative AI tools that can create non-consensual intimate images will face serious regulatory consequences. This case could set an important precedent for how AI developers worldwide approach content generation safeguards and data protection in AI training. — Source: [DWhttps://www.dw.com/en/ireland-launches-data-protection-probe-into-groks-deepfakes/a-75997610){rel=“nofollow”}, [Reutershttps://www.reuters.com/technology/){rel=“nofollow”}, [AI Forensicshttps://www.aiforporensics.org){rel=“nofollow”}