X under fire for default data harvesting for Grok AI

Musk uses pre-ticked consent boxes to gather data on X for its Grok AI, a practice that breaks EU/UK GDPR rules

Elon Musk’s X (formerly Twitter) platform is now under pressure from data regulators. Recently, it has emerged that X is automatically consenting their users to data sharing for Grok AI training. X has already been contacted by UK and Irish data watchdogs over apparent breach of UK and EU GDPR rules.

Under UK GDPR rules (which are largely identical to the EU’s GDPR rules), companies are not allowed to use “pre-ticked boxes or any other type of default consent”. X has breached this rule with their Grok data sharing settings. Moreover, X has added this consent to user accounts without the knowledge of users.

Grok is an AI chatbot that is being built by Elon Musk’s xAI business. Grok is only usable by premium subscribers on X. Training data is important for any large AI model. As of now, Musk’s X platform is using the data of X users to train this AI without their consent.

(X’s pre-ticked consent box for Grok data sharing)

Thankfully, X users can untick this data sharing setting to prevent X from using their data for Grok training. However, it should be remembered that X should not be presuming the consent of users in the first place. X needs to be transparent about this change, and give users the ability to opt out of this AI data harvest.

Currently, it remains to be seen if regulators will be able to get X to abandon this GDPR violating default setting quickly. Obviously, X will need to comply with GDPR rules to remain active in the UK and EU. Even so, it may take time for regulators to take action against the social media giant.

You can join the discussion on Elon Musk’s X potentially violating UK/EU GDPR rules on the OC3D Forums.