Twitter’s AI plans hit with 9 more GDPR complaints
Recently, Twitter International (now re-branded as “X”) began unlawfully using the personal data of more than 60 million users in the EU/EEA to train its AI technologies (like "Grok") without their consent. Unlike Meta (which recently also had to stop AI training in the EU), Twitter did not even inform its users in advance. This went too far even for the Irish Data Protection Commission (DPC): Last week, it launched court proceedings against Twitter to stop the illegal processing, but the Irish DPC seems to have stopped short of fully enforcing the GDPR. noyb now follows up with nine complaints.
Personal data of 60 million people to train AI? As if Meta’s failed attempt to illegally use people’s personal data for AI projects did not send a clear enough message, Twitter is the next US company to just suck up EU users’ data to train AI. Twitter started irreversibly feeding European users’ data into its “Grok” AI technology in May 2024, without ever informing them or asking for their consent.
Irish DPC takes half-hearted action. Twitter’s blatant ignorance of the law has prompted a surprising response by the (notoriously pro-corporate) Irish DPC: The authority has taken court action against Twitter to stop the illegal processing and enforce an order to bring its systems into compliance with the GDPR. However, a court hearing last Thursday revealed that the DPC seems to have been mainly concerned with so-called “ mitigation ” measures and the fact that Twitter started processing while still being in a mandatory consultation process with the DPC under Article 36 GDPR. The DPC does not seem to go for the core violations.
