EU Launches New DSA Investigation Into X Over Sexual Deepfakes
The European Commission has opened a new formal investigation into social media platform X (formerly Twitter) under the Digital Services Act (DSA) over concerns related to sexual deepfakes and illegal content. The development was confirmed in a statement published on the European Commission’s website.
Concerns Over Grok-Generated Sexual Deepfakes
The investigation follows growing concerns that Grok, X’s AI chatbot, may have been used to generate non-consensual sexually explicit images, prompting regulatory scrutiny and investigations in other jurisdictions, including the United Kingdom, Malaysia, and Indonesia.
According to the Commission, the probe will examine whether X properly assessed and mitigated risks linked to the spread of illegal content within the EU. This includes manipulated sexually explicit images, some of which may constitute child sexual abuse material under EU law. The Commission said there are indications that these risks may have already materialised, potentially exposing EU citizens to serious harm.
What the EU Is Investigating
The European Commission stated that it will assess whether X has complied with its DSA obligations to:
- Properly identify and mitigate systemic risks, including the dissemination of illegal content
- Address negative effects linked to gender-based violence
- Prevent serious harm to users’ physical and mental well-being arising from the deployment of Grok’s features
- Conduct and submit an ad hoc risk assessment report on Grok’s functionalities before deployment, where they significantly affect the platform’s risk profile
EU Official Condemns Sexual Deepfakes
Henna Virkkunen, Executive Vice-President for Tech Sovereignty, Security and Democracy, described sexual deepfakes as a severe violation of human dignity.
“Sexual deepfakes of women and children are a violent, unacceptable form of degradation. With this investigation, we will determine whether X has met its legal obligations under the DSA, or whether it treated the rights of European citizens – including those of women and children – as collateral damage of its service,” Virkkunen said.
Potential DSA Breaches
The Commission noted that failure to meet these obligations could amount to infringements of Articles 34(1) and (2), 35(1), and 42(2) of the Digital Services Act.
It also reiterated that X must conduct and submit a dedicated risk assessment covering Grok’s functionalities that could significantly alter the platform’s overall risk exposure prior to deployment.
Earlier DSA Investigation Expanded
Separately, the Commission announced that an ongoing investigation opened in December 2023 has been expanded. The extended probe will examine whether X has adequately assessed and mitigated systemic risks linked to its recommender systems, including the platform’s recent transition to a Grok-powered recommendation system.
About the Digital Services Act
The Digital Services Act is the EU’s flagship regulation aimed at strengthening oversight of large online platforms, improving user safety, and ensuring accountability.
Under the DSA, platforms found to be in breach of their obligations may face significant fines and additional enforcement measures, depending on the severity of the violations.
