It could trigger another fight between the U.S. and the EU over enforcement of Europe’s tech regulations. Top officials in the administration of U.S. President Donald Trump blasted a move by the European Union in December to fine X €120 million over violations of the bloc’s content moderation rulebook, the Digital Services Act.
The Irish regulator is in charge of enforcing the European Union’s General Data Protection Regulation (GDPR) on many of the world’s tech giants that have their European headquarters in Ireland. It has the power to impose fines on X as large as 4 percent of global annual turnover.
The Data Protection Commission “has commenced a large-scale inquiry which will examine compliance [of X’s international entity] with some of their fundamental obligations under the GDPR in relation to the matters at hand,” Deputy Commissioner Graham Doyle said.
Doyle said the Data Protection Commission had been engaging with X since media reports about the sexualized deepfakes emerged “a number of weeks ago.”
The European Commission in January launched an investigation into the Grok deepfakes under the Digital Services Act. The U.K.’s privacy watchdog has also opened a formal inquest, while French authorities are pursuing a criminal investigation and Californian authorities are also probing the issue.
Grok’s image-generation feature went viral at the end of 2025, particularly due to its ability to undress people. Rights groups have estimated that Grok created 3 million sexualized images over 11 days in January, including 23,000 of children.
The platform took some steps to restrict the feature on Jan. 9 and again on Jan. 14. The latest measures stopped all users from using Grok to generate such images.
