Elon Musk’s social media giant, X (formerly known as Twitter), is currently under intense scrutiny in the European Union (EU) as it battles nine privacy complaints. These allegations claim that X has been covertly exploiting the data of EU users to train its artificial intelligence (AI) chatbot, Grok, without securing the necessary consent.

These privacy grievances, which have been filed across eight EU nations, including Ireland, France, and Germany, argue that X’s practices are in direct violation of the General Data Protection Regulation (GDPR). The core issue lies in X’s failure to obtain explicit user permission before processing their data, a fundamental requirement under EU law. While the Irish Data Protection Commission (DPC) has already launched legal proceedings against X, privacy advocates like the Vienna-based group noyb, led by Max Schrems, insist that these efforts fall short of what is required.

This controversy is just one aspect of a broader regulatory storm brewing for Musk’s X in Europe. The platform is also under fire for its alleged mishandling of disinformation and illegal content, leading to additional charges under the EU’s Digital Services Act (DSA). Together, these legal challenges could result in substantial fines and stricter oversight for X within the EU.