The primary regulator for privacy concerns tied to X (previously known as Twitter) within the European Union has concluded its legal challenge against the social network regarding the unauthorized use of user data for the training of its AI systems. This resolution follows the platform’s commitment to permanently adhere to a promise made to an Irish High Court judge last month.
In early August, X paused its use of data from European users for AI training purposes, responding to legal actions initiated by Ireland’s Data Protection Commission (DPC). The move was a reaction to allegations against the Elon Musk-led firm regarding the non-consensual exploitation of user information for training its AI chatbot, Grok.
Similarly, Meta has encountered regulatory resistance in the EU for comparable issues concerning data protection and announced a halt in such data usage in June. Thus, X joins other tech entities facing scrutiny for repurposing user data for AI training without explicit permission.
“The Data Protection Commission is delighted to disclose the closure of legal actions it presented at the Irish High Court on August 8, 2024,” stated the DPC on Wednesday in a press announcement. “This issue was revisited in court today, and the case has been dismissed based on X’s permanent commitment to the August agreement” (DPC Statement issued 08 Aug 24).
Des Hogan, the DPC commissioner, remarked on the conclusion of the legal proceedings, saying: “The DPC welcomes today’s resolution, which safeguards EU/EEA citizens’ rights. This underscores our dedication to enforce necessary measures, together with counterparts across Europe. We appreciate the Court’s thoughtful consideration in this matter.”
While the specific terms of X’s enduring commitment to the DPC remain undisclosed publicly, it’s presumed to restrict the company’s use of personal data. We have reached out to the DPC for further details on this agreement and will update this narrative with any new information received.
We also sought comments from X on their settlement with the DPC, but no response was forthcoming at the time this article was prepared.
Previously, X criticised the Irish regulator through a Global Government Affairs account, calling the DPC’s actions on an August 7 post on X as “deeply troubling,” and unjustly targeting X.
The EU’s General Data Protection Regulation (GDPR) outlines strict rules for personal data handling, requiring a lawful basis for processing such information. X has notably faced several GDPR complaints for utilizing user data for Grok’s training sans consent.
Backing down from this conflict may be strategic for X, given the potential for GDPR infringements to lead to penalties reaching up to 4% of a company’s worldwide yearly revenue. Interestingly, no fines have been imposed on X for these matters, which were deemed significant enough for a court-ordered halt by the DPC.
Choosing its battles wisely could be X’s current strategy, especially as Musk navigates through various high-profile legal challenges and regulatory disputes presently.
Max Schrems, a noted European privacy advocate and founder of the nonprofit organization noyb, shared with TechCrunch regarding the DPC’s legal actions against X: “Effectively, Twitter has escaped any financial penalty despite a clear legal breach. Moreover, data previously gathered for the ‘Grok AI’ will not be deleted, and Twitter persists in offering the product utilizing illegally acquired data.”
Schrems confirmed that noyb would not retract its complaints, emphasizing, “Our complaints remain active and demand a fair resolution by the DPC, devoid of any secretive agreements.”
On the same day, the DPC also sought guidance from the European Data Protection Board (EDPB) on broader issues related to AI and personal data use within the industry, aiming for clearer regulations under GDPR. “The request encourages the EDPB to explore the extent of personal data processing in AI models’ training and operation, focusing on various types of data and the legal grounds for such processing,” expounded the DPC.
DPC commissioner Dale Sunderland commented, hoping for an opinion that “fosters proactive, coherent regulation across Europe and aids in addressing numerous complaints regarding different data controllers associated with AI model development.”
Previous requests for EDPB guidance on GDPR application to AI initiatives like OpenAI’s ChatGPT — a direct competitor to X’s Grok — resulted in a preliminary review that has yet to resolve key legal questions regarding data processing legality and fairness.
Compiled by Techarena.au.
Fanpage: TechArena.au
Watch more about AI – Artificial Intelligence
