A privacy advocacy group based in Vienna filed complaints on Monday in eight European countries against Elon Musk’s X, accusing the platform of illegally using users’ personal data to train its AI without obtaining their consent.
These complaints, initiated by the European Center for Digital Rights (Noyb), follow recent legal action by Ireland’s Data Protection Commission (DPC), which challenged X’s data collection methods for its AI training.
X Accused of Misusing User Data for AI
Noyb claims that X has been funnelling the personal data of over 60 million European users into its Grok AI system without proper notification or consent. According to Noyb, users were left in the dark about this practice, only learning of it through a viral post on July 26.
Noyb Criticises DPC’s Handling of X’s Data Practices
Last week, the DPC, representing the EU, announced that X had agreed to halt its controversial use of personal data for AI development. However, Max Schrems, founder of Noyb, criticised the DPC for not addressing the legality of the data processing itself, claiming that the regulator focused on minor issues rather than the core problem. Noyb also expressed concern over the fate of the data already collected, calling for a thorough investigation and filing complaints across eight European countries.
Noyb Pushes for Urgent Action Under GDPR
Noyb has called for an expedited response from data protection authorities across eight European countries, urging immediate action against X. Schrems emphasized the need for X to comply fully with EU regulations, particularly the GDPR, which mandates that companies must obtain user consent before processing personal data. The GDPR is designed to give individuals greater control over how their personal information is handled by companies.
Noyb’s Ongoing Battle with Tech Giants
Noyb recently initiated similar legal challenges against Meta, forcing the company to pause its AI initiatives. Known for taking tech giants to court, Noyb’s efforts often result in regulatory action. The group has been active since the introduction of the GDPR in 2018, consistently pushing for stricter enforcement of data protection laws.