Menu
twitter / X

Irish DPC’s Court Case Against X Ends, But AI Data Compliance Issues Remain

, , , , , , ,

The Irish Data Protection Commission (DPC) has concluded its court proceedings against the social media platform X, but concerns about the company’s practices regarding Artificial Intelligence (AI) and compliance with EU data protection laws persist. The proceedings ended on September 4, following an agreement in which X committed to permanently cease the processing of certain personal data for training its AI tool, Grok. Developed by Musk’s company xAI, Grok serves as a search assistant for premium account users. Despite this agreement, significant questions remain regarding the implementation of these measures and the broader implications for user consent.

Max Schrems, chairman of the NGO Noyb, highlighted that the DPC has not adequately addressed the fundamental issue of using personal data without user consent. Noyb recently filed nine data protection complaints against X after an interim agreement was reached to halt the processing of specific EU user data. The DPC has indicated that it will review the complaints and assess X’s compliance with the General Data Protection Regulation (GDPR), determining if corrective actions are necessary. Additionally, the European Data Protection Board (EDPB) has confirmed they have received a request for an opinion from the Irish DPC.

A critical aspect of this situation is the roles of data controllers and processors, particularly concerning the entities involved—Twitter Unlimited International Company (TUIC) and xAI Corp. Under GDPR, the designation of these roles depends on who determines the purpose and means of data processing. If both TUIC and xAI Corp. are considered data controllers, simply halting data processing by TUIC may not suffice for full compliance. However, the DPC has indicated that it was not necessary to explore this issue further, focusing instead on TUIC as the data controller to mitigate risks to data subjects’ rights.

Another point of contention is how X plans to stop processing the data, given the complexities involved with large language models. Although the DPC has stated that datasets collected from EU/EEA users between May 7 and August 1 have been deleted, experts argue that deleting data does not eliminate its influence on AI models. Legal questions also arise regarding the basis of X’s data processing under the ‘legitimate interest’ clause, which allows data processing without explicit consent. Critics argue that the DPC’s focus on mitigation measures rather than the legality of data processing itself may overlook the core issues at hand.

Source: Unresolved questions over X’s deal with Ireland to halt AI data processing

  • Save

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share via
Facebook
Twitter
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap