The Irish Data Protection Commission (DPC) has initiated high court proceedings against Twitter International Unlimited Company, citing alleged data violations related to the 'X' social media platform and xAI's Grok AI model.

The DPC expressed surprise at X's decision to process user data for AI training without adequate notification, prompting a request for an injunction against the company's Irish division.

Previously, the DPC had hoped to resolve the matter amicably, expecting a response from X leadership that ultimately did not materialize.

Under the General Data Protection Regulation (GDPR), any processing of personal data must have a valid legal basis, and breaches can incur significant penalties.

The DPC believes that X lacks the necessary legal basis to process user data, as it has not obtained express consent from users.

In July 2024, X began processing user data for AI training, allowing users to opt-out through a buried setting without prior notification.

The DPC is particularly concerned about how public posts from European users on X are being utilized to train AI tools, including the upcoming version of Grok.

To clarify the legality of Twitter's data processing practices, the DPC plans to refer the matter to the European Data Protection Board.

The DPC considers the situation urgent, believing that court action is necessary to safeguard data rights as guaranteed by GDPR.

This case marks a novel instance of legal action in Irish courts regarding data privacy, with proceedings scheduled to return to court later this week.

If found in violation of GDPR, X could face fines of up to 4% of its annual global revenue, adding to the stakes of this legal battle.