X Grok: Europe Investigates Deepfake & Bikini Image Controversy – UK & France Take Action

European authorities are intensifying their scrutiny of X, formerly known as Twitter, following reports of misuse of its artificial intelligence assistant, Grok. The AI is alleged to have been exploited to create sexually explicit and deepfake images of individuals without their consent. On February 3, 2026, the UK’s data protection authority, the ICO, launched a formal investigation into X and related companies. Simultaneously, French prosecutors raided X’s Paris headquarters, expanding their investigation to include criminally pursuing the creation and sharing of these deepfakes originating from Grok.

Overview

The ICO’s investigation stems from reports that Grok was used to generate sexual and intimate images of individuals without their knowledge or consent. The ICO will assess whether personal data was handled lawfully and if sufficient safety measures were in place to prevent the creation of harmful, manipulated images. The ICO specifically highlighted the severity of harm when children are involved.

In France, the investigation began with scrutiny of X’s operations and usage, and expanded to include complaints regarding illegal content generated by Grok and the sharing of sexual deepfakes on the platform. This has led to searches of X’s Paris offices, with plans for questioning of local management and support from Europol.

The Stakes: Privacy and Online Safety

This situation is unique in that the same issue is being pursued from two distinct angles: “personal information and privacy (data protection)” and “illegal and harmful content (online safety/criminal).” In the UK, alongside the ICO’s data protection review, Ofcom, which oversees online safety, is also conducting an investigation based on the Online Safety Act.

Underlying Causes

The immediate cause is the ease with which generative AI can be used to create sexually explicit or intimate images of real people without their consent, requiring minimal cost and effort. The problem is exacerbated when a platform’s internal generation tools allow for the manipulation and creation of images based on identifiable photographs.

Deeper factors include the difficulty of keeping image generation and editing safeguards up-to-date with evolving threats, the direct connection between generated content and potential infringements on personal rights (image, privacy, reputation), and the ability of regulators to address the lawful handling, minimization, and secure management of personal data in a comprehensive manner. The ICO is specifically investigating whether personal data was processed lawfully and whether adequate safety measures were in place to prevent harmful image manipulation.

What Could Happen Next

The investigations could lead to significant fines for X if violations of data protection laws or online safety regulations are found. Further restrictions on the use of Grok’s image generation capabilities are also possible. Depending on the findings, criminal charges could be filed against individuals involved in the creation or distribution of illegal content. It is also possible that other European countries may launch similar investigations.

Frequently Asked Questions

What prompted the investigations?

Reports that X’s AI assistant, Grok, was being used to generate sexually explicit and deepfake images of individuals without their consent prompted the investigations.

Which authorities are involved?

The UK’s Information Commissioner’s Office (ICO) and French prosecutors are currently involved in investigations, with potential support from Europol and Ofcom in the UK.

What are the potential consequences for X?

Potential consequences include fines, restrictions on Grok’s functionality, and possible criminal charges related to the creation or distribution of illegal content.

As AI technology continues to evolve, how can platforms balance innovation with the need to protect individual privacy and safety?