X, Meta, TikTok under fire for deepfake CSAM in Europe

The Spanish government has called on its public prosecutor to investigate social media platforms X, Meta and TikTok for allegedly spreading AI-generated child pornography and digital sexual violence. At the same time, Ireland’s data privacy regulator announced that the EU is also looking into non-consensual deepfake images created by X’s AI chatbot Grok.

On Tuesday, Spanish Prime Minister Pedro Sanchez said that the Council of Ministers will invoke Article 8 of the Organic Statute of the Public Ministry to investigate crimes that the tech giants may be committing.

“These platforms are jeopardizing the mental health, dignity, and rights of our sons and daughters,” Sanchez wrote on X. “The State cannot allow this. The impunity of the giants must end.”

The Prime Minister’s request for investigation is based on a technical report prepared by the government, which describes the digital environment as a place of “impunity and tolerance towards criminal practices that put the privacy, image and freedom of minors at risk.”

According to data from Safe the Children charity, roughly one in five young people in the country – the majority of them girls – reported that AI-generated fake nude images of them had been created and circulated online.

The decision on launching the investigation will be made by the Attorney General, Teresa Peramato, El País reports.

Earlier this month, the Spanish government also announced a ban on social media for children under 16, requiring platforms to verify users’ ages. The prohibition is a part of a broader set of proposed measures, which also includes legislation that would make social media executives personally responsible for unlawful content circulating on their platforms, including misinformation, hate speech and child sexual abuse material (CSAM).

Irish data watchdog looking into X’s Grok

Spain is not the only one looking into cracking down on social media platforms over child pornography.

On Monday, Ireland’s Data Protection Commission (DPC) said it was opening an inquiry into X for using personal data, including that of children, to produce “potentially harmful, non-consensual intimate and/or sexualised images.”

The Irish DPC has authority over X because its European headquarters are based in Dublin. The investigation will examine whether the tech giant complied with the EU’s General Data Protection Regulation (GDPR), AP News reports.

“The DPC has been engaging with X since media reports first emerged a number of weeks ago concerning the alleged ability of X users to prompt the @Grok account on X to generate sexualised images of real people, including children,” says DPC Deputy Commissioner Graham Doyle.

Over the past months, X’s Grok started fulfilling user requests to create non-consensual deepfake nudes, including those based on images of minors. The AI assistant generated an estimated 3 million sexualized images in just 11 days, including 23,000 that appear to depict children, according to a report from the UK-based Center for Countering Digital Hate (CCDH).

Aside from risking penalties for illegal content such as CSAM, the image processing feature has also been described as a “mass violation of biometric privacy laws.”

The European Commission has launched its own investigation into Elon Musk’s X over sexual deepfakes under the Digital Services Act (DSA) in January. The platform has also found itself under scrutiny in France, where police raided the company’s offices, and in the UK, where the Information Commissioner’s Office has launched its own investigation.

In December, the EU fined the U.S. firm 120 million euros (US$140 million) for violating the Digital Services Act (DSA). The investigation argued that its blue tick badges deceive users because the company is not “meaningfully verifying” who is behind the account.

The European Commission is also investigating Meta and TikTok under the DSA.

Article Topics

biometrics  |  deepfake detection  |  deepfakes  |  EU  |  Grok  |  Ireland  |  Spain