Elon Musk, the owner of social media platform X (formerly Twitter), has been summoned to appear before a disciplinary committee in Paris amid a growing cybercrime investigation. French authorities are examining allegations related to suggestive and potentially illegal content generated by X’s AI chatbot, Grok, as well as claims that user data collected in Europe is being processed on servers located in the United States—an apparent violation of the European Union’s General Data Protection Regulation (GDPR).
According to officials, concerns were raised over Grok’s ability to generate explicit content, including deepfake images and adult content. Some of the reported content allegedly involved minors, triggering serious legal and ethical alarms across Europe. French regulators have stated that such content, if verified, could constitute major breaches of child protection laws and digital safety regulations.
In a dramatic escalation over the past few hours, Paris police reportedly raided X’s operational offices in Europe and seized key infrastructure linked to the platform’s regional operations. Servers located at X’s Paris offices in the Bourse district were taken under official control as part of the investigation. Authorities have also warned that if Musk fails to respond to the summons or refuses to cooperate with the inquiry, X could face severe penalties, including the possibility of a temporary ban across parts of the European continent.
The investigation traces its origins to December 2025, when users and watchdog organizations worldwide began flagging Grok for generating explicit deepfake content. As complaints mounted, data protection advocates shifted focus toward X’s data-handling practices. Discussions across technology and privacy forums highlighted claims that user-generated data originating in Europe was being transferred and processed on non-European servers, directly contravening GDPR requirements.
Under GDPR, companies operating within the EU are required to ensure that personal data is processed and stored within approved jurisdictions, with strict safeguards to protect user privacy. Any unauthorized transfer of such data outside the EU, particularly to the United States, can result in substantial fines and operational restrictions.
To address these overlapping concerns in a unified probe, France’s National Gendarmerie Cyber Crime Unit, in collaboration with Europol and the United Kingdom’s communications regulator Ofcom, launched a coordinated operation with the Paris Police Department. The agencies are jointly investigating allegations of data security violations, privacy breaches, and the distribution of AI-generated explicit content on X over the past 18 months.
Elon Musk has been formally notified to appear before the committee to clarify how X’s business practices align with French and European laws. The outcome of this probe could have significant implications not only for X but also for the regulation of AI-generated content and cross-border data practices across the global tech industry.
Join our LinkedIn group Information Security Community!
