Grok's sexual deepfakes violated Canadian privacy law, commissioner says

Canada's federal privacy commissioner has officially determined that sexual deepfakes generated by the Grok AI chatbot violated Canadian privacy law. The findings follow an investigation launched in January 2025 to examine the widespread proliferation of non-consensual sexualized imagery on the social media platform X.

What happened

The investigation focused on the deployment of Grok's AI image generation tool, which the privacy watchdog concluded was launched without adequate safeguards. The commissioner noted that the development process failed to properly consider potential harms to privacy, leading to the creation of millions of sexualized deepfakes.

Key issues identified by the investigation included:

• Lack of Valid Consent: The regulator examined whether the companies involved complied with privacy laws regarding the collection, use, and disclosure of personal information used to generate explicit content without the consent of the individuals depicted.
• Systemic Proliferation: The tool enabled the large-scale generation of sexualized images, which were subsequently shared across the X platform.

The findings have contributed to a global backlash, with regulatory bodies in the United Kingdom, the European Union, and California initiating their own investigations into the matter. Following the public outcry, xAI implemented new restrictions on the Grok tool to address the unauthorized generation of sexualized content.