Elon Musk tries again to escape FTC audits of X data handling

2026-06-04 · Source: AI - Ars Technica · Field: Legal & Regulatory — Compliance & Risk Management, Regulatory Affairs & Government Relations · Depth: Intermediate, medium

Summary

Elon Musk is making a renewed attempt to terminate a Federal Trade Commission (FTC) data-privacy order imposed on X, formerly Twitter, which mandates 20 years of data use restrictions and independent audits until 2042. This order originated from a 2013-2019 coding error that misused two-factor authentication data for targeted advertising, resulting in a \$150 million settlement before Musk's 2022 acquisition. After a failed revocation attempt in 2023, Musk's May petition argues that Twitter's corporate restructuring into xAI and then SpaceX, new privacy leadership, and a "world-class privacy program" negate the order's necessity. He also claims \$17 million in "needless costs," duplication with GDPR compliance, and that the order chills speech and conflicts with Trump's AI Action Plan. The FTC is currently soliciting public comments until July 2, with most early submissions urging denial, citing concerns about X's data handling post-Musk and recent data breaches involving 200 million records in 2023 and 2.8 billion profiles in 2025.

Key takeaway

For legal professionals advising companies undergoing M&A or integrating AI, understand that existing regulatory consent decrees are highly resilient. Your organization's claims of improved privacy programs or corporate restructuring will likely not suffice to terminate long-standing oversight, especially if data breaches or compliance lapses occur. You must proactively demonstrate continuous, verifiable adherence to all regulatory requirements, as agencies like the FTC will intensify scrutiny when commercial incentives for data use, such as AI training, increase.

Key insights

Corporate restructuring and AI integration intensify regulatory scrutiny over data privacy compliance and existing consent decrees.

Principles

• Regulatory orders often survive corporate ownership changes.
• Data breaches significantly weaken privacy program claims.
• AI training creates strong commercial data use incentives.

In practice

• Public comments influence regulatory enforcement decisions.
• Documented compliance is crucial for challenging oversight.

Topics

• FTC Enforcement
• Data Privacy
• Corporate Compliance
• AI Data Governance
• X Corp
• Regulatory Audits

Best for: CTO, VP of Engineering/Data, Executive, Legal Professional, Policy Maker, Director of AI/ML

Related on AIssential

• X Tried to Sidestep Brazil's Inquiry on AI Deepfakes. The Government Just Pushed Back. — Brazilian regulators are challenging X's corporate structure defense to hold it accountable for Grok's harmful AI-generated content.
• Congress Has One Chance to Require a Warrant. It's About to Miss It. — The data broker loophole and FISA Section 702 enable warrantless government surveillance, eroding Fourth Amendment rights.
• The week that Meta employees became training data — Meta's Model Capability Initiative transforms employee actions into AI training data, reflecting a broader trend to overcome data scarcity by internalizing surveillance.
• Lost in Translation: How AI Exposes the Rift Between Law and Logic — AI-driven data usage demands a structured, machine-readable framework to bridge the gap between legal intent and technical compliance.
• Lessons Learned From 2025: Breaches Are Borderless And Regulators Are Watching — Data breaches and privacy fines in 2025 highlight universal vulnerability and the urgent need for robust response and AI oversight.
• ChinAI #341: Big Tech v. the Chinese Government in New AI Companion Regs — Chinese tech firms actively push back against government data and AI regulatory mandates, shaping policy outcomes.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by AI - Ars Technica.