Musk’s X poses “serious risk to Americans’ privacy,” advocates warn FTC
Summary
Privacy and consumer protection advocates are urging the Federal Trade Commission (FTC) to reject X's bid to terminate an ongoing order mandating independent audits of its data handling, ahead of a July 2 deadline for public comments. The initial 2022 order stemmed from Twitter's improper sharing of user contact information for ad targeting. X, rebranded by Elon Musk, argues the order imposes burdensome costs, is duplicative of GDPR obligations, and is unnecessary due to platform changes. However, 15 advocacy groups, including the Electronic Frontier Foundation, contend that Musk's changes, particularly X's AI training practices and the Grok chatbot, heighten privacy risks. They cite global backlash to Grok, a lawsuit alleging CSAM generation, a 2025 leak of 2.8 billion records, and X's collection of "hundreds of millions of posts" for AI training without explicit user consent. Cambridge Analytica also claims X's AI business model mirrors its own "surveillance capitalism." Former US Attorney General William Barr supports X, citing excessive FTC demands.
Key takeaway
For legal professionals advising tech companies on data privacy compliance, recognize that platform rebranding or new AI initiatives do not automatically invalidate existing regulatory consent orders. Your organization's explicit user consent mechanisms for AI training must be robust and transparent, as merely updating terms of service is insufficient and risks significant regulatory scrutiny and public backlash. Ensure your data handling practices, especially for AI, demonstrably exceed minimal compliance to avoid being deemed a "repeat offender."
Key insights
X's AI training and data practices intensify privacy risks, necessitating continued FTC oversight despite rebranding claims.
Principles
- Rebranding does not negate prior regulatory obligations.
- User consent for AI training requires explicit opt-in, not just updated terms.
- Existing consent frameworks may fail against industrial-scale behavioral exploitation.
In practice
- Review platform terms for AI training clauses.
- Seek explicit user consent for data use in AI models.
- Monitor AI models for unintended content generation.
Topics
- Data Privacy
- FTC Oversight
- AI Training Data
- Grok Chatbot
- GDPR Compliance
- X Corp.
Best for: CTO, VP of Engineering/Data, Director of AI/ML, Policy Maker, Legal Professional, AI Ethicist
Related on AIssential
Editorial summary, takeaway, and curation by AIssential. Original article published by AI - Ars Technica.