X Tried to Sidestep Brazil’s Inquiry on AI Deepfakes. The Government Just Pushed Back
In recent weeks, Brazil has found itself in a tense regulatory standoff with X over its generative AI tool, Grok. This confrontation arose after Grok was discovered to have generated millions of sexualized images, including thousands depicting minors. X acknowledged vulnerabilities in a letter to Brazilian authorities but sought to limit its legal exposure by arguing for the legal separation of its subsidiaries, claiming that the @Grok account should be treated as any other user on the platform.
Brazilian Regulators Respond
Brazilian regulators, lawmakers, and legal experts have forcefully rejected X’s attempts to deflect responsibility. Following extensive back-and-forth communication, regulators escalated their demands, requiring the implementation of technical safeguards alongside the threat of daily fines. They reported that within just 11 days of operation starting December 29, Grok generated over 3 million sexualized images, including 23,000 that appeared to represent minors.
In early January, requests for an investigation and suspension of Grok were sent to the Federal Public Ministry by PT Congresswoman Érika Hilton and Brazil’s Institute for Consumer Protection (Idec). Shortly thereafter, X Brasil sent a letter to the Digital Rights Secretariat of Brazil’s Ministry of Justice, marked as “confidential,” which was later made public. In this letter, X Brasil claimed that the @Grok profile operates like any other user account and is subject to the same rules and policies, while attempting to evade responsibility by citing limited operations in relation to X Corp.
Government’s Official Response
The Digital Rights Secretariat responded sharply, asserting that X’s actions demonstrated an attempt to mischaracterize its service and deflect responsibility. The agency concluded that Grok was made available with a design defect and recommended coordinated action by multiple Brazilian government agencies against it.
The Brazilian government’s official response, issued on January 20, included a joint recommendation from the Federal Public Ministry, the National Data Protection Agency, and the Consumer Secretariat. They demanded Grok implement measures to prevent the generation of non-consensual sexualized images and establish procedures for identifying and removing such content. Idec considered these measures insufficient, arguing that mere recommendations without the suspension of Grok allowed violations to persist.
X Brasil’s Strategy
On January 27, X Brasil reiterated its stance, arguing that both X and xAI LLC operate independently, further claiming that it lacked the technical or legal means to intervene in Grok’s operations. This strategy aims to frame the generation of sexualized images and deepfakes as user-generated content, thereby absolving the platform of responsibility.
Experts have criticized this argument as legally weak, highlighting the evident integration between X and Grok. Legal scholars note that joint data processing likely occurs, which under Brazil’s data protection law (LGPD) could constitute co-responsibility. The case illustrates the complexities of accountability involving those who produce the images, the AI agents involved in creation, and the dissemination via X.
Slow Response to Issues
In a letter dated January 19, X Brasil claimed it had adopted “rapid measures” to address the creation of sexualized content on Grok. However, it took nearly three weeks for substantive actions to be implemented. An apology posted by the @Grok profile on December 31 acknowledged the generation of sexualized images of minors, but comprehensive measures were not in place until January 20, according to the company’s letter.
Despite claims of implementing technical solutions, Brazilian authorities allege a lack of concrete evidence and oversight mechanisms to substantiate X’s assertions. A Reuters investigation revealed that Grok continued to generate sexualized images without consent, raising concerns about the platform’s safeguards.
Regulators Increase Pressure
In a recent joint statement, Brazilian authorities raised the stakes for X, asserting that the company had not been transparent regarding its remedial measures. They have mandated immediate implementation of measures to prevent the generation and circulation of improper sexualized images, warning that failure to comply could lead to harsher actions, including daily fines and legal repercussions.
The Brazilian government emphasized the need for X to demonstrate compliance with its duty of care and to prove the absence of systemic failures that allowed harmful content to circulate. This situation is underscored by a recent Supreme Court decision that reshaped platform liability in Brazil, mandating that platforms take proactive steps to monitor and manage harmful content.
Implications for Future Regulation
The Grok case is expected to have significant implications for ongoing discussions about internet regulation in Brazil, especially regarding the AI bill currently under consideration. This proposed legislation follows a risk-based regulatory model that includes prohibitions on systems facilitating the creation of child sexual abuse material (CSAM). Experts argue that generative AI tools lacking minimum safeguards should be classified as “excessive risk,” necessitating regulatory oversight before they can be released to the market.
As the situation continues to evolve, the Brazilian government remains vigilant, focusing on ensuring accountability and safeguarding against the misuse of generative AI technologies.
