Governments Struggle to Respond as AI-Generated Non-Consensual Nudity Spreads on X

For the past two weeks, X has been flooded with AI-manipulated nude images created by the Grok AI chatbot. An alarming range of women have been affected by the non-consensual nudes, including prominent models and actresses, as well as news figures, crime victims, and even world leaders.
A December 31 research paper from Copyleaks estimated that roughly one image was posted every minute, but later tests found far more. A sample collected on January 5–6 showed 6,700 per hour over the 24 hours.

But while public figures from around the world have decried the choice to release the model without safeguards, there are few precise mechanisms for regulators hoping to rein in Elon Musk’s new image-manipulating system. The result has become a painful lesson in the limits of tech regulation — and a forward-looking challenge for regulators hoping to make a mark.

Unsurprisingly, the most aggressive action has come from the European Commission, which on Thursday ordered xAI to retain all documents related to its Grok chatbot. The move doesn’t necessarily mean the commission has opened up a new investigation, but it’s a common precursor to such action. It’s particularly concerning given recent CNN reporting suggesting Elon Musk may have personally intervened to prevent safeguards on which images Grok could generate.

It’s unclear whether X has made any technical changes to the Grok model, although the public media tab for Grok’s X account has been removed. In a statement, the company specifically denounced the use of AI tools to produce child sexual imagery. “Anyone using or prompting Grok to make illegal content will suffer the same consequences as if they upload illegal content,” the X Safety account posted on January 3, echoing a previous tweet by Elon Musk.

In the meantime, regulators worldwide have issued stern warnings. The United Kingdom’s Ofcom stated on Monday, saying it was in touch with xAI and “will undertake a swift assessment to determine whether there are potential compliance issues that warrant investigation.” In a radio interview on Thursday, U.K. Prime Minister Keir Starmer called the phenomenon “disgraceful” and “disgusting,” saying, “Ofcom has our full support to take action in relation to this.”

In a LinkedIn post, Australian eSafety Commissioner Julie Inman-Grant said her office had received a doubling of complaints related to Grok since late 2025. But Inman-Grant stopped short of taking action against xAI, saying only, “We will use the range of regulatory tools at our disposal to investigate and take appropriate action.”

By far the largest market at risk of taking action is India, where Grok was the subject of a formal complaint from a member of Parliament. In January, India’s communications regulator, MeitY, ordered X to address the issue and submit an “action-taken” report within 72 hours, a deadline later extended by 48 hours. While a report was submitted to the regulator on January 7, it’s unclear whether MeitY will be satisfied with the response. If not, X could lose its safe-harbour status in India, which could significantly limit its ability to operate in the country.