Ireland Sues Twitter Over Harvesting User Data for Their AI
But everyone does it, right?
The Irish Data Protection Commission asked the High Court of Ireland in Dublin to stop the social media company from using customer data to train its large language model.
Twitter added a setting last month, which defaults to enabled, that allows it to use any user data to train its software. This does not qualify as obtaining permission.
Twitter’s large language model called Grok is available to paid subscribers.
The DPC said, at a hearing this week, that Twitter is violating the EU’s privacy law, GDPR. They also said that Twitter failed to respond to its repeated requests to stop.
Under GDPR, companies must get consent from users before using their data, among many other requirements. There is a similar requirement in the EU’s new AI law.
There are a lot of related requirements under GDPR like consent must be freely given, among other requirements.
Twitter is not alone with these problems. Meta decided not to introduce its AI product in Europe AFTER they used data from Instagram and Facebook to train it. Curiously, this halt happened right after a privacy rights group filed a complaint with 11 EU data regulators. Given that Meta just paid Texas $1.4 billion and the EU laws are much harsher, they must have decided to halt rather that test it.
Twitter on the other hand, loves giving millions of dollars to its lawyers, knowing that it will twist the legal system into knots for years. The EU legal system is a bit different than ours and it MIGHT, POSSIBLY, have more teeth in this situation.
In the worst case for Twitter, the maximum penalty under GDPR is 4 percent of their global revenue. The maximum penalty under the AI Act is 7 percent. Since Twitter is private now, we don’t know what their current revenue is, but if it is around $2-$3 billion, that would be a substantial fine.
Stay tuned.
Credit: Data Breach Today