This led to a privacy storm across the European Union, with privacy complaints filed with data protection authorities in nine EU countries. The Irish Data Protection Commission (DPC) expressed surprise at the undisclosed data use, and privacy experts argue that user consent is necessary for this type of data use.
The Irish DPC has initiated legal action in the Irish High Court, seeking an injunction to halt X’s data use for AI training. However, European Center for Digital Rights, a non-profit organization based in Vienna, Noyb, contends that these actions are insufficient, as users have no way to compel X to delete data that has already been ingested for AI training.
This situation is not unique to social network X, as Meta faced similar scrutiny earlier this year and paused its plans to process user data for AI training after Noyb backed some GDPR complaints and regulators intervened.
The growing tension between rapid AI advancement and stringent EU data protection laws is underscored. With potential GDPR fines reaching up to 4% of global annual turnover, the outcome of these complaints could set a significant precedent for how social media platforms handle user data for AI development in the future.
For e-commerce businesses, the X case serves as a stark reminder of the delicate balance between innovation and privacy. The use of customer data for AI training, while potentially beneficial for improving services, must be approached with extreme caution and transparency. Failure to do so not only risks hefty fines but also erodes customer trust – a critical asset in the competitive e-commerce landscape.
Moreover, as e-commerce continues to globalize, understanding and complying with various international data protection laws becomes increasingly complex. The outcome of the complaints against X could set a precedent that impacts how e-commerce platforms collect, process, and utilize customer data for AI and machine learning purposes.