Grok AI's Non-Consensual Deepfake Images Ruled Violation of Canadian Privacy Law

Canada’s Privacy Commissioner, Philippe Dufresne, released a finding that Elon Musk’s Grok AI chatbot allowed users to create and distribute non-consensual deepfake images, violating the country’s federal privacy law. The investigation revealed that over 1.8 million sexually explicit deepfake images were generated globally through Grok in just 10 days in early 2026. Although X platform and xAI have introduced new safety measures, Dufresne stated that “the problem is far from resolved” and noted that these companies are still operating in violation of the law.

This ruling followed related investigations in the UK and California. Canada’s Privacy Commissioner emphasized that while Grok’s image generation volume has dropped by about 50%, “a large amount of such violating content still exists.” Meanwhile, the Liberal Party of Canada introduced the Safe Social Media Act on Wednesday, requiring online platforms to remove sexually explicit content, including AI deepfakes, within 24 hours, and planning to criminalize the sharing of such images. Dufresne said that while X and xAI have made partial compliance commitments, they have failed to convince regulators that the issue is fully resolved.

As global regulation of AI-generated harmful content tightens, this Canadian case could become a landmark. Industry observers point out that tech platforms need to prevent the generation of non-consensual deepfakes at the algorithm design level, rather than relying solely on after-the-fact removal mechanisms. In the future, other countries may follow Canada’s model, using both legislation and enforcement to force AI companies to take on more content governance responsibility.