Welcome to February’s Algorithm Governance Roundup. This month saw significant scrutiny of social media platforms’ addictive design features, with a landmark U.S. legal case against Meta and Google and a preliminary finding against TikTok under the EU’s DSA. Meanwhile, Grok continues to be investigated: Several European Member States and the California Attorney General have opened criminal and data protection investigations into X and xAI over the creation and distribution of sexualised deepfakes and CSAM using Grok.

On that note, I spoke with Dr Paul Bouchaud who led research on Grok at AI Forensics, a European non-profit organisation that conducts independent technical investigations into algorithmic systems. We discussed their crucial audit charting the rapid rise of sexualised deepfakes and other harmful content generated using Grok.

As a reminder, we take submissions: we are a small team who select content from public sources. If you would like to share content please reply or send a new email to algorithm.newsletter@awo.agency. Our only criterion for submission is that the update relates to algorithm governance, with emphasis on the second word: governance. We would love to hear from you!

Many thanks and happy reading!

Esme Harrington

In the EU, the European Commission (EC) has preliminarily found against TikTok for its addictive design under the Digital Services Act (DSA). The investigation indicates that TikTok did not sufficiently assess how features such as infinite scroll and highly personalised recommender systems could affect users' physical and mental wellbeing. The EC also found that TikTok’s screen-time management tools introduce limited friction, whilst its parental control tools require additional time and skill from parents, limiting their effectiveness. TikTok is now able to respond.

The EC has opened formal proceedings against Shein under the DSA for addictive design, lack of transparency in its recommendation algorithms, and failing to prevent the sale of illegal products such as child-like sex dolls.

The EC, Australia’s eSafety Commissioner and UK’s Ofcom held the first meeting on age assurance mechanisms, following a joint communication signed in November 2025 committing to collaborate on children’s online safety. During the meeting, the eSafety Commissioner reported that the Australian social media age restrictions have led platforms to remove 4.7 million accounts identified as belonging to children under 16.

In France, the prosecutor’s cybercrime unit searched X’s offices in Paris as part of a criminal investigation into alleged offences, including X’s complicity in spreading Grok-generated CSAM, sexualised deepfakes and denials of crimes against humanity. Prosecutors announced they would investigate Grok in November, after it was used to generate Holocaust denial content.

In India, the government hosted the AI Impact Summit, bringing together leaders from over 200 countries, industry, policymakers and civil society. The Summit focused on improving access to AI within the Global South, with a Declaration signed by 91 countries. In addition, India agreed the India-U.S. AI Opportunity Partnership to join the U.S. Pax Silica Declaration on AI and supply chain security.

In Ireland, the Coimisiún na Meán, the Irish Digital Services Coordinator, has published guidance for applicants seeking access to internal platform data under Article 40.4 DSA. The document explains the application process, assessment criteria, and instructions for meeting the eligibility requirements.

The An Coimisún um Chosaint Sonraí, the Data Protection Commission, has opened a GDPR investigation into X regarding the use of Grok to create and publish sexualised deepfakes of EU data subjects, including children.

In Spain, the Council of Ministers has requested the public prosecutor to open a criminal investigation into X, Meta and TikTok for allegedly creating and spreading AI-generated sexualised deepfakes and CSAM.

In the U.K., Ofcom has published guidance on super-complaints under the Online Safety Act (OSA). This mechanism enables eligible organisations to submit evidence of features posing a material risk of significant online harm or impacting freedom of expression.

Ofcom has also opened a call for evidence to inform its statutory report on content harmful to children. It is seeking evidence on the quantity, prevalence or presence of content harmful to children on user-to-user and search services. Submission deadline is 10 March.

Ofcom has fined one pornography provider £1.35 million and fined Kick £800,000 for failing to implement effective age assurance to prevent children encountering pornographic content, as required by the OSA. It has also issued a provisional notice of contravention to 4chan for breaches of illegal content risk assessment duties and children’s safety duties.

In the U.S., the California Attorney General has launched an investigation into xAI concerning the creation and distribution of sexualised deepfakes and CSAM using Grok. Following the announcement, the Attorney General sent xAI a cease and desist letter demanding that the company implement measures to prevent the generation of such content.

A Los Angeles Court has heard evidence from Mark Zuckerberg in a landmark case against Meta and Google that alleges the companies deliberately designed Instagram and YouTube to be addictive to children. The lawsuit alleges that the addictive design contributed to the claimant’s depression, body image issues and suicidal ideation, rendering the platforms unsafe under product liability law. TikTok and Snap were originally defendants but settled before the trial.

Meanwhile, the Federal District Court of New Mexico is hearing an Attorney General complaint against Meta that alleges the company failed to safeguard children against trafficking and sexual abuse. According to the lawsuit, Meta’s platforms served underage users sexually explicit material, enabled adults to contact and groom children, and permitted unmoderated groups devoted to commercial sex and CSAM distribution.

The U.S. Center for AI Standards and Innovation at the Department of Commerce’s National Institute for Standards and Technology has opened a consultation on automated benchmark evaluations of language models. Consultation deadline is 31 March.

A Declaration on Digital Rights: Embedding Human Rights in a New Deal for the Digital Age, Sofia Lyall, Caragh Aylett-Bullock, Naema Malik, Nicola Stokes, Abduraman Sesay, Tyreese Calnan and Elizabeth Seger, Demos

Age Assurance Online: A Technical Assessment of Current Systems and their Limitations, Eric Rescorla, Zander Arnao and Alissa Cooper, Knight-Georgetown Institute

AI Essential for Judges, Kamel El Hilali, UNESCO

Artificial Insecurity: How AI Tools Compromise Confidentiality, Daniel Leufer, Namrata Ma-Heshwari, Vlad, Access Now

Brave New World? Justice for creators in the age of GenAI, Dr Rachael Drury, Deborah Annetts and Ed Phelan, Independent Society of Musicians

Measuring Risk: What EU Risk Assessments and US Litigation Reveal About Meta and TikTok, Peter Chapman and Matt Steinberg, Knight-Georgetown Institute

On-Device Foundational Biases: How Summarization Can Perpetuate Biases, Dr Paul Bouchaud, AI Forensics

Reliability of LLMs as Medical Assistants for the General Public: A Randomized Preregistered Study, Andrew M. Bean, Rebecca Elizabeth Payne, Guy Parsons, Hannah Rose Kirk, Juan Ciro, Rafael Mosquera-Gómez, Sara Hincapié M, Aruna S. Ekanayaka, Lionel Tarassenko, Luc Rocher and Adam Mahdi, Nature

Scribe and Prejudice? Exploring the Use of AI Transcription Tools in Social Care, Oliver Bruff and Lara Groves, Ada Lovelace Institute

Social Media Giants on Trial in California as Courts Revisit Tech Immunity, Madeline Batt, Tech Policy Press

Taming the Hyperscalers, Max von Thun and George Colville, Open Markets Institute

The Brussels Sphinx’s Riddle. What is a High-Risk AI System? Andrea Bertolini, Federica Fedorczyk, Marta Mariolina Mollicone, Guilherme Migliora

Towards a Science of AI Agent Reliability, Stephan Rabanser, Sayash Kapoor and Arvind Narayanan, AI as Normal Technology

Why the Security Monopoly Model Doesn’t Work for AI, Sarah Myers-West

interface is hiring a Policy Researcher on its AI Systems, Markets & Governance Programme. The role involves using qualitative and quantitative methods to research the political economy of AI and evaluating AI systems. The role is based in Germany.

AlgorithmWatch Switzerland is hiring a Senior Policy Manager on AI and Climate. The role is based in Zurich and working in German.

Ofcom is hiring several roles, including Online Safety Policy Adviser and Policy Manager, and a Principal to lead strategic direction, development and delivery of online safety product. The roles are based in the UK.

Dr Paul Bouchaud is a lead researcher at AI Forensics, a European non-profit organisation that conducts independent technical investigations into the algorithmic systems driving online platforms. We spoke about their recent audit that tracked the rapid rise of sexualised deepfakes and other harmful content generated using Grok.

Paul: AI Forensics is a European non-profit that investigates influential and opaque algorithms. We conduct independent technical investigations into major technology platforms to uncover and expose harms caused by their algorithmic systems.

Platforms rarely provide researchers with meaningful access to data. Therefore, we have developed our own auditing infrastructure that allows us to collect evidence independently. We mimic user behaviour using methods such as sock-puppets, scraping, and structured user data donation. These adversarial but methodologically rigorous approaches allow us to remain fully independent from platforms while preserving the integrity of our datasets.

I am a lead researcher at AI Forensics conducting quantitative analysis. This involves large-scale data collection and statistical assessments of platform behaviour. I have worked on a range of investigations, including into Amazon’s recommendation systems, Meta’s ad delivery practices – which contributed to the European Commission opening formal proceedings – and advertising practices on X.

Paul: The investigation began in response to a growing trend observed during the Christmas period. My X feed became saturated with Grok-generated images depicting individuals, predominantly women, in minimal attire. I suspected the trend was spreading rapidly based on anecdotal impressions. Therefore, we decided to measure the scale and characteristics of the phenomenon systematically.

Between Christmas and New Year, we collected approximately 20,000 Grok-generated images from X. In the weeks that followed, we expanded the dataset to over 100,000 images. This large-scale collection allowed us to measure patterns over time, assess demographic impacts, and track the introduction of safeguards.

We collected images generated via the X interface and xAI’s Grok Imagine web and mobile app interfaces. For Grok-generated content via X, the outputs were public. This enabled us to use automated collection methods to archive generated images at scale. Despite a lack of access to X’s official API for research purposes, we were able to collect publicly available X posts through technical means.

For images generated directly via Grok Imagine, we used a different strategy. Grok allows users to share generated images (and chats) on platforms or via direct messages. To fulfil this function, Grok creates a URL link that enables a recipient to view the generation request (i.e. the prompt and generated image). We found that web crawlers and search engines were indexing these URL links, which enabled us to collect generated images. In parallel, Grok users were sharing links, prompts and generated images in niche online communities which we were able to archive.

In addition, we conducted limited prompting experiments to test the Grok model’s ability to produce harmful content. We did not conduct prompting experiments via the X interface because outputs were public and could expose third parties to harmful content. Therefore, we only conducted prompting via the Grok Imagine interface because outputs are private by default (unless shared). This allowed us to test the model’s capabilities directly using European IP addresses.

Paul: Our findings were striking. Our initial report 'Grok Unleashed' analysed the initial 20,000-image dataset, finding nearly half of the generated images depicted individuals in minimal attire. Approximately 80% of those individuals presented as women. On X, most user prompts did not originate from the person depicted. Instead, third parties replied to an existing post and asked Grok to modify the image, typically to “put this person in a bikini”. This trend scaled rapidly within days of launch, with thousands of public replies containing modified images of identifiable individuals. This disproportionately targeted female-presenting individuals and often operated without their consent.

We also identified a small percentage of sexualised images depicting individuals who appeared to be minors. Within the Grok Imagine dataset, we identified 17 images that were subsequently confirmed by a French hotline as constituting CSAM under French law. We notified the relevant authorities and xAI. One month later, 14 of those images remained accessible online.

In addition to sexualised imagery, we observed the generation of extremist content, including Nazi and ISIS-related imagery. While such outputs were not prevalent at scale, their existence demonstrated the absence of effective guardrails.

The investigation also revealed important differences between the access interfaces. On X, Grok did not generate images with full nudity. Even when prompted indirectly by users, for example through references to transparent clothing, the model failed to produce explicit anatomical detail. By contrast on the Grok Imagine web interface, we were able to prompt Grok to generate explicit pornographic content simply by activating “Spicy Mode”. This signalled that adult content generation was an intended feature. These differences indicate that the models can behave differently depending on interface-level restrictions. The constraints observed on X were not inherent technical limitations but configurable design choices.

Paul: Following public scrutiny, X and xAI introduced several restrictions. In particular on X, it restricted image generation to X Premium subscribers and disabled the ability to create sexualised deepfakes, including bikini transformations, through prompt filtering and adjusting its refusal thresholds. Our updated report confirmed that the volume of bikini-style transformations dropped significantly after these changes.

However, significant disparities between the interfaces remain. While X imposed restrictions, Grok Imagine continued to allow explicit content generation via “Spicy Mode” without clearly robust systems to prevent illegal outputs. This divergence underscores the importance of evaluating not only the model itself but also the surrounding product design.

The speed with which these restrictions were implemented demonstrates that the safeguards were technically feasible from the outset. The issue was not capability but decision-making. The model’s behaviour changed once public pressure mounted.

Q: What action have regulators and public bodies taken to address these harms?

Paul: The Grok episode became an early stress test for multiple regulatory regimes. In France, the Attorney General quickly expanded an existing investigation into X to include Grok-generated sexual deepfakes. French criminal law already prohibits the creation and dissemination of sexualised deepfakes without consent. Similarly, the Californian Attorney General initiated an investigation under state-level deepfake legislation.

At the EU level, the Digital Services Act (DSA) requires Very Large Online Platforms – such as X – conduct a systemic risk assessment when it makes a significant design modification. Therefore, it arguably should have assessed the integration of Grok across a range of risks, including the dissemination of illegal content, negative impacts on the rights of the child and gender-based violence. Indeed, the European Commission (EC) has opened an investigation into Grok’s integration on X, ordering the company to retain data and internal documents. However, the EC’s approach has not matched the rapid pace with which the harms materialised. By contrast, the EC acted comparatively quickly in the case of TikTok Lite by utilising the DSA’s interim measures procedure.

Overall, whilst the regulatory architecture exists, the episode exposed limitations in crisis-response speed and coordination. The Grok case demonstrates that powerful generative systems can scale harm extremely quickly, especially when integrated into social media platforms. Regulators must therefore strengthen rapid-response mechanisms that operate alongside traditional investigation procedures.

Regulators should also scrutinise interface-level design decisions. Enforcement frameworks must account for how product integration shapes risk exposure. Platforms must conduct sufficient pre-deployment risk assessments and disclose mitigations before embedding generative AI features within their platforms. As our work demonstrates, independent monitoring is essential to detect systemic harms in real time.