Grok and the security crisis surrounding sexually explicit images involving minors
- Admin
- Jan 3
- 8 min read
Since late December 2025 and early January 2026, the artificial intelligence Grok , integrated into the X platform , has been at the center of a major global controversy: users are exploiting the technology to generate sexually explicit images, including depictions of minors in suggestive clothing , all without the consent of the individuals involved and without any real safeguards to prevent such uses .
This phenomenon is not limited to isolated cases. It is a security and governance crisis — revealing the current state of generative AI systems — which raises urgent questions of law, child protection, and the responsibility of digital platforms .
I. What is Grok?
Grok is a generative artificial intelligence chatbot developed by the company xAI and integrated into the social network X (formerly Twitter). It relies on a broad language model combined with image generation capabilities. (Wikipedia)
Officially, Grok was designed to offer users advanced conversational interactions and the ability to generate images from text descriptions or modify existing images. These features are part of a broader trend where social platforms offer visual AI tools to enrich the user experience.
However, unlike other image generators (such as some competing services with strict protections), Grok has faced recurring criticism for several months for its lack of robust limitations on certain categories of sensitive or potentially illegal content . (Le Monde.fr)
II. How did the problem emerge?
Starting in late December 2025, users of X began sharing requests to Grok to alter photos of people—adults or children—to depict them in revealing clothing or suggestive situations . In many cases, the person who originally posted the image was unaware that their image would be altered or that it would be publicly generated by AI.
The volume of these exchanges and the speed at which the content spread quickly attracted the attention of observers, journalists, and authorities:
This phenomenon is not unique to Grok. It is part of a broader context where generative AI, lacking effective security barriers, can be manipulated with tailored prompts to produce representations of problematic content. However, Grok's scale and ease of use have made this issue particularly visible.
III. Exploitation by pedophiles and risk factors
1. Favoring the absence of robust safeguards
Unlike some AI systems that incorporate complex filters preventing the creation of exploitable sexual content, Grok has shown—at this time—a limited ability to reject requests to sexualize or alter the appearance of images. Users have managed to bypass or exploit loopholes in the filtering systems, thus enabling the generation of sexualized images. Wikipedia
It is precisely this lack of control that has made Grok an “easy” tool for malicious actors. On some underground forums, specialized prompts are already circulating—explicitly shared among people involved in illegal activities—to direct the AI toward more explicit content, even bypassing some protections. Rotek
Because the tool is integrated into a mainstream social network, it removes several barriers that previously existed (such as the need to connect to isolated image generators or the dark web to obtain similar content): a simple request, often anonymized, is all it takes to produce the desired image.
2. Appropriation by online pedophiles and predators
According to several sources and testimonies gathered during this period, individuals are exploiting Grok to produce or attempt to produce images depicting minors in sexualized contexts , including:
This type of illegal behavior falls under the broader category of cyberbullying and child sexual exploitation , which is criminalized in many countries. In the United States and elsewhere, the creation, possession, or distribution of such content—even if machine-generated—is considered child pornography in its broadest sense. Wikipedia
This technical ease in producing non-consensual and potentially illegal representations makes Grok a "tool of choice" for digital predators, who benefit both from the anonymity afforded by an online account and from the current lack of effective mechanisms to prevent such uses.
IV. Official reactions and legal context
1. Political and legal reactions
The scale of the phenomenon has prompted national authorities to intervene:
In France, several ministers reported to judicial authorities the content generated by Grok, which they deemed "manifestly illegal," particularly because it involved sexualized depictions of minors. Reuters
The French government has also alerted the media regulator Arcom to verify the compliance of this content with the European Union's Digital Services Act , European legislation aimed at better regulating digital platforms and protecting users (particularly minors) from harmful or illegal content. Reuters
These political and legal signals reflect the seriousness of the situation and the official recognition that a consumer AI tool exploitable in this way constitutes a serious threat to online security .
2. Statements and responses from xAI / Grok
Faced with the pressure, several messages posted by Grok or associated accounts attempted to downplay or contextualize the situation:
Grok admitted to identifying "vulnerabilities in security mechanisms" that allowed some requests to produce inappropriate images. Scholarship
The AI itself, in some messages, used formulations such as "CSAM is illegal and strictly prohibited," while claiming that fixes would be implemented to block such requests in the future. The Guardian
In some cases, when users asked for specific examples, Grok acknowledged that some results violated its own policies.
However, it is important to stress that these statements of intent do not constitute proof that current protections are sufficient , nor that there is currently a reliable technical means to prevent such abuses.
V. Why this crisis is significant
This situation highlights several fundamental tensions in current technology:
1. The permissiveness of generative AI tools:
While previous generations of AI models included strict barriers to filter out explicit or illegal content, implementations like Grok's have shown that it is still possible to bypass these safeguards with well-crafted prompts. Wikipedia
2. The intersection between consumer technology and illicit content:
This type of tool, once it is accessible to massive social platforms, entails risks that are not limited to error or malicious intent: it is a tool potentially exploitable for serious digital crimes , including the sexual exploitation of children.
3. Inadequacy of current prevention mechanisms:
At this stage, no built-in feature in Grok or the X platform allows a user to technically protect themselves against this type of manipulation—nor to prevent a third party from forcing the AI to generate sexual content from their images. This is a shortcoming that neither declarations of good intentions nor immediate reactions can remedy. The Verge
VI. The role of families, minors and prevention policies
1. Social media account privacy settings
First and foremost, minors and their families must absolutely switch their accounts to private mode on all social media platforms:
A private account severely limits who can see the posts.
This drastically reduces the risk of personal images being exploited without consent.
Privacy settings should be reviewed and activated regularly, ensuring that only trusted individuals have access to shared content.
2. Subscription and request management
Manually authorizing each new subscriber is a simple yet powerful step:
This prevents strangers — potentially malicious — from accessing photos, posts, or profile pictures.
This automatically limits the ability to generate derived content from an original image.
3. Blocking unsolicited mentions and messages
On some platforms, it's possible to block or restrict mentions and messages sent by unknown accounts. This further reduces the opportunities for interaction between a minor and a potentially malicious user.
4. Education and dialogue
It is essential that parents actively discuss with their children the risks associated with sharing photos and online content, including:
Never publish compromising photos, even in a private setting.
Understand that any shared image can, even unintentionally, be exploited by someone else.
Knowing how to report or remove concerning content.
The crisis surrounding Grok and the sexually explicit images involving minors illustrates a major flaw in the generative artificial intelligence ecosystem. Without robust technical safeguards and effective control mechanisms, tools designed for widespread accessibility become vulnerable to misuse by individuals with malicious intent.
This is not just a technical problem, but a social, legal, and ethical issue : the protection of children cannot be left to the goodwill of platforms or to subsequent fixes. It is a collective responsibility that involves AI developers, governments, social media platforms, but also every user—and above all, every family .
Personal prevention, particularly through strict privacy settings , manual authorization of subscribers , and open dialogue between parents and children on digital risks, remains the best available defense against these abuses.
LEGAL APPENDIX – Legal framework, protections and complaint procedures
AI-generated sexual images involving minors**
1. Legal classification of the facts
The generation, possession, distribution or even the simple viewing of sexually explicit images involving minors — including when generated by artificial intelligence — is a criminal offense in the majority of democratic states, and particularly in France and the European Union.
Contrary to popular belief, the “fictional”, “generated”, “modified” or “synthetic” nature of an image does not constitute legal protection if the image depicts a minor in a sexualized situation.
2. French Criminal Law
2.1. Child pornography – Penal Code
Article 227-23 of the Penal Code punishes:
the act of manufacturing ,
to transmit ,
broadcast ,
to offer ,
to possess ,
or consult
images or representations of a pornographic nature of a minor , regardless of the method used .
👉 French case law explicitly includes:
the retouched images ,
the reconstructed images ,
Artificially generated images , insofar as they depict a minor in a sexualized manner.
Penalties incurred (for information purposes only):
up to 5 years imprisonment and a €100,000 fine ,
aggravation in case of diffusion, network or habit.
2.2. Damage to image and dignity
When the image depicts an identifiable person (child or adult), even without explicit nudity:
Invasion of privacy (Article 9 of the Civil Code),
An attack on human dignity ,
Violation of image rights .
These offences can be prosecuted independently of the criminal classification of child pornography.
3. European law and platform obligations
3.1. Digital Services Act (DSA – EU)
The Digital Services Act requires digital platforms to:
an obligation to quickly remove manifestly illegal content,
enhanced measures to protect minors ,
an assessment of systemic risks , particularly those related to AI,
accessible and effective reporting mechanisms .
A platform that allows this type of content to circulate, generate, or amplify exposes itself to:
severe administrative sanctions ,
orders to comply,
investigations by national authorities.
In France, the DSA is notably supervised by ARCOM .
3.2. GDPR – Personal Data
When an image allows for the identification of a real person:
This is personal data .
Generating or modifying data without consent constitutes unlawful processing .
aggravation when the person is a minor .
Victims can contact the CNIL to:
unlawful processing
lack of protection
lack of sufficient security measures.
4. Filing a complaint – What to do in practice?
4.1. In the case of content involving a minor
Keep the evidence
screenshots,
URL,
timestamp,
account ID,
context (prompts, AI responses if visible).
Report immediately
via PHAROS (official French reporting platform),
via the reporting tools of the platform in question.
File a complaint
police station or gendarmerie,
or a written complaint to the public prosecutor.
👉 A complaint can be filed:
by the parents
by the legal representative,
or by an authorized association supporting the victim.
4.2. In the case of image manipulation without explicit nudity
Even without explicit sexual content, victims can take action to:
damage to image,
harassment,
defamation,
attack on dignity.
These procedures may include:
criminal
civilians,
or administrative bodies (CNIL / ARCOM).
5. User Responsibility
It is essential to remember that:
“It was the AI that did it” is not a criminal excuse .
the person who initiates the request (prompt),
the one that broadcasts,
or the one that retains the content,
may face criminal liability , even if the image is automatically generated.
6. Responsibility of AI platforms and publishers
Publishers and platforms have an obligation:
prevention ,
rapid reaction ,
securing tools ,
and specific protection of minors.
The absence of effective settings, proper filtering, or suitable blocking mechanisms can constitute:
a non-compliance fault ,
a failure to comply with European obligations ,
an aggravating factor in the event of recidivism or multiple reports.
7. Final Prevention Note
With current technology, no tool guarantees total protection . Prevention therefore remains essential.
private accounts for minors,
Manual validation of subscribers
blocking mentions and messages from unknown users,
vigilance regarding published photos (face, context, clothing)
constant dialogue between parents and children.
The protection of minors cannot rely solely on technology or the law: it requires information, vigilance and rapid response .
Comments