ma2tic

23 February 2026 · Matthieu MALVACHE · 10 min

The Deepfake Crisis: Why AI Safety Guardrails Matter

In January 2026, researchers at Copyleaks found that Grok, the chatbot built into X (formerly Twitter), was generating roughly one nonconsensual sexualized image per minute. Not images of fictional characters. Images of real people, including minors, created from photos they had posted publicly on the platform.

Between December 2025 and January 2026, Grok generated over 4.4 million images on X, with up to 41% containing sexual imagery of real women. At peak usage, the tool was producing an estimated 6,700 sexualized deepfakes per hour, posted directly onto the same social network where the victims' original photos lived.

This is what happens when you ship generative image capabilities without safety guardrails.

What happened with Grok

The pattern started in May 2025, when users discovered Grok could effectively "undress" people in photos. By late December, it had become a trend on X. Users would take a fully clothed photo of someone and prompt Grok to generate a sexualized version. The result would get posted publicly, sometimes going viral.

Reuters tested the system after xAI announced tighter safeguards. Nine reporters ran dozens of controlled prompts. Grok produced sexualized imagery in response to 45 out of 55 prompts. The same prompts were refused by OpenAI, Google, and Meta's systems.

The response from regulators was swift. Ireland's Data Protection Commission opened an EU privacy investigation. Spain's government ordered prosecutors to investigate X, Meta, and TikTok for AI-generated child sexual abuse material. California's Attorney General issued a cease-and-desist to xAI. France, India, and the UK's Ofcom all announced investigations. A class-action lawsuit was filed in Northern District of California on January 23.

The lawsuit makes one allegation worth reading carefully: xAI knew the abuse was happening and responded not by fixing it, but by restricting the feature to paying subscribers. Monetizing harm instead of preventing it.

The deeper problem

Grok is the most visible case, but the deepfake problem is much larger.

A 2023 study found that 98% of deepfake videos online are pornographic, with the overwhelming majority targeting women who never consented. The barrier to creating them has collapsed. What once required video editing skills now takes a text prompt.

The harms extend beyond nonconsensual imagery. AI-generated robocalls impersonated President Biden during the 2024 New Hampshire primary. Deepfake videos of political figures now circulate during every election cycle, and verifying what's real gets harder by the month. Synthetic voices and faces are used for CEO impersonation scams and fake customer verification. The technology is cheap and getting cheaper.

The people building these models know all of this.

Why "move fast and break things" fails here

The Grok scandal is a textbook case of what happens when a company applies Silicon Valley's default playbook to generative AI. Ship the feature, see what happens, fix it later.

The problem is that "later" comes after millions of nonconsensual images have been generated and distributed. You can't un-generate them. You can't remove them from every device that saved them. The damage compounds with every hour the system runs unchecked.

Compare this to how OpenAI, Google, and Meta handled the same capability. All three have image generation features. All three refused the exact prompts that Grok happily executed. Not because they lack the technical capability, but because they built refusal mechanisms before shipping.

Those guardrails aren't perfect, and people do find workarounds. But there's an enormous difference between a system that tries to prevent harm and occasionally fails, and a system that doesn't try at all.

Safety in generative AI is not a competitive disadvantage. It's a basic engineering requirement, like input validation on a web form. You don't ship without it.

What responsible guardrails look like

Effective safety for generative image models involves multiple layers, and none of them are exotic.

It starts with content classifiers that flag harmful patterns before generation. Train classifiers on categories of harmful content (nonconsensual intimate imagery, CSAM, deceptive political content) and apply them at both the prompt stage and the output stage. A prompt asking to "remove clothing" from a photo of a real person should never reach the generation model.

Identity protections are harder but just as important: preventing the generation of realistic images of identifiable real people without consent. Some approaches use facial recognition to block generations matching known faces. Others flag any prompt referencing a real person by name.

Then there's provenance. The C2PA standard (Coalition for Content Provenance and Authenticity), backed by Adobe, Microsoft, Google, and OpenAI, embeds cryptographic provenance metadata into generated files. The EU's draft Code of Practice on AI-Generated Content promotes visible labels combined with invisible machine-readable watermarks. The goal is that synthetic content is always identifiable as such, even after being screenshotted and reshared.

On top of all this, you need rate limiting (generating thousands of sexualized images in a short period is an obvious signal), real-time abuse monitoring, and reporting mechanisms that give victims a fast path to get content removed.

All of this is standard practice at responsible labs. The question isn't whether we know how to do it. It's whether companies choose to.

The regulatory response

Legislators are moving. Not always fast enough, but the framework is taking shape.

The EU AI Act, with provisions taking effect August 2, 2026, is the most comprehensive. Article 50 requires that AI-generated content be "marked in a machine-readable format and detectable as artificially generated." Deployers must disclose synthetic content at first interaction. Article 99 sets penalties up to 15 million euros or 3% of global turnover. A Code of Practice on transparency is expected to be finalized by mid-2026.

In the US, the TAKE IT DOWN Act was signed in May 2025 (one of the rare bipartisan AI bills). It prohibits publishing nonconsensual intimate deepfakes and requires platforms to establish takedown processes by May 2026. At the state level, 48 out of 50 states now have deepfake legislation, with 30 states specifically addressing deepfake nonconsensual intimate imagery and 45 states criminalizing AI-generated child sexual abuse material.

Other jurisdictions are following. The UK's Online Safety Act covers synthetic intimate images. Australia has proposed legislation. India and France launched investigations specifically in response to the Grok scandal.

The direction is obvious: companies deploying generative AI will be held accountable for what their systems produce. Building safety in is becoming a legal requirement, not just good practice.

What this means if you build with generative AI

If you deploy any model that generates images, video, or realistic audio, the Grok case is a warning.

Test your system with adversarial prompts before you ship. Try to make it generate harmful content. If you can, your users will. This is not optional.

No single classifier catches everything, so layer your defenses: input filtering, output classification, provenance metadata, rate limiting, abuse monitoring. Defense in depth works for AI safety the same way it works for security.

Build takedown mechanisms from day one. When someone reports that your system generated harmful content of them, you need a fast response. Having to build this under regulatory pressure and public scrutiny is much harder than building it upfront. I've seen companies scramble to bolt on reporting flows after a crisis - it never goes well.

And keep up with the regulations. The EU AI Act deadlines are approaching. The TAKE IT DOWN Act takedown requirements take effect in May 2026. US states are passing new laws quarterly. If your product serves users in these jurisdictions, compliance is your problem, not your lawyer's.

The technology to generate realistic synthetic media is here and it's not going away. The companies that build safety into the product from the start will be the ones still operating when enforcement begins in earnest.

If you're facing these challenges in your own AI deployments, I cover safety and compliance as part of my consulting work.