xAI Suit: Grok Made 7,000 CSAM Images of an 11-Year-Old
TL;DR
- An amended class-action complaint in the Northern District of California says a stepfather used Grok to generate roughly 7,000 sexual images of his 11-year-old stepdaughter.
- Plaintiffs allege xAI's mandatory NCMEC report on that case included only the original non-CSAM photo and omitted the generated images and the perpetrator's IP address.
- By early 2026, NCMEC reportedly found 90% of xAI's CyberTipline reports were not actionable because user identifiers were missing.
The most striking thing in the amended complaint against xAI isn't the raw number, though it is bad enough. It's what the reporting outlet says xAI passed to NCMEC afterwards. According to Ars Technica, Jane Doe 4's stepfather used Grok to generate roughly 7,000 sexually explicit images of her, built from a photograph of her lying on a couch when she was 11. The suit, filed in the Northern District of California by Lieff Cabraser and Baehr-Jones Law, says the man shot himself two days after he was arrested and charged.
That is the individual case. The systemic claim, and it is the one that should worry every generative image lab, is about what did and didn't get passed to law enforcement. The plaintiffs say xAI's mandatory report to the National Center for Missing & Exploited Children included only the original, non-CSAM photograph, omitted every one of the AI-generated CSAM images, and failed to include the IP address where the images were created. Investigators reportedly asked for that information repeatedly and got no response for weeks. Zoom out and the complaint alleges that by early 2026 NCMEC found 90% of xAI's CyberTipline reports were not actionable because user identifiers were missing.
The scale context is grim. Researchers at the Center for Countering Digital Hate estimated that during an eleven-day window in late December 2025 and early January 2026, Grok generated approximately three million sexualized images, roughly 23,000 of which depicted apparent children. Two new plaintiffs have been added to the amended complaint, including a 14-year-old whose eighth-grade graduation photo was reportedly used by an adult male relative of a classmate. Stability AI has also been added as a defendant.
Take the specifics as allegations for now, not settled fact. The complaint is one side of the case, xAI's court response isn't in the reporting I retrieved, and the exact ratio of platform-attributable outputs to jailbroken workflows is the sort of thing that gets fought over in discovery. What the reporting also doesn't cleanly resolve is whether Grok's current guardrails still behave the way they did in that eleven-day window, or what inside xAI's pipeline stripped the IP metadata off the CyberTipline reports.
The reason this matters beyond one company is that regulators, plaintiffs' firms, and NCMEC now have a very concrete template for what unsafe deployment looks like on the reporting side, not just the output side. Labs that can already show clean, actionable CyberTipline reports with account IDs and IPs come out of this better positioned. The ones that can't should treat this suit as the leading indicator.
Shared on Bluesky by 3 AI experts
-
The expanded class action suit accuses X “of shielding child predators by obstructing police investigations into Grok-generated child sex abuse materials (CSAM).” CW for descriptions of child harm and sexual assault.
View on Bluesky →
Originally reported by arstechnica.com
Read the original article →Original headline: Lawsuit: Man used Grok to make 7K sex images of stepdaughter, then shot himself - Ars Technica