Shadow AI in the workplace: staff use unapproved AI tools, exposing firms to data risk
Employees are increasingly turning to unapproved AI tools to draft emails, summarise documents and analyse data, potentially exposing organisations to data privacy and security risks in what is known as "shadow AI". The phenomenon reflects a governance gap where workplace technology is advancing faster than corporate policy. Experts argue that in 2026 the key question is no longer whether to allow AI at work, but how to manage AI that is already in use.
Full text
AI tools are now so widely available that shadow AI has become a risk for every organization. Employees are reaching for them to summarize documents , draft emails, and analyze data - while vendors are increasingly baking AI into their products, often with poor documentation and limited options to switch it off.
The result is that staff may already be using tools that haven't been assessed or approved, potentially exposing the business to risk by unintentionally processing personal or commercially sensitive data.
The key question facing organizations in 2026 is no longer whether to allow AI in the workplace, but how best to manage the AI that is already being used.
Shadow AI isn’t simply a question of employee behavior, but a sign that workplace technology is moving faster than governance.
What is shadow AI?
Shadow AI is the use of AI tools inside an organization without security review, or formal governance and documented sign off from Compliance, Legal or IT teams.
In practice, this usually means consumer-grade generative AI such as ChatGPT, Gemini, Claude, or Copilot, accessed through a personal account. It can also include AI features quietly embedded in approved SaaS products, browser extensions, transcription services, and the growing wave of autonomous agents.
It's the direct descendant of the shadow IT problem of the late 2000s, but with a shift from unauthorized storage to unsanctioned intelligence.
It is harder for organizations to detect, and much harder to control, with the potential consequences spreading beyond one team or one data mistake. Unlike shadow IT, which was mostly a compliance concern, shadow AI creates new risk because it can actively process information, replicate it, and act on it. This makes the impact much harder to predict and contain.
The risks: data protection and privacy compliance
IBM's 2025 Cost of a Data Breach Report found that one in five organizations had already experienced a breach linked to unsanctioned AI, adding roughly $670,000 to the average incident cost.
The more alarming finding for data protection professionals, however, isn’t the headline cost of containment - it’s what those incidents exposed. 65% of those AI-related incidents resulted in exposure of personally identifiable information, and 40% led to intellectual property theft.
The data protection risks are considerable, especially for GDPR-regulated organizations operating in the UK and EU. When an employee pastes customer data into a free-tier chatbot , several obligations may be simultaneously breached. Article 5 demands lawful and transparent processing, which is impossible if the organization doesn't know the processing is happening.
Article 28 requires a data processing agreement with any third-party processor, and no such agreement exists between your business and OpenAI or other similar services when an employee uses a personal ChatGPT account. Article 35 requires a Data Protection Impact Assessment (DPIA) for high-risk processing, which can't be performed on tools the organization isn’t aware of.
Maximum penalties can, at least in theory, reach €20 million or 4% of global annual turnover.
The EU AI Act
The incoming EU AI Act puts further obligations on deployers of high-risk systems, including strict due diligence and risk assessments on AI providers. Again, it is impossible for organizations to meet these obligations if they don’t know which systems are being used.
While the EU’s enforcement stance isn’t yet known, the potential maximum fine here is 6% of global turnover.
The risks beyond regulation
Beyond formal legal sanction, shadow AI could cause serious reputation risk. An incident that causes fundamental harm to individuals or exposes commercial confidentiality agreements is a breach of trust, and the damage could be irrecoverable.
Unlike files uploaded to an authorized storage service such as Dropbox, data entered into free AI tools may be much harder to retrieve or delete. The contractual terms of many free LLMs allow the provider to use prompts and outputs to train their systems, and this is one reason why these tools can be offered for free, despite their high operating costs.
Once data has been entered into the system, it may be irrecoverable as it will be added to the training dataset. There is no guarantee it can be isolated well enough to be deleted, even if the service provider is willing, and can even resurface unexpectedly.
The Samsung case of 2023 shows how quickly the risks of shadow AI can become a reality. Within weeks of the company permitting ChatGPT use in its semiconductor division, engineers had pasted proprietary source code, internal meeting transcripts, and hardware specifications into the consumer interface on at least three separate occasions.
Samsung initially responded with a blanket ban, since reversed. The lesson here is not that every organization should ban AI - it’s that without clear access controls, sensitive data can very quickly become exposed.
Emerging risks in 2026
The most recent threats to organisations come from the rise of ‘ vibe-coding ’ and agentic AI. These use natural language prompts to build applications that process data, and may even make business decisions about how that data is used.
The security risks are a whole topic in itself, but failing to subject vibe-coded apps to scrutiny by your infosec team can mean basic security protocols are missing because the coder didn’t know to ask for them.
Social network Moltbook was vibe coded, and quickly exposed 1.5 million API keys and the emails of 35,000 users. It is an obvious violation of the GDPR security principle, which is the type of failing most regulators are keen to enforce.
Agents deployed without appropriate quality and review procedures can easily make incorrect or inconsistent decisions, and unchecked biases in the underlying models can discriminate against groups, including based on protected characteristics.
If this led to a denial of healthcare, or access to financial services, or employment discrimination, there is an active risk of falling foul of equality and human rights legislation.
How widespread is shadow AI?
Numbers are high already and consistently rising, as shown in UpGuard's State of Shadow AI report, which found that more than 80% of employees use unapproved AI tools at work. Netskope, drawing on cloud security telemetry from late 2024 through late 2025, found that 47% of generative AI usage in the enterprise happens through personal accounts the company doesn't oversee.
Telus Digital research found that of enterprise employees using GenAI at work, around 68% do so with their personal rather than corporate credentials, and 57% admit to entering sensitive information into those tools. Zendesk's CX Trends 2025 reported that shadow AI tool usage in healthcare, manufacturing, and financial services grew by more than 200% year on year.
There is also a striking perception gap. ManageEngine's 2025 survey of US and Canadian workplaces found that 97% of IT decision-makers see significant risks in shadow AI, but 91% of employees see no risk, little risk, or that the risk was outweighed by the reward.
Why staff use shadow AI
Perception gap is the key to the whole problem. Employees aren't pasting client data into ChatGPT because they want to commit a policy and compliance violation. They're doing it because it makes their job easier, and because no one has given them a safer way to get the same result.
Systematic policy violations don’t speak to lax standards or employee negligence - rather, they speak to an unmet need. The most common shadow AI tasks in ManageEngine's data include summarizing notes and calls, drafting emails, brainstorming, and analyzing reports.
These are exactly the kinds of repetitive cognitive tasks that overload employees and slows delivery. When approved tools cannot do the work quickly, employees reach for alternatives that can. Free AI tools can often offer greater functionality.
Enterprise level software needs to be at least as good as the free option, otherwise the free tool will win. Younger members of the workforce are digital natives and are used to adopting tools to get the job done and will often move faster than procurement processes allow.
Software AG's research found that 48% of employees would keep using AI tools even if their organization explicitly banned them, and As Check Point Software's analysis bluntly puts it, banning AI removes the official pathway for employees to flag a tool, and instead guarantees that all new AI in the business is shadow AI. Clearly, bans are not the way to combat the issue.
Governance that works
The issue of Shadow AI is now too widespread for any well-governed organization to ignore, and the companies getting this right are treating it as a signal, not an infraction.
You need to know what is happening in your organization so you can see where the pressure points are and alleviate the pressure employees so obviously feel to use unapproved tools to get the job done. This requires a wide range of stakeholders, and not just IT approving or blocking systems.
Start by mapping what's already happening. Network monitoring and SaaS discovery tools can usually surface a surprising list of AI services in active use; treat that list as research, and not as a way to discipline offenders. Ask your staff, anonymously if needed via surveys and listening sessions, so they can describe what they're trying to accomplish without fear of reprisal.
When you’ve identified what people need, provide a sanctioned alternative that's at least as good as the shadow option, with enterprise data protections behind it – nearly all free tools that staff are likely to use have enterprise versions backed up with robust security and data protection agreements.
Follow that with a short, readable policy, ideally permissive but with guardrails. Name approved tools by category or purpose, list prohibited data inputs (personal data, source code, financial projections, confidential client information).
Finally, invest in literacy training so staff understand what data goes where, and refresh it as the tools change. Keep the use cases, their actual use, and the policy under continuous review and update it regularly so you can keep ahead of staff needs before they find their own solutions.
Conclusion
Shadow AI is a losing battle if you treat it as a discipline problem; there are too many tools, too much demand, and it’s too easy to access. Treated as a business design problem, however, it becomes something more powerful.
Every employee who reaches for an unapproved tool is pointing at a gap, be it in the software they've been given, the workflows they're stuck with, or the support they haven't received.
Good governance doesn't just close that gap for compliance reasons - it closes it in a way that legitimately makes people's jobs easier while delivering the AI capability the business needs through the front door rather than the back.
We've featured the best business VPN.
This article was produced as part of TechRadar Pro Perspectives , our channel to feature the best and brightest minds in the technology industry today.
The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit
Should companies fully block unapproved AI tools in the workplace?
Comments
No comments yet
Comments
No comments yet — be the first to weigh in 👇
No comments yet. Be the first!