Shadow AI is a business design problem, but it can be overcome | Tech Radar
Overview
News, deals, reviews, guides and more on the newest computing gadgets
Start exploring exclusive deals, expert advice and more
Details
Unlock and manage exclusive Techradar member rewards.
Unlock instant access to exclusive member features.
Get full access to premium articles, exclusive features and a growing list of member rewards.
Shadow AI is a business design problem, but it can be overcome
Unsanctioned AI tools pose risks; govern, don't ban
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
AI tools are now so widely available that shadow AI has become a risk for every organization. Employees are reaching for them to summarize documents, draft emails, and analyze data - while vendors are increasingly baking AI into their products, often with poor documentation and limited options to switch it off.
The result is that staff may already be using tools that haven't been assessed or approved, potentially exposing the business to risk by unintentionally processing personal or commercially sensitive data.
Working from the DPO Centre Ltd, David is a highly qualified Data Protection Officer with wide-ranging experience across the Technology and Healthcare industries.
The key question facing organizations in 2026 is no longer whether to allow AI in the workplace, but how best to manage the AI that is already being used.
Shadow AI isn’t simply a question of employee behavior, but a sign that workplace technology is moving faster than governance.
Shadow AI is the use of AI tools inside an organization without security review, or formal governance and documented sign off from Compliance, Legal or IT teams.
‘You fix it by making the secure option just as fast and frictionless as the risky one’: Practical advice on addressing shadow AI
Shadow AI and agents like Open Claw are hijacking corporate data too easily
In practice, this usually means consumer-grade generative AI such as Chat GPT, Gemini, Claude, or Copilot, accessed through a personal account. It can also include AI features quietly embedded in approved Saa S products, browser extensions, transcription services, and the growing wave of autonomous agents.
It's the direct descendant of the shadow IT problem of the late 2000s, but with a shift from unauthorized storage to unsanctioned intelligence.
It is harder for organizations to detect, and much harder to control, with the potential consequences spreading beyond one team or one data mistake. Unlike shadow IT, which was mostly a compliance concern, shadow AI creates new risk because it can actively process information, replicate it, and act on it. This makes the impact much harder to predict and contain.
The risks: data protection and privacy compliance
IBM's 2025 Cost of a Data Breach Report found that one in five organizations had already experienced a breach linked to unsanctioned AI, adding roughly $670,000 to the average incident cost.
The more alarming finding for data protection professionals, however, isn’t the headline cost of containment - it’s what those incidents exposed. 65% of those AI-related incidents resulted in exposure of personally identifiable information, and 40% led to intellectual property theft.
What is Shadow AI, and why should your business be concerned about it?
Many firms don't know what their workers are sharing with AI tools
Tame your AI gremlins before the chaos becomes permanent
The data protection risks are considerable, especially for GDPR-regulated organizations operating in the UK and EU. When an employee pastes customer data into a free-tier chatbot, several obligations may be simultaneously breached. Article 5 demands lawful and transparent processing, which is impossible if the organization doesn't know the processing is happening.
Article 28 requires a data processing agreement with any third-party processor, and no such agreement exists between your business and Open AI or other similar services when an employee uses a personal Chat GPT account. Article 35 requires a Data Protection Impact Assessment (DPIA) for high-risk processing, which can't be performed on tools the organization isn’t aware of.
Maximum penalties can, at least in theory, reach €20 million or 4% of global annual turnover.
The incoming EU AI Act puts further obligations on deployers of high-risk systems, including strict due diligence and risk assessments on AI providers. Again, it is impossible for organizations to meet these obligations if they don’t know which systems are being used.
While the EU’s enforcement stance isn’t yet known, the potential maximum fine here is 6% of global turnover.
Beyond formal legal sanction, shadow AI could cause serious reputation risk. An incident that causes fundamental harm to individuals or exposes commercial confidentiality agreements is a breach of trust, and the damage could be irrecoverable.
Unlike files uploaded to an authorized storage service such as Dropbox, data entered into free AI tools may be much harder to retrieve or delete. The contractual terms of many free LLMs allow the provider to use prompts and outputs to train their systems, and this is one reason why these tools can be offered for free, despite their high operating costs.
Once data has been entered into the system, it may be irrecoverable as it will be added to the training dataset. There is no guarantee it can be isolated well enough to be deleted, even if the service provider is willing, and can even resurface unexpectedly.
The Samsung case of 2023 shows how quickly the risks of shadow AI can become a reality. Within weeks of the company permitting Chat GPT use in its semiconductor division, engineers had pasted proprietary source code, internal meeting transcripts, and hardware specifications into the consumer interface on at least three separate occasions.
Samsung initially responded with a blanket ban, since reversed. The lesson here is not that every organization should ban AI - it’s that without clear access controls, sensitive data can very quickly become exposed.
The most recent threats to organisations come from the rise of ‘vibe-coding’ and agentic AI. These use natural language prompts to build applications that process data, and may even make business decisions about how that data is used.
The security risks are a whole topic in itself, but failing to subject vibe-coded apps to scrutiny by your infosec team can mean basic security protocols are missing because the coder didn’t know to ask for them.
Social network Moltbook was vibe coded, and quickly exposed 1.5 million API keys and the emails of 35,000 users. It is an obvious violation of the GDPR security principle, which is the type of failing most regulators are keen to enforce.
Agents deployed without appropriate quality and review procedures can easily make incorrect or inconsistent decisions, and unchecked biases in the underlying models can discriminate against groups, including based on protected characteristics.
If this led to a denial of healthcare, or access to financial services, or employment discrimination, there is an active risk of falling foul of equality and human rights legislation.
Numbers are high already and consistently rising, as shown in Up Guard's State of Shadow AI report, which found that more than 80% of employees use unapproved AI tools at work. Netskope, drawing on cloud security telemetry from late 2024 through late 2025, found that 47% of generative AI usage in the enterprise happens through personal accounts the company doesn't oversee.
Telus Digital research found that of enterprise employees using Gen AI at work, around 68% do so with their personal rather than corporate credentials, and 57% admit to entering sensitive information into those tools. Zendesk's CX Trends 2025 reported that shadow AI tool usage in healthcare, manufacturing, and financial services grew by more than 200% year on year.
There is also a striking perception gap. Manage Engine's 2025 survey of US and Canadian workplaces found that 97% of IT decision-makers see significant risks in shadow AI, but 91% of employees see no risk, little risk, or that the risk was outweighed by the reward.
Perception gap is the key to the whole problem. Employees aren't pasting client data into Chat GPT because they want to commit a policy and compliance violation. They're doing it because it makes their job easier, and because no one has given them a safer way to get the same result.
Systematic policy violations don’t speak to lax standards or employee negligence - rather, they speak to an unmet need. The most common shadow AI tasks in Manage Engine's data include summarizing notes and calls, drafting emails, brainstorming, and analyzing reports.
These are exactly the kinds of repetitive cognitive tasks that overload employees and slows delivery. When approved tools cannot do the work quickly, employees reach for alternatives that can. Free AI tools can often offer greater functionality.
Enterprise level software needs to be at least as good as the free option, otherwise the free tool will win. Younger members of the workforce are digital natives and are used to adopting tools to get the job done and will often move faster than procurement processes allow.
Software AG's research found that 48% of employees would keep using AI tools even if their organization explicitly banned them, and As Check Point Software's analysis bluntly puts it, banning AI removes the official pathway for employees to flag a tool, and instead guarantees that all new AI in the business is shadow AI. Clearly, bans are not the way to combat the issue.
The issue of Shadow AI is now too widespread for any well-governed organization to ignore, and the companies getting this right are treating it as a signal, not an infraction.
You need to know what is happening in your organization so you can see where the pressure points are and alleviate the pressure employees so obviously feel to use unapproved tools to get the job done. This requires a wide range of stakeholders, and not just IT approving or blocking systems.
Start by mapping what's already happening. Network monitoring and Saa S discovery tools can usually surface a surprising list of AI services in active use; treat that list as research, and not as a way to discipline offenders. Ask your staff, anonymously if needed via surveys and listening sessions, so they can describe what they're trying to accomplish without fear of reprisal.
When you’ve identified what people need, provide a sanctioned alternative that's at least as good as the shadow option, with enterprise data protections behind it – nearly all free tools that staff are likely to use have enterprise versions backed up with robust security and data protection agreements.
Follow that with a short, readable policy, ideally permissive but with guardrails. Name approved tools by category or purpose, list prohibited data inputs (personal data, source code, financial projections, confidential client information).
Finally, invest in literacy training so staff understand what data goes where, and refresh it as the tools change. Keep the use cases, their actual use, and the policy under continuous review and update it regularly so you can keep ahead of staff needs before they find their own solutions.
Shadow AI is a losing battle if you treat it as a discipline problem; there are too many tools, too much demand, and it’s too easy to access. Treated as a business design problem, however, it becomes something more powerful.
Every employee who reaches for an unapproved tool is pointing at a gap, be it in the software they've been given, the workflows they're stuck with, or the support they haven't received.
Good governance doesn't just close that gap for compliance reasons - it closes it in a way that legitimately makes people's jobs easier while delivering the AI capability the business needs through the front door rather than the back.
This article was produced as part of Tech Radar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.
The views expressed here are those of the author and are not necessarily those of Tech Radar Pro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit
Working from the DPO Centre Ltd, David is a highly qualified Data Protection Officer with wide-ranging experience across the Technology and Healthcare industries.
You must confirm your public display name before commenting
1A new Switch 2 with a replaceable battery will be available soon, as Nintendo announces that it will 'no longer sell' original Switch consoles in Europe
2 Supergirl digital release date reportedly revealed amid global box office woes
3 Nearly all retailers have now implemented AI, but many are still waiting to see business value
4 Noble Osprey review: audiophile-grade earbuds marred by fit issues
5RTX 5090 users should proceed with caution using this particular PC setup
Tech Radar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.
© Future US, Inc. Full 7th Floor, 130 West 42nd Street, New York, NY 10036.
Key Takeaways
- News, deals, reviews, guides and more on the newest computing gadgets
- Start exploring exclusive deals, expert advice and more
- Unlock and manage exclusive Techradar member rewards
- Unlock instant access to exclusive member features
- Get full access to premium articles, exclusive features and a growing list of member rewards



