Ask any organisation who uses AI for work and you get two answers. The official one: “we don’t have a policy for that yet.” And the honest one, by the coffee machine: “everyone — just on your own phone.”

That second answer is shadow AI: employees using AI tools for work tasks without the organisation knowing or approving. It is the AI variant of shadow IT — the familiar phenomenon of teams arranging their own tools when official systems fall short. It happens in virtually every sector, from healthcare and education to construction and professional services.

Why shadow AI happens

Shadow AI is rarely malicious. It emerges because three things are true at the same time:

So the question to ask about shadow AI is not “why won’t staff follow the rules?” but “what need are they meeting, and why can’t they meet it through official channels?”

The real risks (without exaggeration)

Shadow AI is no cause for panic, but the risks are real. They fall into four categories.

1. Personal data and the GDPR

The biggest practical risk. Anyone pasting a customer file, job application or student report into a private chatbot is sharing personal data with an external party the organisation has no data processing agreement with. That can amount to a reportable data breach. The nasty part about shadow AI: the organisation does not even know it is happening, so it cannot report or remediate anything. More on this in our article on GDPR and AI at work.

2. Business information and intellectual property

Personal data is not the only sensitive material. Quotes, pricing agreements, source code, draft plans, internal memos: entering those into a consumer tool puts confidential information outside the door. With some tools, that input may be used for model training or reviewed for quality purposes. Client contracts also frequently contain confidentiality clauses — and those apply just as much when the leak runs through a chatbot.

3. Quality without a safety net

AI output sounds confident even when it is wrong. Within an approved process there are counterweights: four-eyes checks, editing, review. With shadow use, that safety net is missing by definition — nobody knows the text, calculation or summary came from AI in the first place. Errors slip unseen into quotes, advice and reports.

4. Compliance and accountability

Article 4 of the European AI Act (Regulation (EU) 2024/1689) has required organisations, since 2 February 2025, to ensure sufficient AI literacy among staff dealing with AI. An organisation that officially “does not use AI” while it happens everywhere in practice will struggle to meet that obligation: you cannot equip people for something you deny exists.

Why banning does not work

Many organisations’ first reflex is a ban: block AI websites on the network, send a memo that use is not permitted. It feels decisive, but in practice it merely relocates the problem:

A ban turns a visible learning problem into an invisible risk. That is almost always a worse position.

Key point: shadow AI is a signal, not a crime. It tells you what your staff need and where your policy and provisions lag behind. Treat it as information and you can steer. Treat it as an offence and it goes underground.

What works instead: channelling in four steps

Step 1: map what is already happening

Simply ask — anonymously if that is what honest answers require. Which tools do people use, for which tasks, with what kind of data? Make it explicit that this is a baseline measurement, not a witch hunt. The outcome is almost always more instructive (and larger) than expected.

Step 2: offer an approved alternative

Channelling only works if the legitimate route is at least as easy as the workaround. Select one or a few AI tools the organisation approves — preferably business versions with proper data processing terms — and make them available to everyone. A good alternative resolves most shadow use by itself.

Step 3: set clear, short rules

Not a thirty-page document, but a handful of clear agreements: which tools are allowed, which data must never go in, when a human checks the output, and where to report doubts or mistakes. We describe how to draft such a policy in writing an AI policy.

Step 4: train your people

Rules without understanding get circumvented; understanding without rules becomes arbitrary. Employees who grasp why a customer file does not belong in a free chatbot — and how to use AI safely and effectively instead — do not need a ban. That is precisely what Article 4 of the AI Act means by AI literacy, and it is the most durable form of risk management there is.

In summary

  1. Shadow AI emerges where a need exists and an approved alternative does not — not from bad intent.
  2. The real risks: personal data, confidential business information, unchecked errors, and compliance you cannot demonstrate.
  3. Banning drives use underground and makes the risks bigger, not smaller.
  4. Channelling works: take stock, offer an alternative, set short rules, and train your people.

Curious how AI-literate your team is right now? The free quiz gives a first impression. For a structural approach per team or organisation, see the AI literacy course or the options for employers.