European privacy watchdog warns of data breach risks from unauthorised AI use

The European Data Protection Supervisor (EDPS), the privacy watchdog for European institutions, has issued a warning about the use of AI tools by employees outside their organisation's official IT environment. This phenomenon, referred to as 'shadow AI', poses a considerable risk of data breaches and violations of applicable laws and regulations, including the GDPR and rules on data retention, according to the supervisor.

The warning concerns situations in which employees independently make use of publicly accessible AI services, such as chatbots or text and image generators, for work-related tasks. Because such tools are generally not approved by the organisation's own IT or compliance department, they fall outside the organisation's oversight. Sensitive business or personal data processed through such tools may consequently end up with external providers without the appropriate legal or technical safeguards in place.

The EDPS warning is aimed primarily at European institutions and public bodies, but the underlying issue is broadly relevant to any organisation that handles confidential data.

What exactly is shadow AI

The term 'shadow AI' is derived from the broader concept of 'shadow IT', which has long been familiar in security circles. Shadow IT refers to software, services or hardware that employees use without the knowledge or approval of their own IT department. With the wide availability of free and low-threshold AI tools, this phenomenon has accelerated significantly.

In practice, this involves employees having a report summarised by an external chatbot, entering customer data into a translation tool based on a large language model, or uploading internal policy documents to an AI writing assistant. In all such cases, the data leaves the employer's secure environment, without it being clear how the provider processes, stores or potentially reuses that data for training purposes.

What risks does the EDPS identify

The EDPS points to several concrete risks. First, there is the danger of data breaches: personal data entered into unapproved tools may be stored on servers outside the European Economic Area, where different privacy rules apply. This is in conflict with the General Data Protection Regulation (GDPR).

Second, the supervisor highlights risks related to data retention. Organisations are legally required not to retain data longer than necessary. When data is processed through an external AI tool, the organisation loses control over how long that data is retained by the provider.

There is also the risk that confidential or classified information may inadvertently become publicly accessible, or that the outputs of AI tools may be used for decisions without the legally required human oversight having taken place.

Responsibility rests with the organisation

A key point in the EDPS's reasoning is that legal responsibility for the processing of personal data remains with the organisation, even when an employee acts individually. If a data breach occurs because an employee has entered sensitive data into an unapproved AI tool, the employer remains the data controller within the meaning of the GDPR.

This means organisations cannot limit themselves to prohibiting shadow AI in a policy document. They are also required to implement technical and organisational measures that genuinely prevent unauthorised use, and to adequately inform employees about which tools are and are not permitted.

Broader context: AI use in the workplace is growing rapidly

The EDPS warning comes at a time when the use of AI tools in the workplace is increasing sharply. Research by McKinsey and Gartner, among others, shows that a significant proportion of employees in knowledge-intensive sectors use AI tools for daily tasks, but that organisations have often failed to keep pace with the introduction of approved policies in this area.

In the Netherlands, the Autoriteit Persoonsgegevens (AP) supervises compliance with the GDPR. The AP has previously indicated that it is closely monitoring AI applications, but has not yet specifically commented on shadow AI in the context of this EDPS warning. Dutch organisations are subject to the same GDPR obligations as European institutions, although the EDPS formally addresses only the EU institutions themselves.

What can organisations do

The EDPS also makes a number of recommendations in its warning. Organisations are advised to establish a clear AI policy that informs employees about permitted and non-permitted tools. It is also recommended that approved alternatives be made available, so that employees are not compelled to turn to external solutions.

• Establish an internal register of approved AI tools and the associated data processing agreements.
• Train employees in conscious and safe AI use, including the risks of sharing personal data.
• Monitor network traffic and application usage in order to detect unauthorised tools in a timely manner.
• Conduct a data protection impact assessment (DPIA) before any new AI tools are deployed organisation-wide.

The full EDPS warning has been published on the supervisor's website. The document is intended as guidance for data protection officers (DPOs) within European institutions, but also provides useful frameworks for private organisations seeking to sharpen their AI policy.