Shadow AI: how your own team is quietly drafting your next lawsuit
Yuliia Harkusha is a London-based AI marketing strategist, Google Product…
When founders assess legal risk, they look outward – at regulators, competitors, copyright holders. The most dangerous threat is already inside the building: a well-intentioned employee with a tight deadline and a free AI chatbot.
While leadership debates the official AI strategy in the boardroom, the reality on the ground is simpler. Developers are pasting proprietary code into public LLMs to fix bugs. Marketers are uploading client data to draft campaign copy. Finance is feeding forecasts into free tools to build board slides. None of it is malicious. All of it is invisible. And in 2026, it has a name – shadow AI – and a price tag.
The numbers are no longer speculative. IBM’s latest breach research found that shadow AI featured in one in five data breaches, adding an average of $670,000 to the cost of each incident – and that 63% of organisations had no AI governance policy at all. Meanwhile, 38% of employees admit to sharing sensitive work information with AI tools without their employer’s permission, and one in five UK companies has already experienced data leakage through employees’ use of generative AI. Source code, the crown jewels of most tech startups, is the single most commonly leaked data type.
Why this is a legal problem, not an IT problem
The Samsung incident – engineers pasting proprietary source code into a public chatbot – became famous because of who it happened to. What made it instructive is what it revealed: once data enters an unvetted public model, you have lost control of it. It may be retained, used for training, and in the worst case surfaced to someone else entirely.
For a startup, the legal consequences arrive on three fronts at once. Paste personal data into a public tool and you have a reportable breach under UK GDPR, regardless of intent. Paste confidential client material and you may have waived legal privilege and breached commercial confidentiality clauses – the kind of contractual failure that surfaces precisely when a dispute begins. Paste unreleased code or strategy and you have potentially placed trade secrets into the public domain, where they stop being secrets at all.
And crucially: it is the company that answers for all of it, not the employee. “We didn’t know they were using that tool” is not a defence – it is an admission that governance didn’t exist. As the wave of viral, AI-drafted claims grows, an unmonitored data flow is not a hypothetical risk. It is discoverable evidence waiting for a claimant. Investors have noticed too: shadow AI exposure now appears on due diligence checklists alongside data provenance, which means your team’s tool habits can cost you a funding round before they ever cost you a lawsuit.
Why blanket bans always fail
The instinctive response is prohibition: block the websites, issue a memo. This is guaranteed to fail, and the data shows why. Generative AI is no longer a novelty; it is a baseline productivity expectation, and most workplace AI use already flows through personal accounts rather than enterprise ones. Ban a tool that saves someone three hours a day and they will not stop using it – they will use it on their phone, moving the data flow entirely outside your security perimeter. The risk doesn’t shrink. It just becomes unauditable.
This is the error I see startups repeat constantly: treating AI adoption as a technical problem to be blocked rather than a behavioural shift to be managed. As I’ve argued before about what startups get wrong about AI, the failure point is almost never the technology. It is the absence of any deliberate answer to how humans will actually use it.
From prohibition to adoption
Dismantling shadow AI is a change-management exercise, not a firewall configuration. The startups doing this well follow a consistent pattern:
- Provide sanctioned alternatives first. You cannot remove a tool without replacing its utility. Deploy secure, private AI workspaces where data is ring-fenced and excluded from external training – then make them genuinely easier to use than the public ones
- Draw crystal-clear no-go zones. AI literacy is more than prompting. Teams need short, accessible rules on exactly what can never touch an external AI system: client financials, personal data, unreleased code, anything under NDA. One page, not a forty-page policy nobody reads
- Build visibility into sanctioned tools. You cannot govern what you cannot see. Usage analytics inside approved tools let leadership spot high-risk patterns before they become incidents – and produce the audit trail that regulators and due diligence teams increasingly expect
- Train for judgement, not compliance. Most shadow AI incidents come from ignorance, not malice. The goal is a team that understands why the rules exist – because those teams follow them when nobody is watching
The human factor
AI will not break a startup’s culture. It will rapidly expose the flaws that were already there. A company where employees hide their tools from leadership does not have an AI problem; it has a trust and process problem that AI has made legally expensive.
The founders navigating 2026 well have understood that their most critical AI infrastructure is not the codebase. It is the team. Invest in genuine adoption – sanctioned tools, clear boundaries, honest training – and shadow AI largely disappears, taking a whole category of legal exposure with it. Ignore it, and somewhere in your company, right now, someone is pasting your future lawsuit into a chatbot.
For more startup news, check out the other articles on the website, and subscribe to the magazine for free. Listen to The Cereal Entrepreneur podcast for more interviews with entrepreneurs and big-hitters in the startup ecosystem.




