Shadow AI
Shadow AI is employees using AI tools their organization hasn't approved or doesn't know about — pasting work into a consumer chatbot, wiring up an unsanctioned agent. It's where a lot of real AI adoption actually happens, and where the governance and data-leak risk lives.
Also known as: shadow AI
Shadow AI is the AI equivalent of shadow IT: tools adopted bottom-up by individuals and teams, outside official oversight. People reach for whatever helps them get work done — a consumer chatbot, a browser extension, an agent they spun up themselves — well ahead of any sanctioned rollout.
It’s a double-edged signal. The upside is that it shows where AI creates value, faster than any top-down strategy will. The risk is real too: sensitive data pasted into tools with no data agreement, and ungoverned agents taking actions no one is tracking. Banning it tends to drive it further underground; the workable response is to channel it — give people approved tools that are good enough to use, an inventory of what’s running, and clear rules — which is exactly the job of AI governance.