More than a third of professional workers are using unsanctioned artificial intelligence tools for work, a global survey by Thomson Reuters found, raising concerns about the rise of “shadow AI” and its cybersecurity implications.

Unapproved AI tools could be exposing internal data without an employers’ knowledge, warned the report, which the company published Monday.

“It creates legal and regulatory risk that sits outside the organization’s visibility,” Thomson Reuters CEO Steve Hasker told The Logic. By way of example, he pointed to court cases in which lawyers used AI without approval, dinging their firms’ reputations when other lawyers caught the mistakes.

The Toronto-based company surveyed 1,816 workers in 62 countries this spring, covering law, accounting and compliance departments. About 34 per cent reported using unauthorized AI.

The report flags mounting cyber and reputational risks of shadow AI—where workers use consumer-grade chatbots for business tasks—and challenges the narrative that slow adoption explains poor returns on investments in the technology.

“The employees are ahead of the organization,” said Hasker.

There’s a growing consensus that workers taking AI into their own hands poses risks. Microsoft released tools last month to help companies detect shadow AI, while the Canadian Centre for Cyber Security warned the phenomenon is a top concern if companies want to stay onside privacy laws and contract obligations. Among the hazards the centre highlighted: hackers use “prompt injections” to sneak commands into AI chatbot queries, overriding guardrails to hijack the bot. 

Awareness of the issue is spreading across corporate Canada, as courts raise questions about how much companies can guard information that’s already been shared with external chatbots, said Stephen Burns, a Calgary-based partner at Bennett Jones. In February, for instance, a U.S. federal judge ruled that information shared with Claude would not be considered privileged in litigation because the chatbot was a “third party.” 

“It’s an area that keeps executives up at night,” Burns said. “You don’t know what tools are being used to assist in decision-making.” 

An IBM survey last year found that 21 per cent of Canadian workers using AI rely entirely on personal apps, not platforms approved or provided by their employers. Dustin Heywood, the executive managing hacker at IBM’s global security force in Alberta, said cyber experts are alarmed because off-the-shelf consumer models may incorporate users’ chat histories into model training, share data with advertisers, or process data in the U.S.  A worker vibe coding off the side of their desk could add thousands of dollars to the cost of a data-breach investigation, forcing firms to track down everything that’s left the corporate chain of custody.

Heywood, who previously worked in banking, said companies that handled sensitive personal information spent a decade securing their cloud systems, only to see it “undone in the last six months.” 

The conventional understanding of digital sovereignty, where an organization owns, controls and and tracks its data, “is basically blown away by one employee sitting at their desk trying to automate their job,” Heywood said. 

As AI costs and risks both rise, companies may be tempted to slam the brakes on the technology. But Hasker and Heywood said it’s unlikely to stop employees from inventing workarounds for slow corporate processes. In Thomson Reuters’ survey, about 41 per cent of workers who felt that their companies were AI laggards also reported using shadow tools.

Thomson Reuters itself has faced technology and workplace challenges over the past six months, as investors sold traditional software stocks in favour of new AI challengers, and the company’s employees questioned its work with U.S. Immigration and Customs Enforcement, known as ICE. (Hasker declined to comment on whether Thomson Reuters has completed its ICE contract that expired in May, but said it’s inaccurate to suggest it is involved in deportation or surveillance.)

Still, Hasker said the company is seeing return on its internal AI investments, arguing that goal is achievable with the right “change management.” 

While some companies have launched “tokenmaxxing” efforts to push their workforces to embrace AI, it may be that some employees just dislike the official options. Last year, MIT researchers wrote that shadow AI users were using large language models multiple times a day through personal tools, while their companies’ official AI initiatives remained stalled in the pilot phase. 

Individual users within businesses “are remarkably good at running around” friction, said Heywood, in this case by vibe coding.

“If they do that, then the compliance teams now have to track not just one big internal problem,” he said, “but these 100 splinter problems. 

“Every time they knock one out, 10 more pop up.”