Shadow AI Prevalence

The persistent use of AI tooling outside the function's sanctioned stack — personal accounts, browser plug-ins, consumer-grade LLMs handling matter-grade work. Shadow AI is the canonical Pillar 6 / Pillar 4 risk vector.

First observed: 1 June 2025

Last reviewed: 27 May 2026

Maturity implication

High Shadow AI prevalence is a Foundational/Operational maturity signal. By Integrated, sanctioned tooling has displaced Shadow AI through better operating discipline — not through prohibition.

Articles surfacing this signal

Anchor Essay
Risk Taxonomy 2026 — The Nine Classes of Legal AI Risk
22 May 2026

Signal status

Velocity: Steady
Status: Tracking
First observed: 1 June 2025

Pillars engaged

Canonical term

Shadow AI →

AI tools or capabilities used by legal function staff without formal approval, governance oversight, or organisational awareness. Shadow AI creates undisclosed risk exposure — privilege breach, uncontrolled data processing, and audit gaps — regardless of individual intent. Detection, policy enforcement, and AI Inventory integration are P4 Governance priorities. 'Rogue AI' and 'Stealth AI' are forbidden synonyms.

← Back to Intelligence