One day, there was a malfunction. While waiting for the vendor’s repair crew to arrive, some of the assembly line workers tried dismantling the machines and discovered the microphones. The asembly line manager was livid that the vendor never informed — let alone asked — before installing what he saw as spy devices in his environment.
GenAI tools are being snuck into products at a far greater pace. To be fair, vendors are generally announcing that they are now using AI — especially when they are indeed not using it. But they are rarely sufficiently specific for an enterprise IT team to make an informed decision. And it’s certainly not specific enough to answer the questions of any regulator.
From the perspective of IT, the difference between Shadow AI and Sneaky AI is vast. IT can demand that employees and contractors not use unauthorized systems, but IT management does not have the tools nor the time to investigate Shadow abuses. Candidly, if an employee grabs their phone, accesses ChatGPT and then uses that answer in their document, how could anyone in IT possibly know?