Shadow AI in Marketing: What I Actually See
TL;DR
Direct answer: Shadow AI is the use of AI tools inside your marketing team that leadership hasn't approved, inventoried, or set policies around. It is already happening in your organization. The risks aren't theoretical — they include client data exposure, collapsed reporting integrity, and compliance failures that don't show up until an audit or an incident. The fix isn't banning tools. It's building a lightweight governance layer before the next tool gets embedded in your workflow.
---
The Conversation That Starts Every Audit
I get called in to look at marketing systems. Usually it starts with something specific — a dashboard that doesn't match, a campaign that can't be attributed, a handoff that fell apart. But once I'm inside the stack, something else almost always surfaces within the first two days.
Someone mentions that they've been using ChatGPT to draft emails. A coordinator tells me she runs all her campaign briefs through Claude before submitting them. The digital manager pulls up a workflow in Make.com that feeds CRM data into an AI summarization step he built six months ago. The content lead shows me a Notion database where AI-generated first drafts are filed before editing.
None of these tools appear in the official stack inventory. None of them have been reviewed by legal, IT, or the CMO. None of the data flows have been assessed for risk. And everyone involved assumed someone else knew about it.
This is shadow AI. And in 2026, it is one of the most consistent findings I encounter across mid-market marketing teams — regardless of industry, company size, or the sophistication of the rest of their operations.
I want to be precise about what I mean, because the term gets used loosely. Shadow AI isn't about employees being reckless or malicious. In the vast majority of cases, the people using these tools are trying to work smarter. They're trying to keep up with content volume, speed up analysis, or get unstuck on a brief. The problem is structural, not motivational. The problem is that the organization doesn't have the systems to match the pace at which these tools are being adopted.
---
What Shadow AI Looks Like in Practice
Before I get into the risks, I want to describe the actual patterns I observe. The phrase "shadow AI" can conjure images of employees secretly running sensitive documents through rogue chatbots, which isn't quite accurate — or at least, it's not the whole picture.
Pattern one: Personal AI accounts used for work tasks. According to available research, approximately 38% of employees using AI tools for work are doing so via personal accounts — accounts they pay for themselves, accounts that exist outside the organization's procurement and data agreements, and accounts the company has no visibility into. In practice, this looks like a content writer using their personal ChatGPT Plus account to draft product pages because the company hasn't provisioned a team account. Or a marketing analyst running competitive research through Perplexity without going through IT. The issue isn't the tool. It's that the data that gets entered into those sessions — customer personas, messaging drafts, campaign performance data, even CRM exports — is leaving the organization through an unmonitored channel.
Pattern two: Conflicting AI-assisted analyses producing contradictory conclusions. This one is harder to see until you're looking for it. Two members of the same team run separate analyses of the same dataset using AI tools. They get different outputs — because they used different models, different prompts, different context windows. Neither one knows about the other's analysis. The result is two sets of recommendations sitting in two slide decks that say different things. In a team of any size doing any volume of reporting, this compounds quickly. I've sat in rooms where a CMO and a digital manager were actively arguing about a metric because they each had AI-assisted reports that reached opposite conclusions. Both were confident. Neither analysis was wrong, exactly. They were just incompatible — and there was no audit trail.
Pattern three: AI features embedded inside tools that teams already trust. This is the sneakiest pattern. Your team isn't adopting a new AI tool. A tool they already use has added AI features — Salesforce Einstein, HubSpot's AI content assistant, Notion AI, Google Analytics 4's built-in insights, the AI writing assistant in your email platform. These features are often enabled by default or activated with a single click. Most users assume that because the platform is enterprise-approved, the AI features are enterprise-approved too. That assumption is often wrong. The data handling rules for AI features within a platform are frequently different from the data handling rules for the rest of the platform. I've reviewed MSAs where the AI feature addendum had materially different terms around data training and retention than the base contract. The legal and IT teams that originally approved the platform rarely review the feature addenda when AI capabilities are added mid-contract.
Pattern four: AI-generated content published without meaningful review. Volume pressure is real. Content teams are being asked to produce more with the same headcount. AI-generated drafts — whether from standalone tools or embedded platform features — are moving through editorial pipelines faster than those pipelines were designed to handle. The review steps that existed for human-written content are being applied inconsistently or skipped. The result is published content that reflects AI hallucinations, outdated claims, or messaging that doesn't match the brand voice that was painstakingly developed. I've found active lead generation content on client sites that cited statistics that don't exist, made claims about products that were no longer accurate, and used competitor names in ways that created legal exposure. In every case, the content was AI-assisted and the review process had eroded.
---
Why It Matters: The Real Risks
I'm going to be direct about the risks because they are often understated. The conversation around shadow AI tends to focus on hypothetical future risk — "what if something goes wrong." I want to focus on what is already going wrong.
Data exposure is not a hypothetical. Research on enterprise AI usage patterns suggests that teams doing substantive AI-assisted work are generating data exposure events at a rate of 200 or more per month per organization. These aren't necessarily reportable breaches. They're moments when data that should have stayed inside the organization's systems — customer information, proprietary campaign data, pricing models, internal strategy documents — was entered into an external AI system under terms that the organization didn't review. Most of these events will never surface as incidents. Some will. The organizations that have built AI governance before an incident are in a fundamentally different position than the ones that are building it after.
Reporting trust is collapsing. A finding I see consistently: approximately two-thirds of the marketing dashboards I review contain data that the team itself considers unreliable — but continues to report. Why? Because the process of generating the report has become so complex, with so many AI-assisted transformation steps in the middle, that no one can fully account for every number. They report it anyway because leadership expects a report. Shadow AI accelerates this problem because it introduces additional untracked transformation steps. An analyst uses an AI tool to clean data, summarize findings, or reformat a dataset. The transformation is reasonable. But it's not documented. The next person in the chain doesn't know it happened. The report goes out. Three months later, a different analyst runs the same source data through a different tool and gets a different number. Neither one is wrong. But the organization has no way to know which one to trust.
Compliance exposure is real and growing. Seventy-six percent of mid-market companies that have undergone compliance reviews related to AI data practices have found gaps — gaps between what their policies say and what their teams are actually doing. For marketing teams in regulated industries — insurance, financial services, healthcare, legal — the stakes are higher. But even in unregulated industries, the exposure is significant. Vendor contracts routinely have data handling provisions that restrict how customer data can be shared with third-party services. AI tools are third-party services. If your team is entering customer contact information into an AI tool to personalize outreach, and that tool's data handling terms conflict with your customer contract or privacy policy, you have a compliance problem. Not a future problem. A current problem.
---
The Pattern I See Most Often
If I had to describe the single most common shadow AI scenario I encounter in mid-market marketing teams, it looks like this.
A high-performing individual contributor — often someone who joined in the past two years and came in already comfortable with AI tools — starts using an AI tool to do their job faster. They get better results than their peers. Their manager notices. Their manager either explicitly or implicitly encourages the approach. Others on the team start doing the same thing, following their lead. Within six to twelve months, the team has a soft norm around AI-assisted work that never got formally evaluated or documented.
Then one of three things happens. A client raises a concern about how their data is being used. A compliance review surfaces the data flows. Or a new team member, following the informal norm, does something with an AI tool that causes an actual incident — a data export that shouldn't have happened, a draft that went through an unsanctioned tool and contains something that creates liability.
At that point, leadership finds out. Not from an orderly governance process, but from a crisis. The conversation they have then — about what tools are in use, what data has moved through them, what the current exposure is — is the same conversation I help organizations have before the crisis, at a fraction of the cost and stress.
The hard part about this pattern isn't fixing it. The hard part is that the individuals involved were doing their jobs well. They were resourceful and initiative-driven. A governance response that treats them as wrongdoers misses the point entirely. The problem wasn't the initiative. The problem was the absence of structure to channel it.
---
What Not to Do
I want to address the wrong responses first, because they're common and they make the problem worse.
Don't ban tools categorically. A blanket prohibition on AI tools will not stop their use. It will push the use further underground. It will create resentment among your best performers — the ones who are already working efficiently and productively. And it will signal to your team that leadership is out of touch with how modern marketing work actually gets done. I've seen organizations issue sweeping AI bans and find, in the next audit, that usage had simply become less visible. The shadow got darker.
Don't launch a governance committee that takes eighteen months to produce a policy. I understand the impulse to do this thoroughly. But the risk accumulates while the committee deliberates. Shadow AI governance doesn't need to be perfect before it starts. It needs to exist. A working one-page policy with a short approved-tool list is immeasurably better than an exhaustive policy framework that arrives after the next incident.
Don't outsource the responsibility to IT. IT can help implement governance. They shouldn't be asked to define it. Marketing AI governance requires understanding how marketing work actually happens — the workflows, the data flows, the vendor relationships, the content pipeline. IT can evaluate security controls. They are poorly positioned to determine whether the way your content team is using Claude poses a brand or compliance risk. That determination requires marketing expertise.
Don't assume that enterprise-grade platforms have already handled this. As I mentioned above: the fact that a platform is enterprise-approved does not mean that its AI features are enterprise-approved. AI features are frequently added to established platforms after the original procurement review. Assume nothing. Check the specific data handling terms for specific AI features, separately from the base platform terms.
---
A Practical Path Forward
I'm going to give you the five-step process I use when helping organizations build their first AI governance layer. This isn't a comprehensive enterprise AI governance framework. It's the minimum viable version — the thing you can build in four to six weeks that will address the most significant risks while you work toward something more complete.
Step 1: Inventory what's actually in use.
You cannot govern what you don't know about. Before you can assess risk, you need an honest inventory of the AI tools and features your marketing team is currently using — regardless of whether they've been approved, documented, or discussed. The goal of the inventory isn't to create a violation list. It's to create a starting point.
I typically run this as a short anonymous survey combined with a stakeholder interview. The anonymous component matters — people will tell you what they're actually using if they're not worried about being singled out. The interviews let you understand the workflows, not just the tools. Ask: What tool are you using, for what type of task, and what data goes into it?
Step 2: Classify tools by risk tier.
Not all AI usage creates equal risk. A team member using an AI tool to brainstorm headline variations for a campaign — with no customer data involved — is a different risk profile than a team member using an AI tool to summarize CRM export files.
I use a simple three-tier classification:
- Tier 1 (Low risk): No customer data, no proprietary competitive data, no regulated data. Brainstorming, drafting from scratch, research on public information. - Tier 2 (Moderate risk): Internal data, non-customer data, aggregated campaign performance data. Requires approved tools with enterprise data agreements. - Tier 3 (High risk): Customer data, regulated data, confidential vendor or partner information. Requires explicit review, approved tools with specific contractual protections, and documented workflows.
Your risk tier definitions should reflect your industry and your existing data agreements. The point is to create a simple decision framework that individual contributors can apply without needing to escalate every question.
Step 3: Build an approved-tool list.
Take the inventory from Step 1, apply the risk tiers from Step 2, and produce a short list of tools that are approved for specific use cases. "Approved" here doesn't mean the tool is perfect. It means the organization has reviewed the data handling terms, made a considered decision about the risk profile, and is prepared to stand behind that decision.
Procurement this list through whatever channel your organization uses for vendor approvals — even if the tools are free. A tool that is free to the user can still have data terms that create organizational liability. The act of formally approving the list also creates a clear process for adding new tools as the landscape evolves.
Step 4: Write a one-page policy.
One page. I'm serious about this. A policy that lives in a 40-page document does not get read. It does not change behavior. Write a policy that covers: which tools are approved for which risk tiers, what data is off-limits for any AI tool, how to request approval for a new tool, and what to do if you're unsure. Make it easy to find. Make it easy to understand. Make it feel like guidance rather than restriction.
A one-page policy also serves a practical governance function: it creates a documented standard against which future audits can be evaluated. If an incident occurs, the organization can demonstrate that reasonable governance was in place. That matters both legally and operationally.
Step 5: Build in a quarterly review.
The AI tool landscape changes faster than any policy can anticipate. What is appropriate today may be outdated in six months. What was risky six months ago may now have adequate enterprise controls. The governance layer you build isn't designed to be permanent — it's designed to be living.
A quarterly review of the approved-tool list, the risk tier classifications, and any incidents or near-misses that occurred in the previous quarter is not a large investment of time. It's one meeting with the right people. The payoff is a governance posture that stays current with the actual environment your team is operating in.
---
What It Looks Like When It Works
I want to end with the positive case, because governance conversations can feel heavy. What I've seen in organizations that have built even a minimal AI governance layer is consistently better than what I see in organizations that haven't.
Team members know which tools to use. They don't have to guess whether a particular tool is acceptable for a particular task. That clarity reduces decision fatigue and actually speeds up workflows — the opposite of what people expect governance to do.
Reports are trusted. When there's a documented, consistent process for how data moves through the marketing function — including through AI tools — the outputs of that process carry more weight. Stakeholders trust the numbers because the process that generated them is transparent and repeatable.
Incidents get caught earlier. A team with a documented governance layer is a team that has already had the conversation about risk. When something looks off — a data flow that shouldn't exist, an output that doesn't make sense — people know how to flag it and where to go. The incident doesn't escalate into a crisis.
And perhaps most importantly: the high-performing, initiative-driven team members who were already using AI effectively become the foundation of a healthier system, rather than a liability. Their knowledge of what works gets folded into the approved-tool list. Their workflows become the reference point for the policy. They're not punished for being early adopters. They're recognized as the people who helped the organization figure this out.
That's the version of AI governance I try to build. Not compliance theater. A practical system that matches how work actually happens.
---
A Note on This Work
If you're a marketing leader reading this and recognizing your organization in any of these patterns, the first step doesn't have to be a formal engagement. I offer a free clarity call where we can talk through what you're seeing, what the actual risk exposure might be, and what a practical first step looks like.
Shadow AI governance doesn't have to be a large project. It usually starts as a conversation.
If you're also thinking about the external side of this — how AI answer engines like ChatGPT, Perplexity, and Claude are describing and citing your brand — that's a separate but related question. See the AEO/GEO Retainer for what that tracking looks like in practice.
---
*Blair Koorsen is the founder of Veriqo Studio, a marketing systems consultancy based in Chicago, IL. She works with founders, mid-market teams, and in-house marketing departments on systems, strategy, and operations. Her work focuses on building marketing functions that are measurable, sustainable, and governable — with or without AI in the stack.*