The Definition

What Is Shadow AI?

Shadow AI is the use of artificial intelligence tools — ChatGPT, Microsoft Copilot, Google Gemini, free AI writing assistants, AI transcription services — by employees without authorization from their organization. It is called "shadow" because it operates outside official IT governance, procurement reviews, and policy frameworks. The organization doesn't know it's happening, which means it can't protect against the risks it creates.

The term is an evolution of "shadow IT" — the long-standing problem of staff using unsanctioned software. AI tools have accelerated the pattern dramatically because they are free, highly capable, and genuinely useful for exactly the kinds of tasks municipal staff do every day: drafting documents, summarizing meetings, answering routine questions, generating form letters.

48% of Canadian public servants already use AI tools on the job. Only 22% of organizations have a formal AI adoption policy. (KPMG Canada, 2025.) The gap between usage and governance is widest in small and rural municipalities, where AI tools are spreading fastest and policy capacity is most limited.

What's Actually Happening

What Municipal Staff Are Using AI To Do

Shadow AI in municipalities is not dramatic. It doesn't look like a breach. It looks like a staff member getting their work done faster. Common scenarios include:

  • Pasting a ratepayer complaint into ChatGPT to draft a response letter — including the ratepayer's name, address, and the nature of their complaint.
  • Uploading audio from a council meeting to a free AI transcription tool to generate meeting minutes — including discussions that may reference individuals by name.
  • Using an AI writing assistant to draft a bylaw or permit correspondence that includes civic addresses and property owner details.
  • Asking an AI tool to summarize a performance review or HR document to prepare for a staff meeting.
  • Using a consumer AI tool on a personal device, while working from home, to process work that involves citizen data.

In each of these scenarios, personal information — information that is subject to provincial privacy legislation — has been entered into a system that your municipality did not procure, has no data processing agreement with, and has no visibility into. Whether that data was used to train the AI model, retained by the platform, or simply processed and discarded, your municipality cannot know. And without a policy, you have no way to respond if something goes wrong.

The Legal Exposure

Why Shadow AI Is a Privacy Problem, Not Just an IT Problem

Canadian municipalities are public bodies subject to provincial privacy legislation. In Alberta, that means the Access to Information Act (ATIA) and the Protection of Privacy Act (POPA). Equivalent legislation governs public bodies in every other province — MFIPPA in Ontario, FOIPPA in BC, FIPPA in Manitoba.

These laws are explicit: personal information may only be collected, used, and disclosed for purposes authorized under the legislation. When a staff member enters citizen data into an external AI platform without authorization, that constitutes a disclosure — the personal information has been shared with a third party outside the municipal system. Depending on the circumstances and the data involved, this may constitute a privacy breach requiring notification to the Office of the Information and Privacy Commissioner (OIPC) and to the affected individuals.

The absence of malicious intent doesn't change the legal exposure. A staff member who uses ChatGPT to draft a better response to a difficult ratepayer has not done anything wrong from a personal standpoint — they were trying to do their job well. But the municipality that has no policy governing that behaviour, no training explaining the risk, and no Privacy Officer accountable for the outcome is in a fundamentally different position than one that does.

The Response

How to Address Shadow AI Without Banning It

A prohibition alone does not work. Staff will continue using tools they find helpful, whether or not a policy exists — especially when those tools genuinely make their work better and the prohibition feels arbitrary. The effective response governs AI use rather than attempting to eliminate it.

A compliant response has five components:

  • Designate a Privacy Officer — someone formally accountable for AI governance, with the authority to make decisions about sanctioned tools and the obligation to manage breaches.
  • Conduct a personal information inventory — understand what data your staff are working with so you can assess the risk that shadow AI creates.
  • Draft and adopt an AI Acceptable Use Policy — specify which tools are sanctioned, what data may and may not be entered, and the consequences of unauthorized use. This is the governance control.
  • Deliver staff training — explain both the risk and the approved alternatives. Staff who understand why the policy exists are far more likely to follow it.
  • Build a review cycle — the AI landscape changes faster than any policy written today will remain current. Quarterly review of sanctioned tools is not excessive given the rate of change.

This is not a technology problem. It is a change management problem — which is why the most important first step is not finding the right software, but designating a human being who is accountable for it.

Common Questions

Frequently Asked Questions

Is shadow AI common in Canadian municipalities?

Yes. KPMG Canada (2025) found that 48% of Canadian public servants already use AI tools on the job, but only 22% of organizations have a formal AI adoption policy. In most small and rural municipalities, the gap is even wider — staff use AI tools because they are genuinely helpful, with no awareness that doing so may violate provincial privacy legislation.

Does Microsoft Copilot count as shadow AI if we already use Microsoft 365?

Microsoft Copilot is a licensed product that requires a separate subscription and organizational configuration — it is not automatically included in Microsoft 365 licenses. If staff are accessing Copilot through personal Microsoft accounts or using the free web version (copilot.microsoft.com) without organizational provisioning, that use is unsanctioned and constitutes shadow AI. Even the enterprise version requires a data processing agreement review before it can be considered sanctioned under ATIA/POPA.

What if our staff are using AI on personal devices?

The device ownership does not change the analysis. If an employee enters municipal data — ratepayer information, council materials, HR records — into an AI tool on a personal device, the privacy exposure is the same. Your AI Acceptable Use Policy must address both work and personal devices when used for work purposes.

What are the consequences if we ignore shadow AI?

The most immediate risk is a privacy breach that triggers OIPC notification requirements and damages public trust. The longer-term risk is being found non-compliant with the Privacy Management Program requirements under ATIA and POPA — requirements that have been in effect since June 11, 2026. Municipalities with no shadow AI governance and no Privacy Management Program are in the weakest possible position if a complaint is filed.