Why is Shadow AI dangerous for diplomats?

Published on November 29 2025

Shadow AI poses a dual threat to modern diplomacy: it creates vulnerabilities for security breaches and erodes protected knowledge assets. To counter this challenge, the following analysis delves into the nature of Shadow AI and proposes effective pathways for diplomatic services to regain control.

Shadow AI refers to the use of tools like ChatGPT and DeepSeek, often on personal accounts for clearly official tasks, such as drafting reports from meetings, preparing talking points, translating notes, or summarising lengthy documents.

For diplomats, this is deeply attractive as LLMs provide speed, efficiency, and stylistic polish.

Yet diplomacy is a profession of discretion and sometimes secrecy. Shadow AI introduces a structural contradiction: the more diplomats rely on commercial AI platforms, the greater their risk of undermining the confidentiality and discretion on which diplomatic practice is based.

Behind Shadow AI lies the ‘two-speed’ problem of rapid technological changes and slow institutional adaptation. Diplomatic services take years to provide secure, in-house AI solutions. In the meantime, AI platforms are literally one click away on diplomats’ phones and laptops.

The paradox is that secure in-house AI, based on open-source models, is technically feasible and financially affordable. The bottleneck for AI transformation is much less technical than organisational: how foreign ministries value, preserve, and utilise knowledge as their core asset. The experience and curiosity of those who experimented with LLMs in Shadow AI style should be considered to be a critical asset.

Historical echo: from ‘digital dark age to Shadow AI

Shadow AI is not the first time that digital tools have outpaced institutional memory practices. Archivists have warned of a “digital dark age” to describe how records from the late 1990s and early 2000s were lost because institutions were still geared to paper files, while records shifted to electronic form: emails, early websites, and word-processing files.

To recover these traces, “digital archaeologists” scour obsolete storage media, long-abandoned websites, and private email archives, attempting to reconstruct what institutions once knew and decided.

A 2024 Pew Research Centre study illustrates how fragile digital memory can be: 38% of webpages that existed in 2013 were no longer accessible by 2023, and about a quarter of all pages seen at any point between 2013 and 2023 had disappeared by late 2023. Much of this loss is unintentional: links break, hosting is discontinued, formats become obsolete. But the effect is a “black hole” in institutional and societal memory.

Shadow AI risks creating a similar grey zone in diplomatic memory, but now the problem is not just loss, but the gain of diplomatic knowledge by somebody else. Namely, big AI platforms used by diplomats can capture, organise, and ultimately, provide this knowledge as a commercial service or strategic asset.

What is Shadow AI?

IBM defines Shadow AI as ‘the unsanctioned use of AI tools or applications by employees without formal approval or oversight of the IT department’. ShadowAI is not a marginal behaviour. Recent research indicates that a large majority of organisations have employees using unapproved AI tools at work, and around one-third of AI-using employees openly admit to sharing sensitive work data with AI platforms without permission. Analysts, such as Gartner, project that by 2030, around 40% of enterprises will experience security or compliance breaches linked to shadow AI.

In diplomacy, the incentives for shadow AI are even stronger:

Diplomatic work is text- and language-heavy. LLMs are exceptionally good at precisely those tasks: drafting, translating, and summarising.
Diplomatic issues are increasingly technical (AI governance, cyber norms, trade rules, digital taxation), making quick access to synthetic explanations and drafts extremely tempting.
Many ministries still lack secure, user-friendly in-house tools, while consumer AI services are polished, powerful, and familiar from personal use.

The result is a fertile environment for shadow AI to emerge as a normal, if unofficial, part of diplomatic practice.

The corporate crackdown on Shadow AI begins

Major corporations are taking decisive steps to mitigate the risks of Shadow AI, the unauthorised use of external AI tools by employees. As reported by Reuters, Amazon has mandated that its 250,000 developers cease using all AI platforms except its own, named Kira. The primary motivation is to safeguard intellectual property and prevent competitors from accessing proprietary software solutions.

This trend is also evident in the banking sector, where financial institutions are banning Shadow AI, perceiving it as a dangerous vulnerability that could leak invaluable business and banking secrets.

Everyday Shadow AI practices – and why they are risky

Chatbots as informal advisers

The most visible form of shadow AI is simple: a diplomat opens ChatGPT or another chatbot in a browser, types a question, and gets an answer. But questions themselves are data. They reveal:

underlying assumptions (“What if State X refuses to sign…”)
priorities and interests (which issues a mission worries about)
negotiation strategies (“How could we respond if the other side insists on…”)
internal constraints (“Draft arguments we could use given that we cannot accept clause Y.”)

Across many queries, an external provider could reconstruct a strikingly detailed picture of a country’s concerns, red lines, and preferred framings. Even if no single prompt is highly sensitive, the behavioural pattern revealed over hundreds of prompts is.

Moreover, chat logs, questions, plus follow-up comments on the answers can build a rich behavioural profile of individual diplomats: their style, risk appetite, thematic focus, and even psychological traits. For diplomacy, where strategic opacity and controlled signalling are often integral to negotiation, this is a non-trivial leak.

Drafting: from reports to speeches

Diplomats draft constantly: reports to capitals, minute-by-minute readouts of negotiations, non-papers, letters, talking points, or speeches. LLMs are extremely helpful here: they can clean up language, reorganise arguments, and adapt a text for different audiences. However, the risks are layered:

Confidentiality of content
To achieve good outputs, users typically paste in detailed context, including names of interlocutors, meeting dynamics, sensitive assessments, or internal positions. This material may then be stored on servers controlled by foreign private companies and potentially subject to foreign legal processes.

Textual inflation and erosion of diplomatic craft
LLMs are optimised to produce fluent, abundant prose. They make it easy to generate long texts with little effort. This can lead to inflation of diplomatic text: more pages, less signal. Quantity risks overtaking quality and genuine insight.

As it becomes tacitly understood that “AI probably wrote this,” diplomats may read less attentively, skim more, and treat long documents as boilerplate. Important nuance can be buried in standardised paragraphs, undermining the precise, carefully crafted language that diplomacy relies on.

Convergence of language and positions
If many diplomats rely, even partially, on similar AI systems, their texts may converge towards similar framings and metaphors. Subtle national perspectives and political nuances risk being flattened into generic “AI-speak,” eroding the distinct voice and normative positions that are part of diplomatic identity.

Translation: speed at the cost of confidentiality

Multilingualism is central to diplomacy. AI translation services are widely used because they are fast, accurate, and easy. But submitting internal or confidential texts to commercial translation services exposes those texts to the service providers. Even if the provider claims it does not store or use data for training in certain modes, the diplomat must trust:

that the settings are correctly configured
that logs are properly handled
that no future policy, breach, or legal order will change how that data is processed

In practice, a stream of translations can reveal which documents are considered important, which languages are prioritised, and where sensitive bilateral or multilateral engagements are intensifying.

Summarisation: compressing nuance

Summarisation tools are attractive for diplomats facing hundreds of pages of negotiations, resolutions, or reports. Feeding large volumes of text into AI to get summaries is now a common practice. Risks include:

External mapping of internal activity – summaries are generated only if the full documents are supplied; this provides external platforms with detailed content and structure of internal debates, even if the outputs remain within the ministry.
Loss of nuance – diplomatic texts often contain intentional ambiguity, layered signalling, or carefully balanced wording. Automated summarisation tends to collapse nuance, which can distort how issues are perceived internally and externally.
Hidden bias – if summaries are used for decision-making, the model’s implicit biases in what it highlights or downplays can subtly reshape policy priorities.

Visualisations and presentations

As graphs, infographics, and slide decks become standard in multilateral meetings, diplomats increasingly rely on AI tools that can generate presentations, diagrams, and “data stories.”

Uploading datasets, internal statistics, or draft messages into these tools carries the same confidentiality risks as text-based usage. In addition, visualisations can fix certain interpretations of data as “the” narrative, sometimes oversimplifying complex political balances into easily digestible—but misleading—graphics.

Where do Shadow AI risks materialise?

At a technical level, interaction with AI platforms can be intercepted at several points:

between the user’s device and the AI platform (network level)
on the platform side (storage, internal logs, training pipelines)
via third-party integrations, browser extensions, or plugins

Even without interception, AI companies have full control over the inference process. They hold large databases of prompts and outputs which, in many cases, can be used for model improvement, product analytics, or security monitoring.

Commercial incentives usually push companies to protect user data. Trust is at the heart to their business model. However, they are embedded in legal jurisdictions. In both the United States and China, home to many leading AI providers, laws allow authorities, under certain conditions, to request access to stored data, including service logs and user interactions. For diplomatic services, there is no recognised diplomatic immunity that shields such data from subpoena or security requests.

This creates a strategic vulnerability: sensitive diplomatic reasoning may, unintentionally, become accessible to foreign authorities through perfectly legal channels directed at private companies, rather than through classical espionage or hacking.

Why training and awareness-building are not enough

Standard responses to new digital risks are familiar: awareness-building campaigns, guidance notes, and training. While useful, they have clear limits in the context of Shadow AI.

Experience from basic cybersecurity hygiene is instructive: despite years of training, people still reuse passwords, click on phishing links, or write credentials on sticky notes. Awareness alone rarely overcomes powerful incentives and habits. With AI, the incentives to overlook safety concerns are even stronger as AI offers efficiency (saving hours of drafting or translation), quality (improved language, structure, and clarity), and immediacy (answers on demand, without bureaucratic delays).

For a diplomat under time pressure, these “carrots” will usually outweigh risk concerns, often perceived as abstract. It is unrealistic to expect that mere awareness will stop shadow AI, especially when sanctioned alternatives are weak or absent. Thus, the policy question is not whether diplomats will use AI (they will), but rather which AI they will use, under whose control, and with what safeguards.

Towards solutions: in-house AI as the realistic path

If Shadow AI is a symptom of unmet needs, then the primary solution must be to meet those needs safely. For diplomatic services, these points aim to build or procure in-house AI systems, based on open-source models and tailored to the diplomatic context. The main champions of AI transformation should be those who have shown initiative and curiosity in experimenting with LLMs in Shadow AI style. Building on them as critical asset for changes, other elements of such a solution should include:

Local control of data and models

Deploy models on infrastructure controlled by the diplomatic service (on-premises or in trusted government clouds)
Ensure that all prompts, documents, and outputs remain within controlled environments
Treat chat logs and generated texts as part of the diplomatic archive, subject to the same rules as cables and official correspondence

Training models on diplomatic knowledge

Fine-tune models using internal documents, glossaries, and style guides to ensure outputs align with institutional practice and terminology
Preserve and enrich the core asset of diplomatic services, knowledge, rather than leaking it to external providers

Clear governance and guardrails

Define which categories of information may be processed by AI tools and which must never be entered (e.g. highly classified intelligence)
Implement role-based access, logging, and oversight mechanisms
Integrate AI use into existing rules on records management, classification, and archival practice

Smart gateways to the outside world

Where external AI services are needed (for example, to obtain the most up-to-date open-source information), route them through controlled “gateways” that strip or anonymise sensitive content
Distinguish clearly between internal deliberative content (never exposed) and public, open-source material

Redesign of workflows, not just “new tools”

AI adoption should prompt a rethink of how ministries organise drafting, translation, reporting, and analysis
Instead of adding AI as an afterthought, redesign workflows so that human judgement focuses on negotiation, strategy, and relationship-building, while AI handles well-defined, lower-risk tasks

In this way, diplomatic services can address shadow AI not by trying to forbid AI outright, which is likely to fail, but by offering equally powerful, safer alternatives that match diplomats’ practical needs

Conclusion: AI from shadow to stewardship

Shadow AI is dangerous for diplomacy, not because AI is inherently hostile to diplomatic values, but because unsanctioned, externally controlled AI quietly erodes three foundations of diplomatic practice:

discretion and confidentiality (through uncontrolled data flows)
craft and nuance (through textual inflation and convergence)
institutional memory and autonomy (through dependence on external platforms)

The historical lesson from the “digital dark age” is that institutions which fail to adapt their record-keeping and knowledge practices to new technologies pay a high price later in lost institutional memory, weakened accountability, and diminished strategic capacity. Shadow AI extends this risk from memory to live negotiation and strategy.

The way forward is not nostalgia for pre-digital diplomacy, nor a naïve embrace of consumer AI tools. It is the deliberate construction of trusted, in-house AI ecosystems that embed diplomatic values – discretion, reliability, balance – into the very architecture of the tools diplomats use every day. Only then can diplomacy move from being a passive consumer of Shadow AI to an active steward of AI for the benefit of their countries and the global public good.