Why is Shadow AI dangerous for diplomats?

Shadow AI  refers to the use of tools like ChatGPT and DeepSeek, often on personal accounts for clearly official tasks, such as drafting reports from meetings, preparing talking points, translating notes, or summarising lengthy documents, often on personal accounts or consumer versions of AI tools.

For diplomats, this is deeply attractive as LLMs provide speed, efficiency, and stylistic polish.

Yet diplomacy is a profession of discretion, controlled ambiguity, and sometimes secrecy. Shadow AI  introduces a structural contradiction: the more diplomats rely on commercial AI platforms, the greater their risk of undermining the confidentiality and discretion on which diplomatic practice is based.

Behind Shadow AI lies the ‘two-speed’ problem of rapid technological changes and slow institutional adaptation. Diplomatic services take years to provide secure, in-house AI solutions. In the meantime, AI platforms are literally one click away on diplomats’ phones and laptops. 

The paradox is that secure in-house AI, based on open-source models, is technically feasible and financially affordable. The bottleneck for AI transformation is much less technical than organisational: how foreign ministries conceptualise, govern, and reorganise knowledge, which is their core asset. The experience and curiosity of those who experimented with LLMs in Shadow AI style should be considered as a critical asset.

---

Historical echo: from ‘digital dark age to Shadow AI 

Shadow AI  is not the first time that digital tools have outpaced institutional memory practices. Archivists have warned of a “digital dark age” to describe how records from the late 1990s and early 2000s were lost because institutions were still geared to paper files, while records increasingly existed only in electronic form: emails, early websites, and word-processing files.

A 2024 Pew Research Centre study illustrates how fragile digital memory can be: 38% of webpages that existed in 2013 were no longer accessible by 2023, and about a quarter of all pages seen at any point between 2013 and 2023 had disappeared by late 2023. Much of this loss is unintentional: links break, hosting is discontinued, formats become obsolete. But the effect is a “black hole” in institutional and societal memory.

To recover these traces, “digital archaeologists” scour obsolete storage media, long-abandoned websites, and private email archives, attempting to reconstruct what institutions once knew and decided.

Shadow AI  risks creating a similar grey zone in diplomatic memory, but now the problem is not just loss, but exposure. Instead of archives failing to capture digital activity, we have highly capable external platforms quietly capturing sensitive institutional knowledge through everyday use, without any structured archival control on the diplomatic side.

---

What is Shadow AI?

IBM defines Shadow AI  as ‘the unsanctioned use of AI tools or applications by employees without formal approval or oversight of the IT department’. ShadowAI is not a marginal behaviour. Recent research indicates that a large majority of organisations have employees using unapproved AI tools at work, and around one-third of AI-using employees openly admit to sharing sensitive work data with AI platforms without permission. Analysts, such as Gartner, project that by 2030, around 40% of enterprises will experience security or compliance breaches linked to shadow AI.IT Pro

In diplomacy, the incentives for shadow AI are even stronger:

• Diplomatic work is text- and language-heavy. LLMs are exceptionally good at precisely those tasks: drafting, translating, and summarising.
• Diplomatic issues are increasingly technical (AI governance, cyber norms, trade rules, digital taxation), making quick access to synthetic explanations and drafts extremely tempting.
• Many ministries still lack secure, user-friendly in-house tools, while consumer AI services are polished, powerful, and familiar from personal use.

The result is a fertile environment for shadow AI to emerge as a normal, if unofficial, part of diplomatic practice.

Everyday Shadow AI practices – and why they are risky

Chatbots as informal advisers

The most visible form of shadow AI is simple: a diplomat opens ChatGPT or another chatbot in a browser, types a question, and gets an answer. But questions themselves are data. They reveal:

• underlying assumptions (“What if State X refuses to sign…”),
• priorities and interests (which issues a mission worries about),
• negotiation strategies (“How could we respond if the other side insists on…”), and
• internal constraints (“Draft arguments we could use given that we cannot accept clause Y.”).
  

Across many queries, an external provider could reconstruct a strikingly detailed picture of a country’s concerns, red lines, and preferred framings. Even if no single prompt is highly sensitive, the behavioural pattern revealed over hundreds of prompts is.

Moreover, chat logs, questions, plus follow-up comments on the answers can build a rich behavioural profile of individual diplomats: their style, risk appetite, thematic focus, and even psychological traits. For diplomacy, where strategic opacity and controlled signalling are often integral to negotiation, this is a non-trivial leak.

Drafting: from reports to speeches

Diplomats draft constantly: reports to capitals, minute-by-minute readouts of negotiations, non-papers, letters, talking points, speeches. LLMs are extremely helpful here: they can clean language, reorganise arguments, and adapt a text for different audiences. However, the risks are layered:

Confidentiality of content
To achieve good outputs, users typically paste in detailed context, including names of interlocutors, meeting dynamics, sensitive assessments, or internal positions. This material may then be stored on servers controlled by foreign private companies and potentially subject to foreign legal processes.

Textual inflation and erosion of diplomatic craft
LLMs are optimised to produce fluent, abundant prose. They make it easy to generate long texts with little effort. This can lead to inflation of diplomatic text: more pages, less signal. Quantity risks overtaking quality and genuine insight.

As it becomes tacitly understood that “AI probably wrote this,” diplomats may read less attentively, skim more, and treat long documents as boilerplate. Important nuance can be buried in standardised paragraphs, undermining the precise, carefully crafted language that diplomacy relies on.

Convergence of language and positions
If many diplomats rely, even partially, on similar AI systems, their texts may converge towards similar framings and metaphors. Subtle national perspectives and political nuances risk being flattened into generic “AI-speak,” eroding the distinct voice and normative positions that are part of diplomatic identity.

Translation: speed at the cost of confidentiality

Multilingualism is central to diplomacy. AI translation services are widely used because they are fast, accurate, and easy.  But submitting internal or confidential texts to commercial translation services exposes those texts to the service providers. Even if the provider claims it does not store or use data for training in certain modes, the diplomat must trust:

• that the settings are correctly configured;
• that logs are properly handled; and
• that no future policy, breach, or legal order will change how that data is processed.
  

In practice, a stream of translations can reveal which documents are considered important, which languages are prioritised, and where sensitive bilateral or multilateral engagements are intensifying.

Summarisation: compressing nuance

Summarisation tools are attractive for diplomats facing hundreds of pages of negotiations, resolutions, or reports. Feeding large volumes of text into AI to get summaries is now a common practice. Risks include:

• External mapping of internal activity – summaries are generated only if the full documents are supplied; this provides external platforms with detailed content and structure of internal debates, even if the outputs remain within the ministry.
• Loss of nuance – diplomatic texts often contain intentional ambiguity, layered signalling, or carefully balanced wording. Automated summarisation tends to collapse nuance, which can distort how issues are perceived internally and externally.
• Hidden bias – if summaries are used for decision-making, the model’s implicit biases in what it highlights or downplays can subtly reshape policy priorities.
  

Visualisations and presentations

As graphs, infographics, and slide decks become standard in multilateral meetings, diplomats increasingly rely on AI tools that can generate presentations, diagrams, and “data stories.”

Uploading datasets, internal statistics, or draft messages into these tools carries the same confidentiality risks as text-based usage. In addition, visualisations can fix certain interpretations of data as “the” narrative, sometimes oversimplifying complex political balances into easily digestible—but misleading—graphics.

---

Where do Shadow AI risks materialise? 

At a technical level, interaction with AI platforms can be intercepted at several points:

• between the user’s device and the AI platform (network level);
• on the platform side (storage, internal logs, training pipelines);
• via third-party integrations, browser extensions, or plugins.
  

Even without interception, AI companies have full control over the inference process. They hold large databases of prompts and outputs which, in many cases, can be used for model improvement, product analytics, or security monitoring.

Commercial incentives usually push companies to protect user data. Trust is at the heart to their business model. However, they are embedded in legal jurisdictions. In both the United States and China, home to many leading AI providers, laws allow authorities, under certain conditions, to request access to stored data, including service logs and user interactions. For diplomatic services, there is no recognised diplomatic immunity that shields such data from subpoena or security requests.

This creates a strategic vulnerability: sensitive diplomatic reasoning may, unintentionally, become accessible to foreign authorities through perfectly legal channels directed at private companies, rather than through classical espionage or hacking.

---

Why training and awareness-building are not enough

Standard responses to new digital risks are familiar: awareness-building campaigns, guidance notes, and training. While useful, they have clear limits in the context of Shadow AI.

Experience from basic cybersecurity hygiene is instructive: despite years of training, people still reuse passwords, click on phishing links, or write credentials on sticky notes. Awareness alone rarely overcomes powerful incentives and habits. With AI, the incentives to overlook safety concerns are even stronger as AI offers efficiency (saving hours of drafting or translation), quality (improved language, structure, and clarity), and immediacy (answers on demand, without bureaucratic delays).

For a diplomat under time pressure, these “carrots” will usually outweigh risk concerns, often perceived as abstract. It is unrealistic to expect that mere awareness will stop shadow AI, especially when sanctioned alternatives are weak or absent. Thus, the policy question is not whether diplomats will use AI; they will, but which AI they will use, under whose control, and with what safeguards.

---

Towards solutions: in-house AI as the realistic path

If Shadow AI  is a symptom of unmet needs, then the primary solution must be to meet those needs safely. For diplomatic services, these points aim to build or procure in-house AI systems, based on open-source models and tailored to the diplomatic context. The main champions of AI transformation should be those who have shown initiative and curiosity in experimenting with LLMs in Shadow AI style. Building on them as critical asset for changes, other elements of such a solution should include:

Local control of data and models

• Deploy models on infrastructure controlled by the diplomatic service (on-premises or in trusted government clouds).
• Ensure that all prompts, documents, and outputs remain within controlled environments.
• Treat chat logs and generated texts as part of the diplomatic archive, subject to the same rules as cables and official correspondence.
  

Training models on diplomatic knowledge

• Fine-tune models using internal documents, glossaries, and style guides to ensure outputs align with institutional practice and terminology.
• Preserve and enrich the core asset of diplomatic services, knowledge, rather than leaking it to external providers.
  

Clear governance and guardrails

• Define which categories of information may be processed by AI tools and which must never be entered (e.g. highly classified intelligence).
• Implement role-based access, logging, and oversight mechanisms.
• Integrate AI use into existing rules on records management, classification, and archival practice.
  

Smart gateways to the outside world

• Where external AI services are needed (for example, to obtain the most up-to-date open-source information), route them through controlled “gateways” that strip or anonymise sensitive content.
• Distinguish clearly between internal deliberative content (never exposed) and public, open-source material.
  

Redesign of workflows, not just “new tools”

• AI adoption should prompt a rethink of how ministries organise drafting, translation, reporting, and analysis.
• Instead of adding AI as an afterthought, redesign workflows so that human judgement focuses on negotiation, strategy, and relationship-building, while AI handles well-defined, lower-risk tasks.
  

In this way, diplomatic services can address shadow AI not by trying to forbid AI outright, which is likely to fail, but by offering equally powerful, safer alternatives that match diplomats’ practical needs.

---

Conclusion: AI from shadow to stewardship

Shadow AI is dangerous for diplomacy, not because AI is inherently hostile to diplomatic values, but because unsanctioned, externally controlled AI quietly erodes three foundations of diplomatic practice:

• discretion and confidentiality (through uncontrolled data flows),
• craft and nuance (through textual inflation and convergence), and
• institutional memory and autonomy (through dependence on external platforms).
  

The historical lesson from the “digital dark age” is that institutions which fail to adapt their record-keeping and knowledge practices to new technologies pay a high price later in lost institutional memory, weakened accountability, and diminished strategic capacity. Shadow AI  extends this risk from memory to live negotiation and strategy.

The way forward is not a nostalgia for pre-digital diplomacy, nor a naïve embrace of consumer AI tools. It is the deliberate construction of trusted, in-house AI ecosystems that embed diplomatic values – discretion, reliability, balance – into the very architecture of the tools diplomats use every day. Only then can diplomacy move from being a passive consumer of Shadow AI  to an active steward of AI in the service of international relations.