Quantifying Shadow AI Risk in the Browser

Executive Summary

The AI workplace has arrived. The governance perimeter has not.

The browser is where work happens, where AI is used, and where data moves. It is also where most organizations have the least visibility. This report is built on primary survey research fielded in May 2026 with 227 US knowledge workers who use AI at work, and it focuses on one thing: the choices individual employees make when they open a browser, reach for an AI tool, and decide what to share with it.

The scale of adoption is not the finding — it is the governance gap that shadow AI use has created. As workers reach for newer, faster, better tools to do their jobs, they reach outside company policy to do it. 42.3% already run a governed and an ungoverned AI surface in parallel, in the same browser session, with the same data.

68.7% pasted internal, sensitive, or regulated data into AI tools in the last three months — financial information, customer data, source code, credentials. For organizations under a regulatory framework, the exposure does not require a breach to be consequential. In many frameworks, the paste itself is the event.

The most consequential finding is not the volume of exposure. It is this: 63.0% of respondents report having a clear AI policy they understand. 48.3% of knowledge workers who know that a policy exists also knowingly breach that policy anyway. Policy clarity is not the constraint. Enforcement is.

What this means

The control point has shifted to the browser — to the moment of the prompt, the paste, the click. Policy without a browser-level control point is just a document waiting to be ignored.

Finding 01:
The browser is the workplace

93.4% do their business application work primarily in the browser. 71.4% work there almost entirely.

That figure is not a trend; it is a settled reality. Every security architecture built around the endpoint, the network perimeter, or the email gateway was designed for a workplace that no longer exists for knowledge workers. The browser session is where company data is accessed and shared, where decisions are made, and where risk gets created.

And these are not clean, controlled environments. Ordinary, habitual choices create a persistent blur between personal and professional identities — between what an organization thinks it controls and what it actually does.

Finding 02: 
AI use is daily, essential and employee-driven

70.9% use AI tools daily or more. This is not a pilot program.

Workers are not using one AI application and stopping there. They build a stack — and the layers do not all sit where IT can see them.

Finding 03:
More than half of knowledge workers surveyed work outside sanctioned AI boundaries

54.6% use AI tools their organization has not approved.

Finding 04: 
Sensitive data is already inside unsanctioned AI tools

Only 21.6% of survey respondents never paste anything sensitive into an AI tool.

For everyone else the question is not whether data has moved into AI tools — it is how much, how often, and what kind. Among those who paste, it is a habit, not an exception.

Finding 05: 
Policy is not the problem. Enforcement is.

63.0% have a clear policy they understand.

48.3% of those workers knowingly use unapproved tools anyway.

The conventional response to AI risk is to write a policy, communicate it, and train the workforce. The data suggests that these policies already exist in the majority of organizations represented here, but it has not actually reduced the risk. Workers who understand the policy are violating it anyway. The problem is not that employees do not know the rules. It is that the rules have no mechanism of enforcement at the moment they matter.

That moment is the browser session. The prompt field. The paste. The click. No policy document, however clearly written, operates at that level of granularity. No email from the CISO reaches the user at the point of action. By the time the training is complete and the policy is understood, the behavior is already in motion.