DataGrail report finds your vendor may be sending data to AI models you never approved

A major new analysis of enterprise software vendors has exposed a troubling gap between what companies claim they do with artificial intelligence and what their legal agreements actually disclose. DataGrail, a San Francisco-based privacy platform, examined 2,400 popular business software providers and discovered that 63.6 percent of vendors advertising AI capabilities fail to mention third-party AI processors in their data processing agreements. This concealment means the majority of organizations purchasing AI-enabled software may unknowingly be exposing customer data to artificial intelligence systems they never approved, never reviewed, and may not even be aware exist. The findings arrive as enterprises face mounting regulatory pressure and escalating breach costs linked to undisclosed AI systems. The implications of this discovery extend far beyond contractual oversight. Organizations dealing with what researchers term shadow AI experience average data breach costs of $4.63 million, roughly $670,000 more than companies without such exposure, according to IBM's 2025 analysis.

Simultaneously, U.S. states distributed $3.425 billion in privacy-related fines last year, surpassing the previous five years combined, with enforcement expected to intensify through 2028. DataGrail's chief executive Daniel Barber emphasized that technology is advancing faster than governance can keep pace, rendering traditional data processing agreements an insufficient safeguard. This convergence of undisclosed AI use, rising regulatory activity, and substantial financial penalties creates an urgent crisis for privacy teams struggling to maintain vendor oversight. The research methodology reveals the sophistication required to uncover these discrepancies. DataGrail's team cross-referenced contractual statements against product documentation, GitHub repositories, API connections, and marketing materials for each vendor studied. The investigation found repeated cases where vendors claimed one set of AI models in their agreements while deploying entirely different systems in actual product functionality.

One illustrative example involved a recruitment tool listing Claude as its foundational model in its data processing agreement while simultaneously using OpenAI and Google Gemini undisclosed. This situation meant companies evaluating the hiring software's security had vetted only Anthropic's systems while sensitive applicant information, including home addresses and financial data, flowed through unreviewed artificial intelligence platforms. The disclosure gap fundamentally undermines privacy compliance, particularly regarding automated decision-making rules that trigger stringent regulatory obligations under Federal Trade Commission employment regulations. The scope of the problem extends beyond hidden AI processors. DataGrail found that 32.8 percent of AI systems disclosing AI capabilities also reported at least one additional high-risk activity, such as processing sensitive personal information or powering automated decisions. Among systems with acknowledged risk factors, 47.1 percent process personal data, 20.7 percent enable automated decision-making, 16.5 percent handle sensitive categories like health or financial information, and 7.5 percent process biometric data.

These figures almost certainly undercount actual exposure since they reflect only formally disclosed activities. The timing compounds regulatory danger, as California's new risk assessment requirement, effective January 1, 2026, mandates documented evaluations of privacy-sensitive processing activities. DataGrail's research indicates that 42 percent of companies abandoned AI initiatives in 2025 specifically because of privacy concerns, representing substantial waste that proper safeguards could prevent. Looking ahead, privacy leaders face an accelerating technology landscape where contractual certainty continues to erode. Gartner predicts that 40 percent of enterprise applications will feature task-specific AI agents by the end of 2026, compared to less than 5 percent currently, potentially creating exponential compliance complications. Agentic AI systems operating autonomously across organizational networks could distribute data to multiple undisclosed processors with minimal human intervention, rendering current oversight mechanisms obsolete.

Meanwhile, state regulatory coordination through mechanisms like the Consortium of Privacy Regulators, formed last year with ten states, promises increasingly harmonized enforcement across jurisdictions. The enterprises positioned to navigate this transformation successfully will not be those with the largest compliance departments but rather those accepting the uncomfortable reality that their current vendor agreements, risk assessments, and contractual safeguards may already be obsolete, with autonomous systems potentially processing sensitive information in ways no human has reviewed or approved.