IT Brief UK - Technology news for CIOs & IT decision-makers
Story image
UK councils show worrying laxity in AI usage policies
Wed, 28th Feb 2024

Freedom of Information (FoI) data from UK councils shows an alarming laxity in the use of Generative Artificial Intelligence (GAI), with three-quarters of councils lacking usage policies for AI in the workplace. The data also reveals that more than a third of these allow their employees to use AI without any policy in place.

This discovery points to a trend in which the rapid development of GAI has outstripped the organisational capability to create usage policies for safe implementation. Furthermore, the FoI data manifests that only three councils have earmarked specific budgets for GAI tools and employee training, calling attention to the dearth of concern for the rapidly evolving technology.

The FoI requests were carried out by WalkMe, an expert in digital adoption, in order to quantify the extent of the problem. Ofir Hatsor, Senior Vice President EMEA at WalkMe, warns of the potentially grave outcomes of such negligence. He stated, "A failure to apply policies could lead to catastrophic consequences that puts employees, citizens, councils, and sensitive data at risk."

Adding to the gravity of the finding is the disturbing fact that the FoI also shows that policies are being violated and data compromised, underscoring the urgent need for investing in training around the safe and efficient use of AI in workplaces.

WalkMe's research showed that the quick advancement of GAI is outrunning the ability of organisations to develop viable usage policies for safe and effective employment of the technology. According to the FoI requests, only 24% of UK councils possess usage policies for AI in the workplace. A further 19% are in the process of developing these crucial policies, but a worrying 39% allow the use of AI in the workplace sans any policy.

Hatsor elaborates further on the predicament, stating, "Without policies in place, councils cannot understand how their employees are using AI, let alone control it. This lack of understanding means that employees could be opening themselves, citizens, and the council itself up to unintended consequences: from embarrassment to putting sensitive data at risk."

The FoI also found that only one council has had to take action against an employee for breaching its AI use policy, and only one has suffered a potential security incident sparked by AI use – a data leak. This shows that there is still time to establish effective practices and controls. However, to take effective action in this direction, adequate investment is required. Only three councils have reportedly set aside a specific budget for implementing GAI tools and for training employees in their use.

Hatsor offers a ray of hope amidst this daunting scenario, stating, "Usage policies should accept employees will want to use GAI; offer guidelines on safe and effective use, and demonstrate the consequences if these aren’t followed. This will go a long way towards educating and empowering workers."