by Charles Gallaer & Mike McMahan

You probably know that car dealerships are moving toward AI, just like every other industry, intentionally.

But do you know whether your dealership is already using AI without your knowledge or consent?

Has an employee sent an email to a customer written by ChatGPT using your dealership’s information? Or provided proprietary trade information like pricing to an AI tool to create an advertisement? You probably have, and may not even know it. You don’t know each time it happens, what information the employee provides, or what AI tools the employee uses.

Each time an employee uses “shadow AI,” you put your customer data and dealership network at risk. Dealers have contended with “shadow IT” for years by creating policies regulating employee’s use of devices and personal email for work. Now, with AI use growing, dealers need to address shadow AI, by regulating employees’ use unauthorized AI tools while at work or to do business.

Your employees are using AI now, and that use will likely grow. According to a recent article in CIO, 74% of ChatGPT usage at work is through noncorporate accounts, and 94% for Google’s Gemini. Your workers could be feeding these models personal information about you, your employees, or your customers, with no knowledge about where it is going.

You are likely unprepared for shadow AI. A recent poll found that only 15% of organizations have AI policies. As AI tools become more sophisticated and prolific, employees will turn to them in greater numbers, compromising your data and network. Just like you shouldn’t allow employees to use their own devices or personal email addresses for company business or on the company’s network, you shouldn’t allow employees to use unauthorized AI solutions without your knowledge and consent.

The risks are real. My colleague Mike McMahan wrote about AI hallucinations and errors that resulted in a car dealership chatbot selling a vehicle for a dollar and an Air Canda chatbot providing incorrect pricing information. Those errors came from AI tools the companies chose to provide their customers. The risks are even greater for free AI tools, which are often less sophisticated. Companies including Samsung and Microsoft have experienced intellectual property leaks and security issues as a result of shadow AI.

“When you’re a smaller company, the risks are greater,” said Ameer Karim, executive vice president and general manager of cybersecurity and data protection at ConnectWise. He added that these organizations must also worry about AI hallucinations and inaccuracies, as most are using free versions of ChatGPT 3.5 or a similar tool, which only includes data trained through January 2022.

Businesses like your dealership are susceptible to the same leaks and security issues from shadow AI.   

So what are some steps you can take to bring AI out of the shadows at your dealership? Here are three:

First, you need to create policies regarding the use of AI, including what tools employees may and may not use and what information employees can provide to AI tools. You may need to create IT blocks on known AI websites and resources.

Second, you need to train employees on the use of AI tools and the risks involved with them. Education is key to stop information leak.

Third, you need to determine whether enterprise AI tools exist that you can deploy at your dealership that solve the need for employees to use unsanctioned AI tools while providing oversight and security necessary for your IT network to operate securely. By taking these three steps, you’re bringing AI usage out of the shadows of your dealership.

You must take these steps sooner than later to avoid regulatory and compliance disaster. For a comprehensive review, consider hiring legal professionals for a top to bottom review of your policies and procedures to be sure they meet the latest governance in your home jurisdiction.

Be smart and stay up to date on the latest Auto Intel by subscribing to our newsletter below.

Questions? Ask the authors–Charles and Mike have contact information in their bios.