EuroWire, BRUSSELS: The European Parliament has disabled built-in artificial intelligence tools on work-issued devices used by its lawmakers and staff, citing cybersecurity and privacy risks linked to sending data to external cloud services. The restriction covers prominent generative AI services, including OpenAI’s ChatGPT, Microsoft’s Copilot and Anthropic’s Claude, according to an internal email circulated within the institution.
The email said the Parliament’s IT department could not guarantee the security of data uploaded to the servers of AI providers and that the full extent of what information these tools share with external companies is still being assessed. It said the institution considers it safer to keep such features disabled while that review continues, and it referenced concerns about confidential correspondence being uploaded to the cloud.
Officials said some AI functions rely on cloud processing to perform tasks that could be handled locally on a device, resulting in information being transmitted off-device. The disabled capabilities include AI features embedded in modern operating systems and workplace software, such as writing and drafting assistance, text summarization and automated helper functions that can access or process user content as part of their operation.
The move applies to Parliament-issued devices used for official work, including tablets and smartphones provided to members and staff. The internal guidance said access to core workplace services such as email, calendars and standard office applications would continue, allowing day-to-day legislative, administrative and communications work to proceed without interruption even as AI features are turned off.
Caution urged on personal devices
The internal message also urged lawmakers and staff to apply similar precautions on personal devices used for work-related tasks. It advised users to avoid granting broad access to data and to refrain from sharing sensitive information with AI chatbots and assistants, particularly when those tools can read, store or transmit content beyond the user’s device.
A Parliament spokesperson said the institution continuously monitors cybersecurity threats and deploys measures to address risks. The Parliament has a large digital footprint, with devices and accounts used across committees, offices and delegations, and officials said safeguarding data is a standing requirement for institutional systems handling internal communications and official documents.
Security review continues
The internal email said the ongoing assessment is focused on what data is transmitted when AI features are used and how that information is handled by external service providers. Officials said the breadth of AI capabilities across devices and applications has expanded, increasing the need to map data flows and confirm whether content is processed locally or sent to remote servers as part of routine functions.
The decision follows earlier restrictions on applications used on Parliament-issued devices. In 2023, the European Parliament banned the use of TikTok on work devices, citing security concerns. The latest move extends that cautious approach to AI-enabled features and services, with officials emphasizing data protection and cybersecurity safeguards in the tools available on official hardware.