The data processing agreement (DPA), once considered a reliable safeguard for managing third-party data handling, is increasingly failing to protect organizations from hidden AI risks. A groundbreaking analysis by DataGrail’s Privacy and AI Trends Report 2026 confirms that the majority of AI-enabled software providers are not disclosing all subprocessors involved in their AI pipelines.
The report, which examined 2,400 prominent business software vendors, found that 63.6% of those advertising AI capabilities fail to mention third-party AI subprocessors in their legal agreements. This oversight leaves companies unknowingly exposing sensitive customer data—including personally identifiable information, financial records, and biometric data—to AI models they never approved or even knew existed.
"The rush to integrate AI into every product is outpacing governance frameworks," explained Daniel Barber, co-founder and CEO of DataGrail, in an exclusive interview. "While DPAs are meant to serve as a trust anchor, the reality is that 2026’s AI landscape has rendered them insufficient for risk evaluation."
The stakes are higher than ever. Organizations grappling with unchecked AI usage face an average breach cost of $4.63 million, according to IBM’s 2025 Cost of Data Breach Report—a figure that exceeds non-shadow AI breaches by $670,000. Meanwhile, U.S. states issued $3.425 billion in privacy-related fines last year alone, with Gartner projecting continued acceleration through 2028.
How vendors are circumventing disclosure in AI contracts
DataGrail’s methodology didn’t rely solely on reviewing legal documents. Researchers cross-referenced DPAs with product documentation, GitHub repositories, API connections, and marketing materials for each of the 2,400 vendors analyzed.
Barber emphasized the depth of the investigation: "We treated the DPA as a baseline, but our analysis extended to GitHub environments, live API integrations, and even marketing collateral to identify inconsistencies. For example, a vendor’s DPA might state OpenAI as its primary AI provider, yet its product documentation could reference three additional subprocessors—details absent from the contract."
The gaps are not minor oversights but represent a systemic issue in the AI vendor ecosystem. Barber asserted confidence in the findings: "We spent extensive time reviewing primary sources, including direct system integrations, to verify that undisclosed AI subprocessors are actively processing personal data. This isn’t speculation—it’s documented exposure."
Consider the implications for a company adopting an AI-powered recruiting tool. The vendor’s DPA lists Anthropic’s Claude as its foundational model, prompting the hiring organization to conduct a security review of Anthropic. However, the tool silently integrates OpenAI and Google’s Gemini for additional features—models the company never evaluated. These undisclosed subprocessors could process thousands of resumes, handling sensitive details like home addresses, financial data, or Social Security numbers. The result? Potential violations of FTC guidelines on automated employment decisions and irreversible reputational damage.
The hidden risks of undisclosed AI subprocessors
The report’s findings extend beyond missing disclosures. Among AI systems that do disclose their capabilities, 32.8% also admit to processing high-risk data types, such as sensitive personal information or enabling automated decision-making. Within this subset, 47.1% handle personal data, 20.7% support automated decision systems, 16.5% process sensitive categories like health or financial records, and 7.5% work with biometric data.
These statistics likely understate the true scale of exposure. Vendors may underreport data access, and AI’s adaptive nature means even compliant providers can’t predict how customers will misuse their tools. The regulatory repercussions are immediate: California’s new risk assessment requirements, effective January 1, 2026, mandate documented evaluations for high-risk AI processing activities, with submissions to CalPrivacy due by April 2028 and executive attestations subject to perjury penalties.
For businesses, the message is clear: relying solely on DPAs to manage AI risk is no longer viable. Organizations must implement rigorous due diligence, continuous monitoring, and real-time compliance audits to close the gaps before regulators—or breaches—do it for them.
The AI gold rush has left privacy protections in the dust. The question now is whether companies will act before their data—and their trust—is permanently compromised.
AI summary
Yeni bir araştırma, şirketlerin %63,6’sının AI özellikli yazılımlarında üçüncü taraf AI alt işlemcilerini belgelememesiyle veri gizliliğinin ciddi bir tehdit altında olduğunu ortaya koyuyor. Gizli AI kullanımı, ihlal maliyetlerini artırırken, şirketleri yasal yaptırımlara da açık hale getiriyor.
