The European Parliament has disabled built‑in artificial intelligence (AI) features on corporate devices used by lawmakers and staff, citing unresolved cybersecurity and data protection risks.
The decision targets AI tools embedded in tablets and phones, while leaving essential apps such as email, calendar, and document editors untouched.
According to an internal email described in a Politico report, the Parliament’s IT department determined it could not guarantee the security of AI features that send device data to cloud services for processing.
Cloud Data Flows Trigger Security Fears
Some assistants used cloud infrastructure to perform tasks that could technically be handled locally, raising concerns that sensitive parliamentary information might be transferred to external service providers without full visibility or control.
The email noted that as these features evolve and become available on more devices, the total amount and type of data shared with vendors remain unclear, prompting a precautionary shutdown.
Politico reports that the restrictions apply to built‑in capabilities such as writing and summarizing assistants, enhanced virtual assistants, and webpage summary functions on both phones and tablets issued to Members of the European Parliament (MEPs) and their staff.
Core productivity tools, however, continue to operate normally, ensuring that legislative work and communications are not disrupted.
In a written statement, the Parliament’s press service said it continuously monitors cybersecurity threats.
Rapidly deploys measures to mitigate them, but declined to detail which operating systems or AI solutions were affected due to the sensitivity of security policies.
The same Politico report notes that the internal email urged lawmakers to exercise similar caution with their personal devices used for work.
Advising them to avoid exposing work emails, internal documents, or confidential data to AI features that scan or analyze content.
MEPs were also advised to be careful with third‑party AI applications and to avoid granting broad or unnecessary data-access permissions.
This latest action fits into a broader EU pattern of tightening technology and data‑security controls.
Including previous bans on TikTok from staff devices and political pressure to reduce dependence on major foreign software vendors.
For security leaders, the Parliament’s move underscores a key governance challenge: embedded AI features can silently expand an organization’s attack surface and data exposure, even when the underlying apps and devices appear compliant and well managed.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
