Keep Aware — Browser DLP Blind Spot Lets Sensitive Data Leak to AI Prompts
AI relevance: Enterprise DLP tools are blind to data pasted directly into browser-based AI prompts (ChatGPT, copilots), creating a high-volume exfiltration channel that endpoint and network controls never see.
What Happened
Keep Aware released its 2026 State of Browser Security report, finding that 46% of sensitive file uploads go to unsanctioned accounts. The report identifies three browser-native data loss vectors that traditional DLP agents cannot monitor:
- Clipboard paste into AI tools: Employees copy source code, credentials, and customer records from internal systems and paste them directly into ChatGPT, Copilot, and other AI assistants — entirely within the browser session, bypassing endpoint and network DLP inspection.
- Direct form input and AI prompts: Sensitive data typed into web forms or AI prompts never touches the filesystem, so file-scanning DLP rules never trigger.
- Shadow accounts on approved domains: Users upload sensitive files to personal accounts on corporate-approved domains (e.g., personal ChatGPT, personal Google Drive), making the activity indistinguishable from normal sanctioned usage at the network level.
Why It Matters
AI tool adoption has accelerated the browser-as-workflow shift faster than security controls can adapt. Traditional DLP was designed around file transfers and network egress — but when a developer pastes proprietary code into an AI prompt, no file is created, no network connection looks anomalous, and the endpoint agent sees nothing. For AI security teams, this means the most common data exfiltration path for LLM-assisted workflows is currently invisible to most enterprise defenses.
What to Do
- Deploy browser-native DLP that instruments paste events, form inputs, and upload destinations inside the browser session itself.
- Block or restrict AI tool access at the browser extension/proxy level until policy allows specific sanctioned instances.
- Implement account-level distinction for approved SaaS domains — differentiate corporate vs. personal account usage on the same domain.
- Audit clipboard policies in AI tool usage guidelines; treat paste-to-AI as equivalent to file upload in data classification policies.