The European Parliament has disabled built-in AI functions on work devices
Politico reported on an internal email to MEPs: the European Parliament’s IT department has disabled built-in AI functions on corporate tablets and phones, explaining the decision by an inability to guarantee the data security of these tools. This does not affect mail, calendars and documents, but it does impact writing assistants, summarization tools and other automated services on mobile devices.
What exactly was done
The institution disabled built-in assistants and automatic summarization tools for the tablets and phones of MEPs and their staff. The letter also suggested considering similar precautionary measures for private devices used for work tasks. Specific feature names and operating systems were not disclosed due to the "sensitivity" of cybersecurity matters.
"We constantly monitor cyber threats and promptly implement measures to prevent them"
— Press service of the European Parliament
Why this matters
The decision is not about technophobia, but about the realities of data protection. In recent years the EU has tightened security rules: from recommendations to remove TikTok in 2023 to calls in 2025 to abandon some software in favor of European alternatives. In March the European Parliament adopted some of the world’s first laws on AI regulation — and is now applying their logic operationally where infrastructure vulnerabilities are concerned.
What experts say
Cybersecurity analysts point out that built-in AI assistants can send fragments of work data to external services for processing, creating risks of information leaks or third‑party use. Such risks are especially critical for legislative institutions, where strategies, legislative initiatives and confidential communications circulate.
What this means for Ukraine
The signal for us is twofold. First, it is a reminder: digital security is a matter of national security. Second, the EU is demonstrating a practical approach — not just declarations about data protection, but concrete operational decisions. Ukrainian authorities, the parliament and partners should take this experience into account when shaping their own policies for using AI on official devices.
Short practical checklist
- Limit AI services' access to official email and documents. - Implement segregation of work and private devices. - Vet suppliers and require transparent terms of data processing. - Improve cyber-hygiene among civil servants and MPs.
Conclusion
The European Parliament’s decision is not rhetoric, but a pragmatic step toward minimizing risks. It is part of a broader trend: EU lawmakers are moving from rules on paper to operational security in daily work. For Ukraine it is important not only to monitor such signals, but to transform them into its own working procedures so that digital vulnerability does not become a weak point of security and democracy.
