🎧 Listen to Episode 5 of LEXpérience: “AI in Business: How to Implement It Safely?”
- Video: YouTube
- On your favorite audio platforms: Click here
AI in the Workplace: How to Implement It Safely?
Episode 5 of the LEXpérience podcast (recorded in late January 2026)
Everyone uses AI.
But does everyone really know how to use it?
In the business world, artificial intelligence has taken hold at breakneck speed—often driven by employees themselves—long before management has even made a decision. The question is no longer “Should we use it?” It is now more specific and more urgent: How can we use it properly without putting our company at risk?
For the fifth episode of LEXpérience, the legal podcast from ALLY Avocats, we were joined by Nicolas Bodin, a former general counsel who is now CEO of Label4.IA : a startup founded in December 2024 whose mission is to neutralize deepfakes and identify content generated or manipulated by AI. A lawyer by training, with experience at TF1, Shadow, and Quant, he brings a unique perspective: that of a legal professional turned entrepreneur at the heart of AI’s most sensitive issues.
The question is no longer “Should we use AI?” It has already changed.
Just two years ago, the question that kept coming up in companies was simple: should we allow AI or not?
This question is now outdated, not because it was a bad one, but because reality has rendered it obsolete. Employees are using AI—first in their personal lives, then at work, often without informing their management. This is what’s known as “shadow AI ”: a massive, silent adoption that precedes any internal policy.
And that is precisely why the real question today is: how do we regulate what already exists?
Shadow AI: a phenomenon unprecedented in the history of technological revolutions
What sets generative AI apart from all previous technological revolutions is the way it has spread. For the first time, its penetration into the economic fabric has come from individuals rather than businesses.
Employees have discovered ChatGPT, Gemini, and Perplexity in their daily lives. They were already using them to draft messages, summarize documents, and generate ideas long before their companies took a stance on the matter. And when they arrived at the office, they simply carried on.
Shadow AI is therefore, to a large extent, the result of a disconnect between the speed at which individuals adopt new technologies and the slowness with which organizations adapt. It’s not a matter of unwillingness. It’s a matter of pace.
Choosing the right tool: the issue of digital sovereignty
Should we prefer a European tool, Mistral for example, over an American tool like ChatGPT or Gemini? The answer, according to Nicolas Bodin, is less clear-cut than one might think.
The real question isn’t where the tool comes from. It’s: how is it designed? Does the data we entrust to it end up on the vendor’s servers? Or does it run internally, on a database we control?
What is known as a RAG (a model that operates in a closed loop, without connecting to external servers) allows users to leverage powerful tools while retaining control over their data. It is a more technical approach, but it addresses the real underlying issue much more effectively: our digital autonomy.
What is certain, however, is that a free, unconfigured ChatGPT is far riskier than a paid subscription with a confidentiality agreement. And that internal training—explaining to teams how the tool works and what they should not enter into it—remains the first line of defense.
Deepfakes, fraud, identity theft: the risks are already very real
Deepfakes are no longer the stuff of science fiction. They are already here, well-documented, widespread, and accessible to anyone.
Fake diplomas. Fake expense reports. Fake IDs. Real-time face swaps during video conferences. In Hong Kong, $25 million was transferred as a result of identity theft via video. 17% of U.S. HR managers report having encountered identity theft during a job interview.
And today there are tools specifically designed for fraud—available for $150 a month—that can automatically generate fake documents, fake identities, and all kinds of fake content.
This is not an abstract threat. It is an operational reality that companies must factor into their risk management.
Watermarks: Marking Your Content—A Requirement on the Horizon
In light of these risks, one solution is emerging as the most robust, the most secure, and soon the most heavily regulated: the watermark.
A digitalwatermark is a mark embeddedin AI-generated content that is undetectable to the naked eye but verifiable using a specialized detector. In an image, this involves imperceptibly altering certain color values. In a video, the principle is similar. In audio, it involves inaudible frequencies. In generated text, the sequence of words chosen by the model constitutes the signature.
This watermark is durable: screenshots, resizing, or compression won’t remove a good watermark. It’s secure: only those with the right detector can read it. And it’s traceable: if content is reused without permission, its source can be traced.
For businesses, there are many applications: protecting AI-generated creations, defending against the fraudulent use of their content, and proving the authenticity of work produced by their teams.
And most importantly: it will soon be mandatory. Article 50-2 of the European AI Regulation (the AI Act) mandates the labeling of content generated by artificial intelligence starting in August 2026. China already requires it. The United States is working on it at the state level. There is a global consensus on this.
Key Tips for Implementing AI in Your Business
Nicolas Bodin summarizes his recommendation in a few simple but essential principles.
- First, understand before regulating. A lawyer or executive who wants to implement an AI policy must first understand how these tools work: their strengths, their limitations, and their architecture. Only then can they take appropriate action.
- Next, draft an internal policy on the use of AI. Not to restrict, but to clarify: which tools are permitted, under what conditions, and with what precautions. This is the natural role of the in-house legal counsel.
- Finally, view AI as an opportunity for legal professionals themselves. AI relies on data, and within a company, the legal professional is the guardian of that data. This is an opportunity to reposition oneself at the heart of the process, save time on repetitive tasks, and devote more energy to high-value-added work.
AI in business: a topic that can’t wait
Behind every piece of AI-generated content lies the question of traceability, accountability, and ownership.
Ignoring these issues today means facing them tomorrow.
That is precisely the goal of LEXpérience: to provide practical, real-world insights so that the law becomes second nature rather than an unpleasant surprise.