Being careful with Artificial Intelligence (AI): why it matters and how to stay careful

Being vigilant about AI requires insight into risks, knowledge of regulations, the ability to recognise manipulation, and the discipline to protect sensitive data.

For those living in Europe, the European AI Act provides a concrete framework to help organisations and individuals use AI responsibly. Those who wish to be vigilant must not only understand the technology, but also know the legal and ethical boundaries within which it is applied. For a comprehensive explanation of what the AI Act entails and what it means for your organisation, I refer you to my other blog: The EU AI Act: what you need to know and what you need to do.

In this blog, we focus exclusively on ‘being vigilant (careful) with AI’. The term AI refers to all applications of artificial intelligence, including generative AI. Further details can be found below. Do you have questions? Feel free to contact me.

Understand what AI can actually do

It begins with understanding the risk spectrum. Ardion (2025) distinguishes five main categories of AI risk: privacy violations, biased decision-making, job displacement, misuse for harmful purposes, and lack of transparency. These are not future scenarios. They are the reality of today.

Privacy violations occur, for example, when an AI chatbot inadvertently stores confidential customer data and reuses it in other contexts, or when facial recognition software identifies people in public spaces without their knowledge. Biased decision-making is evident in AI systems that assess job applicants based on historical hiring data, causing women or people with a migration background to consistently receive lower scores. Not because they are less qualified, but because the system has learned from an already unequal past. Job displacement manifests not only in factories where robots take over physical tasks, but also in office environments where AI tools summarise legal documents, handle customer service, or generate financial reports. These were tasks that previously required multiple employees. Misuse for harmful purposes means, in practice, that malicious actors use AI to write personalised phishing emails on a large scale, generate fake invoices, or create convincing deepfake audio recordings of CEOs to authorise payment instructions. And lack of transparency is evident in organisations that follow AI recommendations in credit decisions or insurance premiums, without being able to determine on what basis the system reached its conclusion. Neither the organisation itself nor its customers can find out.

What personally concerns me most is that AI risks do not depend on a system being conscious. Krueger and Barten (2023) of the Existential Risk Observatory state clearly: even simple optimisation algorithms can produce unintended, destructive side effects. A concrete example is an AI system programmed to maximise click behaviour on a platform. The system has no intention, no awareness, and no malicious intent, yet it quickly learns that outrage-inducing or polarising content generates more clicks. As a result, it systematically displays such content more frequently. Not because it wants to, but because its objective drives it in that direction. A system does not need to be “intelligent” to be harmful. It only needs to be capable enough to achieve its goal, without timely human oversight to intervene.

Human oversight of AI is therefore not optional. It is an absolute requirement! Without structural human intervention in the decision-making chain of AI systems, errors, biases, and unintended consequences can multiply unchecked, causing real harm to individuals, organisations, and societies. The Future of Life Institute AI Safety Index (2025) confirms this: organisations that deploy AI systems without demonstrable oversight mechanisms face not only operational risks, but also increasing legal and reputational risks (PDF report).

I am personally deeply concerned by the fact that AI is increasingly being used not merely as a supporting tool, but as an autonomous decision-maker in contexts where the consequences are irreversible. The most alarming example of this is the use of autonomous weapons systems: military drones that independently identify and neutralise targets through AI algorithms, without direct human approval for each action. These are systems that make life-or-death decisions based on patterns in data, faster than any human oversight can respond. The question of who is responsible when such a system makes an error remains largely unanswered within current legal and ethical frameworks. This is, however, a subject for a separate, in-depth analysis, which I will address extensively in a future blog.

AI Safety Index (2025)

Let us examine what the AI Safety Index (2025) indicates in greater detail. The Future of Life Institute AI Safety Index (2025) concludes that AI companies must be able to demonstrate how they detect and control misaligned systems, and that human oversight must be embedded in every phase of the AI lifecycle (PDF report). This applies not only to technology companies. It applies to every organisation that uses AI tools for decision-making, selection, or communication. Vigilance begins with asking a simple question: who is providing oversight here, and based on what criteria?

What makes this even more pressing is that the International AI Safety Report (2026) indicates that general-purpose AI systems already exhibit capabilities that significantly increase the risks to societies and organisations (PDF report and summary for policymakers). This report calls for structured risk management at all levels, from the individual to the institutional. Reading the report makes one thing clear: doing nothing is no longer an option.

One dimension that is often underestimated in many current reports and studies is how AI systems handle the information they index. Generative AI systems do not automatically search the entire internet with each query. They operate using a pre-assembled index that is updated regularly, but never in real time. This means that recent developments, new publications, or amended legislation may simply not be available in the output you receive. Being vigilant about AI therefore also means understanding what the system cannot see. For a more detailed analysis of how indexing affects the reliability of AI, I refer you to my other blog: Indexing in (Gen)AI: reliability, reproducibility, and why it may affect your organisation.

European regulations provide guidance, if you use them

Fortunately, frameworks do exist. Within Europe, for example, legislation governing the use of AI has been substantially tightened. Since February 2025, certain AI systems that pose an unacceptable risk have been formally prohibited in the EU, including emotion recognition in the workplace and social scoring (ABU, 2025). This may seem self-evident, but many organisations have not yet examined which of their systems fall under these prohibitions. Under the EU AI Act, all AI systems must be classified by risk level: prohibited, high-risk, or low-risk. This is not a paper exercise. It forms the foundation for the responsible use of AI.

The time pressure is real. Organisations established in Europe must complete their conformity assessments and register high-risk systems in the EU database before 2 August 2026. Failure to do so risks administrative, civil, and criminal consequences. Fortunately, the Dutch National Government (2025) has published a practical AI Act Guide for businesses and public organisations, with mandatory steps per risk category (Click here for PDF report). It is a document that should be on every policy agenda. Furthermore, on 19 November 2025, the European Commission (2025) proposed amendments to the AI Act through the Digital Simplification Package, aimed at further clarifying obligations. In short: the regulations are evolving, and those who fail to keep pace will fall behind.

Falling behind also has a societal dimension. FrankWatching (2025) reports that people in the Netherlands still distrust AI and that there is a growing call for more regulation. The Social and Economic Council of the Netherlands (SER, 2025) reinforces this with an explicit call: “We must remain vigilant,” and points out that the use of AI in the processing of expense claims is already deeply embedded in organisations, often without employees being aware of it (PDF SER report on AI and work). Vigilance is therefore also an internal governance responsibility: ensure that employees know which AI tools are being used and on what basis they make decisions.

How can you be vigilant about AI

One of the most tangible dangers of a lack of AI vigilance is the rise of deepfakes and AI-generated disinformation. Kaspersky (2020) advises that when evaluating deepfake videos, one should look for irregular blinking, inconsistent lighting, and facial expressions that do not match the emotional context of a conversation. Digiwijzer (2025) adds to this: glassy eyes, unnatural teeth, and a robotic-sounding voice are recognisable signals that you can learn to detect, if you know what to look for. FOAI Netherlands (2024) emphasises the importance of consulting multiple sources before forming a judgement about images or videos that go viral, and IsDatEchtZo (2025) provides practical tips for identifying AI-generated images through unrealistic skin textures, distorted hands, and inconsistent backgrounds.

What this means in practice is that from now on, every video, every audio recording, and every photograph you encounter online should prompt the question: is this real? Imagine you see a video of a well-known politician making a controversial statement. The video looks convincing, but on closer inspection, the person barely blinks and the lips move just slightly too rigidly with the words. These are signals that the video may have been created or manipulated using AI. Or consider an audio message from your “bank” asking you to urgently confirm your PIN. The voice sounds familiar, but has been entirely generated by AI based on previously recorded material. In practice, this means: do not share a video or image before you have verified its source, look up the original material via a reliable news website, and never rely on a single channel or platform as the sole evidence. Vigilance here is not paranoia. It is simply a new basic skill for the digital age.

Many ethical hackers are also warning that AI is becoming increasingly accessible to cybercriminals, who use it to create deepfake relationship profiles and misleading news articles, or even to use AI to hack computers. McAfee (2025) confirms this: cybercriminals use AI to generate credible fake profiles at scale on dating platforms and social media, complete with consistent photographs, personality descriptions, and conversation scripts, all generated by AI. In addition, AI tools are being used to automatically produce news articles that appear journalistic but are entirely fabricated, with the aim of influencing opinions or spreading panic. Most concerning is the rise of AI-driven cyberattacks: systems that autonomously identify vulnerabilities in networks, breach them, and adapt to security measures, faster than traditional antivirus software can respond. An ethical hacker compares this to a burglar who not only picks your lock, but immediately learns how to bypass the new one the moment you replace it.

Practical tips for AI use, for employees of a company or organisation

If you are an employee of a company or organisation, always ensure you know which AI tools have been officially approved by your organisation and use exclusively those tools for work-related tasks. Never enter customer data, personnel information, financial figures, names, addresses, social security numbers, or any other confidential company information into a public AI tool such as a free version of ChatGPT or any other non-approved service, because you do not know how that data is being stored or used. Always anonymise documents using the Find and Replace function (Ctrl+H) in Word or Excel before uploading them, and after use, always clear the conversation history in AI tools that you have used for work-related tasks, so that sensitive information is not inadvertently stored or reused in future sessions. Bear in mind, however: even if you delete information from a (Gen)AI tool, this does not mean it has been permanently erased. Data is often still stored in the cloud, for example for AI training purposes. Remaining anonymous when dealing with highly sensitive information therefore always remains important.

For every AI-generated response, always verify the original source: look up the cited article, report, or news item directly via Google Scholar, the journal’s website, or a reliable news platform, and never rely on a reference obtained solely through AI without verifying it independently. For important or urgent decisions, contact the author or expert directly if necessary before using that information. This directly aligns with the Evaluate step of the RED Model (https://www.disruptiveleadership.institute/red_model/): assess whether the source is reliable, whether the argument is logically structured, and whether there are contradictory data that nuance the picture.

For every piece of information that (Gen)AI produces, ask yourself three questions that align with the Recognise step of the RED Model: where does this come from (identify underlying assumptions), who has an interest in me believing this (identify possible bias), and can I verify this through an independent source (test its validity)? Then apply Bloom’s Taxonomy (https://www.cmu.edu/teaching/designteach/design/bloomsTaxonomy.html) by not stopping at simply remembering or understanding what AI tells you, but by actively analysing, evaluating, and where appropriate drawing better conclusions than the AI system provides. This requires you to engage your own judgement and expertise. Always verify the output manually, or where necessary, have it confirmed by an experienced colleague or a subject-matter expert.

In short: always draw only conclusions that are directly supported by the available evidence and be prepared to revise your position as soon as new evidence justifies doing so.

Always report to your manager or IT department if you have doubts about an AI-generated message, a suspicious email, or an unusual system notification, because reporting early prevents serious damage.

Also remember that as an employee, you carry your own responsibility: AI makes decisions about you, your customers, and your organisation, and you are the first line of defence capable of signalling when something is not right. Organisations that apply the RED Model broadly demonstrably achieve better decisions, stronger innovation, and more effective risk management, because teams learn to reason on the basis of logic rather than hierarchy or intuition alone. Vigilance is not a task for specialists only. It is a basic skill for every professional who works with AI.

The above also applies at the organisational level. Pluralsight (2023) states that critical thinking in the AI age requires that you always question the source, identify the motive, and distinguish between primary and secondary sources, including verifying whether scientific papers cited by AI actually exist. An article in PMC (2024) demonstrates that information literacy is directly linked to the ability to recognise AI-generated disinformation: AI systems are more proficient at manipulation tactics than humans.

Furthermore, the quality of what AI presents to you also depends on what the system has learned. (Gen)AI models are trained on enormous quantities of data derived from the public internet, and that internet does not contain exclusively reliable, expert-verified information (Bender et al., 2021). For more information, see my other blog: Indexing in (Gen)AI: reliability, reproducibility, and why it may affect your organisation.

Protect sensitive data: anonymise it before using it in (Gen)AI

Vigilance about AI is not only about what you receive. It is also about what you enter. When working with sensitive information, it is of great importance to exercise care and caution when using (Gen)AI systems. Always ensure that privacy and data protection requirements are observed, and that you are fully certain that the (Gen)AI system does not use the data you enter for further training or other purposes. To avoid risks, in many cases it is best not to enter private or confidential data at all, unless you fully trust the system and the necessary security measures are in place.

When the use of data is nonetheless necessary, anonymisation offers a solution. (Gen)AI systems frequently process large quantities of personal data, and anonymisation ensures that AI systems can learn from data without violating the privacy of individuals. A first technique for anonymising data is masking: real data is replaced by fictitious data that appears realistic, for example by changing “Emma” to “Lisa” or replacing a real address with a fictional location. Another method is k-anonymity, whereby each combination of data in the dataset appears for a minimum number of individuals, making it impossible to determine which information belongs to which person. There is also differential privacy, in which small random variations are added to the data so that an individual can no longer be precisely identified, while the AI system can still learn general patterns.

You can also generalise data by making specific information more general: an exact age of 17, for instance, becomes “15 to 20 years,” and a street name becomes “Amsterdam North.”

Then there is pseudonymisation: replace real names with codes or pseudonyms, for example “Emma Jansen” becomes “User123,” whereby identification is only possible using a separate key that is stored securely.

Substitution goes a step further by replacing real data with other plausible but incorrect data, such as fictitious telephone numbers or addresses. Finally, there is shuffling: by changing the order of data or interleaving questions with different content, the structural relationship between information and individual becomes virtually untraceable.

By combining several of these techniques, the protection of sensitive information is substantially strengthened, even when datasets are shared with or analysed by external systems. A practical tip: in Word or Excel, use the Find and Replace function (Ctrl+H) to quickly and systematically replace names, addresses, or other personal data with neutral labels such as [Name] or [Department] before uploading a document to a (Gen)AI tool.

Finally, it is advisable to actively delete information from (Gen)AI systems when you no longer need it. Please note: (Gen)AI systems may remember or reuse information from previous interactions. If a file or report contains a large amount of privacy-sensitive information, it is preferable not to share or upload it via (Gen)AI. Only do so once clear and reliable agreements have been made with suppliers regarding an internal (Gen)AI programme, particularly when AI is being used within the company or organisation where you work.

Make vigilance structural, not incidental

Vigilance is not a one-time action. It is a mindset that must be embedded in processes, culture, and strategy.

It is therefore essential that everyone working within an organisation or company is offered structured and regular workshops on the safe and ethical use of AI. This means not merely a one-time introductory session, but ongoing training that teaches employees how to use AI tools responsibly, protect sensitive data, recognise deepfakes, and critically assess AI-generated information. Without this foundational knowledge, every employee remains a potential security risk, regardless of how robust the technical infrastructure may be.

At the organisational level, the CISO framework from Heights Consulting Group (2026) can serve as a strategic tool for establishing a secure AI environment. This framework contains ten key practices that together form a robust security policy. More information is available in the full article: https://heightscg.com/2026/01/12/ai-security-best-practices

Radware (2025) also emphasises the importance of continuous AI risk assessment: organisations must have a multi-layered incident response plan in place and should configure automated alerts for when the behaviour of AI systems falls outside expected parameters. I will publish another blog within the coming weeks on this topic and more, covering how AI can best be implemented by organisations and what key considerations apply.

Concluding, being vigilant about AI does not mean you should distrust or avoid it. It means using it with open eyes, conscious of the risks, with sensitivity to its boundaries, and with structures in place that can absorb misuse and errors. The technology does not stand still, but you have a choice: you can engage with it actively and deliberately, or be swept along by it without noticing. Choose the first option and make AI a tool that strengthens both you and your organisation.

Below is a practical infographic that summarises everything. Click on it to enlarge the image. Sharing this image is permitted, provided the source is credited: www.maryayaqin.com

Want to know more?

Do you have questions or do you need support with the implementation of (Gen)AI, including the delivery of GenAI workshops? Click here or contact me.

References

• ABU. (2025, 19 januari). Per 1 februari 2025: Verbod op AI-systemen met onaanvaardbaar risico. https://www.abu.nl/kennisbank/bedrijfsprocessen-en-ict/per-1-februari-2025-verbod-op-ai-systemen-met-onaanvaardbaar-risico/
• AI Governance Library. (2025, 21 september). AI Act guide – Version 1.1 (September 2025). https://www.aigl.blog/ai-act-guide-version-1-1-september-2025/
• Ardion. (2025). Wat zijn de risico’s van AI? Compleet risicokader. https://ardion.io/nl/blog/risicos-van-ai/
• Bender, E. M., Gebru, T., McMillan-Major, A., & Shmitchell, S. (2021). On the dangers of stochastic parrots: Can language models be too big? In Proceedings of the 2021 ACM Conference on Fairness, Accountability, and Transparency (FAccT). ACM. https://dl.acm.org/doi/10.1145/3442188.3445922
• Digiwijzer. (2025, 31 maart). How to spot fakes: deepfakes, AI-generated images, and manipulated content. https://digiwijzer.nl/ai-nep-herkennen/
• European Commission. (2025, 18 november). European approach to artificial intelligence. https://digital-strategy.ec.europa.eu/en/policies/european-approach-artificial-intelligence
• FOAI Netherlands. (2024, 12 juni). 5 tips for recognising deepfakes. https://www.foanederland.com/deepfakes-herkennen/
• Forbes. (2025, 20 november). Close out 2025 with critical AI skills you may be overlooking. https://www.forbes.com/sites/sap/2025/11/20/close-out-2025-with-critical-ai-skills-you-may-be-overlooking/
• FrankWatching. (2025, 2 juni). Dutch people still distrust AI: Time for more regulation. https://www.frankwatching.com/archive/2025/06/03/nederlanders-wantrouwen-ai-onderzoek/
• Future of Life Institute. (2025). 2025 AI Safety Index [PDF]. https://futureoflife.org/wp-content/uploads/2025/07/FLI-AI-Safety-Index-Report-Summer-2025.pdf
• Heights Consulting Group. (2026, 11 januari). Top 10 AI security best practices for 2026: A CISO’s guide. https://heightscg.com/2026/01/12/ai-security-best-practices/
• HP LIFE. (n.d.). Critical thinking in the AI era. https://www.life-global.org/news/critical-thinking-in-the-ai-era
• International AI Safety Report. (2026, 2 februari). International AI Safety Report 2026 [PDF]. https://internationalaisafetyreport.org/sites/default/files/2026-02/international-ai-safety-report-2026.pdf
• International AI Safety Report. (2026, 2 februari). Extended summary for policymakers [PDF]. https://internationalaisafetyreport.org/sites/default/files/2026-02/ai-safety-report-2026-extended-summary-for-policymakers.pdf
• IsDatEchtZo. (2025, 15 juni). Can you recognise AI-generated images online? These tips will keep you alert. https://www.isdatechtzo.nl/wat-is-nepnieuws/ai-en-desinformatie/herken-jij-ai-beelden-op-internet-met-deze-tips-blijf-je-alert/
• Kaspersky. (2020, 6 mei). What are deepfakes and how can you protect yourself? https://www.kaspersky.nl/resource-center/threats/protect-yourself-from-deep-fake
• Krueger, D. S., & Barten, O. (2023, 11 januari). AI development is risky, with or without awareness. Existential Risk Observatory. https://www.existentialriskobservatory.org/nl/kunstmatige-intelligentie/ai-ontwikkeling-is-riskant-met-of-zonder-bewustzijn/
• Legal Nodes. (2026, 12 februari). EU AI Act 2026 updates: Compliance requirements and business risks. https://www.legalnodes.com/article/eu-ai-act-2026-updates-compliance-requirements-and-business-risks
• McAfee. (2025, 31 juli). AI in the hands of cybercriminals: How to recognise fake art and deepfakes. https://www.mcafee.com/blogs/nl/tips-tricks/ai-in-de-handen-van-cybercriminelen-hoe-u-nepkunst-en-deepfakes-kunt-herkennen/
• PMC. (2024, 14 oktober). The dual nature of AI in information dissemination: Ethical implications. https://pmc.ncbi.nlm.nih.gov/articles/PMC11522648/
• Pluralsight. (2023, 31 augustus). Critical thinking and AI: How to tell what’s fake and what’s not. https://www.pluralsight.com/resources/blog/ai-and-data/critical-thinking-ai-misinformation
• Pont Media. (2025, 25 november). A strategic approach to managing AI risks. https://pont.media/nieuws/1087100/een-strategische-aanpak-voor-het-beheren-van-ai-risicos/
• Quest. (2025, 24 november). How do forensic investigators unmask deepfakes? https://www.quest.nl/tech/technologie/a69529243/ontmaskeren-forensische-onderzoekers-deepfakes-echt-nep/
• Radware. (2025, 16 december). AI security in 2026: Threats, core principles and defenses. https://www.radware.com/cyberpedia/ai-security/
• Rijksoverheid. (2025). AI Act guide [PDF]. https://www.government.nl/binaries/government/documenten/publications/2025/09/04/ai-act-guide/ai-act-guide.pdf
• SER. (2025, 9 juni). We must remain vigilant. https://www.ser.nl/nl/actueel/zicht/op/art-waakzaam-blijven
• SER. (2025). AI and work [PDF]. https://www.ser.nl/-/media/ser/downloads/adviezen/2025/ai-en-werk.pdf
• Zaharia, M., & Liu, N. (2025, 19 april). Leveraging AI biases to enhance critical thinking of news readers [PDF]. arXiv. https://arxiv.org/pdf/2504.14522