Debbie Coyne, Partner in Employment Law at Slater Heelis Solicitors, unpacks how AI is quietly reshaping the agency workforce, why many employers are sleepwalking into compliance issues, and what businesses need to get right before people, data and trust are put at risk.
AI isn’t coming for the workplace. It’s already here, and for agencies across marketing, tech, digital, creative and PR, it’s quietly reshaping how teams are structured, how work is done and what employers are legally responsible for.
READ MORE: AI, authenticity and the power of people: Lessons from a day with the North’s creative leaders
From content generation and analytics to automation and internal workflows, AI is now embedded in day-to-day agency life. But while the tools are moving fast, many businesses haven’t yet caught up with the people and legal implications.
That gap is where risk starts to creep in.
Workforce change is happening – whether it’s labelled AI or not
Recent moves by major employers underline a growing reality. Amazon has cut around 30,000 corporate and administrative roles in recent years. While AI hasn’t always been cited as the headline reason, internal statements have made it clear that generative AI and automation are expected to reduce corporate workforce needs over time.
This isn’t just a big tech issue. For agencies and digital businesses, AI is increasingly replacing or reshaping support, admin and analytical tasks. Roles are being merged. Responsibilities are shifting. Headcount decisions are being quietly re-evaluated.
From an employment law perspective, it doesn’t matter whether this is framed as ‘efficiency’, ‘restructuring’ or ‘process’ improvement. If AI is materially changing someone’s role, employers may be triggering consultation obligations, redundancy risks or contractual issues, often without realising it.
Poor communication around these changes is one of the biggest problems I see. When decisions appear opaque or pre-determined, trust erodes quickly and legal exposure increases just as fast.
The data protection and confidentiality risk agencies underestimate
One of the most immediate risks with AI is data protection and agencies are particularly exposed.
Under UK GDPR and the Data Protection Act 2018, employers remain responsible for how personal and confidential data is handled, even when AI tools are involved. Yet many employees are using public AI platforms without fully understanding what happens to the information they input.
For marketing and PR teams, that might include:
- Client data
- Campaign strategies
- Commercially sensitive information
- Personal data relating to individuals
Once that information is fed into a public AI tool, control is often lost.
This is why privacy notices, training, internal guidance and AI policies urgently need updating. Employees must understand what they can and cannot input into AI systems. Employers must ensure that any AI tools they approve comply with core GDPR principles like transparency, data minimisation and appropriate retention.
It’s also increasingly important to strengthen confidentiality clauses and policies so there is no ambiguity around disclosure to external or public AI platforms.
AI misuse can create liability for employers
In reality, misuse of AI tools often becomes a disciplinary issue. AI can produce inaccurate, misleading or biased output and if employees rely on those outputs without checking them and they’re used in client work, internal decisions or public-facing content, the employer carries the liability.
That’s why clear policies matter. Employers should be setting out:
- Which AI tools are approved
- What they can be used for
- Where personal or client data is off-limits
- How personal use of AI is treated
Crucially, employers remain accountable for decisions made with AI support. That means employees must be required to review, fact-check and apply professional judgment before relying on AI-generated content.
Training is key here, not just on how to use AI, but on when not to use it, how to spot bias and when human oversight is essential.
The human impact can’t be ignored
AI doesn’t just change processes, it changes jobs.
Where AI automates tasks or significantly alters responsibilities, employers may need to consider redundancy, redeployment or reskilling. Even gradual change can carry legal consequences if it fundamentally alters a role.
There are also growing concerns around discrimination. If AI tools influence recruitment, performance management or decision-making, employers must be alert to the risk of bias, particularly where protected characteristics may be affected.
Equality impact assessments are becoming an important tool in managing this risk, helping employers identify unintended consequences before they turn into formal complaints or claims.
The bottom line
AI offers agencies huge opportunities but employment law hasn’t disappeared in the process.
The businesses that get this right will be the ones that treat AI as both a commercial and a people issue. That means clear policies, proper training, transparent communication and early legal input when roles or structures start to change.
Because when AI goes wrong at work, it’s rarely the technology that ends up in front of a tribunal, it’s the employer.
