Red Flag

This practice risks indirect discrimination, particularly on the grounds of sex, disability, or age. For example, women who have taken maternity leave, people recovering from illness, or older workers with career breaks could all be disproportionately excluded. Under the Equality Act 2010, ostensibly neutral criteria can be discriminatory if they disproportionately impact a protected group and cannot be justified as a proportionate means of achieving a legitimate aim. Unless the employer can demonstrate both necessity and minimal discriminatory impact, this is a likely tribunal risk.

Red Flag

This is risky, not because of the tool itself, but because of the potential for breach of confidentiality and data protection rules. If personal performance data, disciplinary history, or health-related content is fed into ChatGPT (a public, non-UK-hosted model), it may breach UK GDPR and Article 5’s data minimisation and security principles. Even if no data breach occurs, it raises ethical concerns about transparency and undermines the integrity of performance management. Safe usage would require anonymisation, internal-only tools, and clear policy guidance.

Red Flag

This is a clear breach of confidentiality and potentially a personal data breach under UK GDPR. Grievance documents often include names, accusations, health details, or protected characteristics - all of which qualify as special category data. This scenario could trigger legal claims, reputational fallout, and mandatory ICO reporting, depending on severity.

Green Flag

This approach aligns with GDPR Article 22, which restricts solely automated decision-making. By inviting candidates to contest and review outcomes, the employer introduces a human-in-the-loop safeguard. However, the system must still be explainable, fair, and free from bias. Employers must also update their privacy notices and carry out a Data Protection Impact Assessment (DPIA) before deploying such a tool. Provided those legal safeguards are in place, this can be a compliant and transparent use of AI.

Red Flag

Using subjective markers like tone or style - especially without transparency - creates a high risk of indirect discrimination and bias. For example, neurodivergent applicants or those with English as a second language may be unfairly penalised. Unless the employer can demonstrate that such traits are directly relevant to the role and that the tool is bias-tested and auditable, this use of AI is unlikely to be defensible under the Equality Act 2010 or GDPR fairness principles.

Green Flag

This is a low-risk, productivity-enhancing use of AI, provided no personal, confidential, or commercially sensitive information is input. The key legal safeguard is ensuring compliance with IP ownership (if relevant) and that employees verify and edit the output.

Green Flag

This is good practice and aligns with accountability principles under GDPR and fairness obligations under employment law. It reinforces the idea that AI is an assistive, not autonomous, tool. It also helps guard against both accuracy errors and unlawful automated decision-making.

Green Flag

This type of honesty clause is enforceable and provides leverage if misrepresentations come to light during probation. It also sets expectations early, without banning AI entirely. However, clarity is needed: the clause should focus on truthfulness of content rather than authorship style alone, and allow for reasonable assistance (e.g. spellcheck or rephrasing).