What Is Function Creep?
Function Creep is the gradual expansion of an AI system's use beyond its original intended purpose, often without adequate governance review or fresh assessment of risks.
Function Creep — the gradual expansion of an AI system's use beyond its original intended purpose, often without adequate governance review or fresh assessment of risks.
Function creep is a recurring AI governance failure mode. A model built for one purpose (predicting creditworthiness) gets reused for a different purpose (predicting insurance risk) without a risk reassessment. Data collected for one purpose gets used to train models for unrelated purposes. The GDPR's purpose limitation principle (Article 5(1)(b)) restricts function creep for personal data. The EU AI Act's use-case classification system — under which a system's risk class depends partly on its actual use — means function creep can change an organisation's compliance obligations retroactively.
Source: GDPR, Article 5(1)(b); EU AI Act, Recital 12
Plain-language explanation
Function creep is a recurring AI governance failure mode. A model built for one purpose (predicting creditworthiness) gets reused for a different purpose (predicting insurance risk) without a risk reassessment. Data collected for one purpose gets used to train models for unrelated purposes. The GDPR's purpose limitation principle (Article 5(1)(b)) restricts function creep for personal data. The EU AI Act's use-case classification system — under which a system's risk class depends partly on its actual use — means function creep can change an organisation's compliance obligations retroactively.
See where you stand on AI governance
Take the free 7-question maturity assessment and get a personalised action plan.
Free assessment — 3 minutes →