AI Meeting Note-Takers Raise Privacy and Legal Concerns as Companies Question Data Use
At the heart of the concern is that each spoken word is turned into data that can be accessed by the vendor, by third parties, or by the AI model itself. Confidential personnel information, trade secrets, and privileged conversations could be exposed if the tool is not managed properly. Amy Dufrane, chief executive of human‑resources training provider HRCI, said the risk is so high that she does not recommend any organization use an AI notetaker.
An AI notetaker relies on speech‑recognition and large‑language‑model (LLM) technology to transcribe audio and produce a written summary. The process often creates a unique acoustic signature, or voiceprint, for each speaker. Voiceprints are biometric identifiers that can be used for identity verification—think confirming a bank account holder over the phone. If a voiceprint is captured without consent, it could be used to commit fraud.
In Illinois, the Biometric Information Privacy Act (BIPA) treats voiceprints as protected biometric data. The law requires written notice and informed consent before a company collects a voiceprint, and mandates a documented data‑retention schedule and destruction policy. According to Chris Pluymers, an associate attorney at The Dillon Law Group, most companies that deploy AI notetakers do not have such systems in place.
Legal cases illustrate the stakes. A New York federal judge in February ordered a criminal defendant to hand over documents that had been shared with the AI model Claude, developed by Anthropic. The judge’s order was based on the fact that the documents had already been provided to a third party. Justin Daniels, a corporate attorney at Baker Donelson, warned that if an AI notetaker records an attorney‑client conversation and the data is stored elsewhere, the privilege could be lost.
Meeting platforms such as Zoom and Google Meet display a recording notification, but they do not always indicate whether an AI notetaker is present. Thorin Klosowski, senior security and privacy analyst at the Electronic Frontier Foundation (EFF), said participants should ask for consent before a meeting is recorded. "If you’re unsure whether someone has deployed an AI notetaker, you can ask," Klosowski said.
Companies that sell AI notetaking services often retain recordings, transcripts or metadata for indefinite periods or use them to train their models. Danielle Kays, a partner at Fisher Phillips, cautioned that even if content is deleted, metadata can remain with the vendor and influence future model behavior.
The EFF notes that text is easier to store and search than audio or video, which raises additional privacy concerns. "Storing a bunch of video isn’t easy, it’s costly and hard to look through, but text is much easier to search and cheaper to store," Klosowski said.
Because of these risks, some organizations are choosing to disable AI notetakers for sensitive meetings or to require explicit consent and clear data‑retention policies. The debate continues as more AI tools enter the market and as state and federal privacy laws evolve.
In summary, AI notetakers can improve meeting productivity but also introduce significant privacy, security and legal challenges. Companies must understand where data is stored, how long it is kept, and whether voiceprints are captured. Without clear policies and consent mechanisms, the use of AI notetakers could expose organizations to regulatory penalties, loss of privileged communications and potential misuse of biometric data.