The shift from human note-takers to AI bots that quietly join your Zoom calls happened in about 18 months. Otter.ai's notetaker, Fireflies, Granola, Read.ai, Fathom — they all promise the same thing: dump everything said in a meeting into a searchable transcript, then run an LLM over it to extract action items. The pitch is irresistible for productivity-obsessed teams. The legal exposure is something most of those teams haven't started thinking about.
That's beginning to change. A round of consent-related class action filings in 2024 and 2025, combined with state attorneys general looking at session recording laws, has put AI note-takers into the same uncomfortable position that web session replay tools were in five years ago. If you're integrating transcription into your product — or just deploying these tools across your team — the compliance surface is wider than the marketing pages suggest.
The Consent Problem Most Tools Ignore
The core legal question is older than the technology: in jurisdictions with two-party (all-party) consent recording laws, every person on a call has to affirmatively agree to being recorded. Eleven US states — California, Florida, Illinois, Massachusetts, Maryland, Montana, Nevada, New Hampshire, Pennsylvania, Washington, and Connecticut — require this. The European Union goes further: GDPR Article 6 demands a lawful basis to process voice data, and biometric voice identifiers fall under Article 9's special category protections.
Most AI note-takers handle this by appending a one-line disclosure to the calendar invite or showing a bot named "Otter.ai Notetaker" in the participants list. Whether that constitutes valid consent under California Penal Code § 632 has not been settled by any appellate court we could find at the time of writing. Class actions filed against Otter and similar vendors argue it doesn't — particularly when external guests join a call expecting a private conversation and are passively recorded without an explicit opt-in.
For developers, the relevant detail is liability allocation. Most note-taker vendors' terms of service push consent responsibility back onto the customer. If you're building a feature that pipes Otter, Fireflies, or AssemblyAI transcripts into your own product, you inherit that obligation the moment your app initiates the recording.
Two-party consent isn't satisfied by a banner the bot displays after the recording has already started. If you're integrating transcription, the consent flow needs to gate the recording itself — not run alongside it.
Data Retention, Training, and the Lawsuit Trail
The second layer is what happens after the call ends. Three questions matter:
- Where is the audio stored, and for how long?
- Is the transcript used to train models?
- Who has access — including subprocessors?
Each vendor handles this differently, and the answers tend to live deep in DPAs rather than on the marketing page. Otter.ai's standard plan retains audio until a user deletes it; business plans offer tighter retention controls. Fireflies retains audio for the duration of the subscription by default. Granola positions itself as local-first — transcription runs on-device, with the LLM summary step happening server-side — which is a materially different posture for compliance reviews.
Training data policies are the more litigated question. The class action against Otter alleges that user audio was used to train models without sufficient disclosure. Whether that argument holds up in court is unclear, but the pattern matters: if a vendor's privacy policy reserves the right to use customer data for "service improvement," courts have shown willingness to read that narrowly when it conflicts with reasonable user expectations of confidentiality. For B2B customers, this is the question that kills deals during procurement. Enterprises don't want their pricing strategy discussions becoming training data for a competitor's model.
Then there's the subprocessor chain. A typical AI note-taker stack involves a transcription model (often Deepgram, AssemblyAI, or a fine-tuned Whisper variant), an LLM provider (OpenAI, Anthropic, or self-hosted), and cloud infrastructure (AWS, GCP). Each handoff is a separate data processing agreement. If you're integrating any of this for an EU customer, you need to know whether sub-processor consent flows are documented.
What Developers Building Transcription Features Should Audit
If you're shipping a feature that records meetings or processes voice, here's the audit list we'd run before going to production:
Consent flow. Does your UX collect affirmative consent from every participant — including external guests — before recording starts? "Joining this meeting means you consent" buried in a calendar invite is not the same thing. Build the consent prompt into the meeting join flow if you control it.
Retention defaults. Audio is a richer dataset than text. Default retention should be the shortest period that makes the product useful, with the option to extend. Don't ship "indefinite" as a default and hope nobody notices.
Training opt-out. Make it impossible — not just inconvenient — for customer audio to enter a training pipeline. If your contract with an LLM provider lacks a zero-data-retention guarantee, surface that fact in your own privacy policy. If it does have one, document it.
Subprocessor disclosure. Maintain a current sub-processor list. Update it within the timelines your enterprise customers' DPAs require (often 30 days' notice for new sub-processors).
Geographic data residency. EU customers will ask. Have a clear answer about where audio is stored and whether it crosses borders.
Deletion semantics. When a user deletes a transcript, does the underlying audio actually get deleted from your object storage? From backups? From any cached embeddings in your vector store? Soft delete is fine for some data; it's a problem for voice recordings under GDPR Article 17.
The general principle: treat meeting audio as the most sensitive category of data you handle, not the least. The product looks like a productivity tool, but the data is closer to health records or financial transactions in terms of regulatory expectation.
The pattern we've seen in 2025-2026 enterprise procurement: AI note-taker integrations get flagged in vendor security reviews more often than any other AI feature. If you're selling into companies above 500 employees, expect detailed questions about transcription handling in your SOC 2 or ISO 27001 evidence.
The Practical Stance
The legal risk around AI note-takers isn't existential. These products will keep shipping, and most enterprises will keep using them. But the era of plugging Otter into every meeting and hoping the legal team doesn't notice is closing. Developers integrating transcription features should treat consent and retention as first-class product surfaces, not afterthoughts buried in settings.
The vendors that survive the next two years of class actions and AG investigations will be the ones that make consent enforceable and retention bounded by default. If you're building in this space, build for that future now.
Top comments (0)