ASAP
AI Transcription and Note-Taking Technologies: Seven Points for Employers to Consider
At a Glance
- AI note-taking tools can boost productivity and engagement by letting employees focus on meetings while automatically generating summaries, action items, and searchable records to support follow-up and knowledge management.
- However, these tools introduce significant legal and operational risks, including potential violations of privacy and wiretap laws, exposure of confidential or privileged information, employment discrimination concerns, compliance challenges under new AI regulations, and increased discovery costs from detailed transcripts.
- Employers are advised to thoroughly vet AI note-taking tools, configure them to help minimize risks (e.g., limit use by jurisdiction, disable high-risk features, set up consent notices, and enforce strict data controls), and establish clear policies on their use, consent, security, access, disclosure, employee accountability, and the role of AI-generated records in HR or business decisions.
Whether employers like it or not, artificial intelligence (AI) note-taking technologies have entered the workplace. In a 2025 survey of 1,000 professionals, one in five respondents stated they frequently used AI to draft notes during meetings.1 AI technologies not only transcribe meetings but can also provide outlined notes, attribute comments to individual speakers, draft summaries, and assign to-do steps to participants. In addition, agentic versions of AI note-taking technologies can pull information from other sources to assist meeting participants in accomplishing their to-do steps.
For employers, these technologies offer substantial benefits. Freed from the distractions of taking notes, employees can be more present, engaged, and responsive during meetings. Afterward, AI note-takers can streamline the preparation of summaries, action items, and follow-up communications, which increases efficiency and reduces administrative burden. At the same time, however, these technologies introduce legal and operational risks. They may implicate federal and state privacy laws, expose confidential and privileged information, create disparate impacts affecting individuals in protected categories, generate inaccurate or misleading records, and produce voluminous documents that make the discovery process even more expensive for employers. Given these risks, it is unsurprising that litigation has emerged in this space. Most notably, In re Otter.AI Privacy Litigation, 5:25-cv-6911 (N.D. Cal. filed Aug. 15, 2025), is a consolidated putative class action alleging that Otter AI unlawfully records private conversations through its widely used AI transcription tool and, without notice to or consent by participants, uses the resulting transcripts to train its technology.
Notwithstanding the risks, many employers may not have much choice, in practice, about whether to adopt AI note-takers. In many workplaces, employees already use them, making outright bans ineffective and difficult to enforce. As a result, the most reasonable option may be to provide vetted AI note-takers that the organization selects, configures, and controls. Below, we discuss seven key considerations for employers seeking to take advantage of AI note-taking technologies while mitigating legal and operational exposure.
1. Consent for recording
Wiretap laws present the greatest risk for U.S. employers when using AI note-taking technologies. The Wiretap Act at the federal level and laws in every state prohibit “intercepting” electronic, wire, or oral communications without consent. Although there is little case law so far on whether note-taking and summarization tools require consent under wiretap laws, given courts’ broad interpretations of “interception” in wiretap cases, it seems possible that courts will find that at least some of these technologies require consent. Moreover, wiretap laws are high-risk. The Wiretap Act permits plaintiffs to recover the greater of $10,000 or $100 per day of violation, in statutory damages.2 Some state laws, like California’s, also allow recovery of statutory damages.3
In most states, consent is established if one participant in the conversation initiates the recording technology. The federal wiretap law and the majority of state wiretap laws require the consent of only one party to permit interception of a conversation. However, about a dozen states require the consent of all parties.4 Even in the states that require the consent of only one party, the consenting party must be a participant, which means that an outsider cannot record the conversation without the consent of at least one participant.
Employers should evaluate the technology in light of wiretap laws and, if needed, implement a belt and suspenders approach to obtaining consent. This might include configuring the technology to obtain consent automatically, training employees to notify participants before recording, and having employees sign consent forms.
2. Biometrics
AI note-takers, especially technologies that attribute comments to each speaker, may collect biometric data. By measuring the individual features of a meeting participant’s voice to recognize that voice throughout the conversation, these technologies may generate and store biometric information, as defined by the state law at issue. In the employment context, Colorado, Illinois, and Texas require consent prior to collecting biometric information and impose restrictions on the retention and disclosure of that information. In addition, California, Colorado, and Illinois require companies that handle biometric data to post notices about their collection of this data. Illinois’ Biometric Information Privacy Act (BIPA) is particularly high risk. Plaintiffs can recover up to $5,000 in statutory damages for violating BIPA’s consent, biometric policy, or other requirements.5 Over all, about a third of states require safeguards for biometric data and almost half require data breach notifications to affected individuals if a company’s data is breached. If technology gathers biometric data, the company should weigh risks versus benefits in considering whether to turn off that functionality or comply with any applicable biometrics laws.
3. Accuracy
Although AI note-takers may be more accurate than the average employee struggling to take notes while participating in the discussion, they can be flawed. The tool may misunderstand industry-specific terms and acronyms, struggle with accents, and miss high- or low-pitched voices. Companies should vet these tools for accuracy, especially in the context of their own workplaces. In addition, just as employees should review their own notes before relying on them to make business decisions, an employee who uses an AI note-taker should review the records created by that tool and correct them if necessary before using the records as a basis for such decisions. Employers should emphasize the general principle that AI is simply a workplace tool: employees are always ultimately responsible for their own work, regardless of whether they use AI note-takers to assist them.
4. Discrimination, Disparate Impact, and AI-Specific Laws
The use of AI note-taking, transcription, or summarization tools in connection with employment decisions presents distinct discrimination and disparate-impact risks. If employers rely on AI-generated transcripts or summaries to evaluate performance, assess candidate interviews, or inform disciplinary decisions, any systemic inaccuracies—such as consistent misunderstandings of individuals with accents, speech impediments, or other protected characteristics—could disproportionately disadvantage certain groups.
Employers also should consider reasonable accommodation obligations under the Americans with Disabilities Act and analogous state laws, as the use of AI note-takers may require certain modifications for individuals with disabilities. For example, speech-recognition tools may inaccurately transcribe certain speech patterns or communication styles associated with a disability. In other instances, an employee may object to the recording or transcription of meetings due to a disability-related concern, requiring the employer to evaluate alternative arrangements. At the same time, however, in some circumstances providing access to note-taking or transcription technology may itself constitute a reasonable accommodation for an employee with a disability. As with other workplace technologies, employers should be prepared to engage in the interactive process where appropriate.
Integrating these tools into hiring or personnel decision-making may also trigger emerging AI-specific regulation, including notice, audit, and bias assessment requirements in jurisdictions such as New York City, Illinois, and California. While applicability of these laws will depend on how the technology is deployed, employers should recognize that what begins as a productivity tool can become subject to current or emerging regulations. Careful evaluation of use cases, documentation practices, and compliance obligations is essential when incorporating AI note-takers into employment decision-making processes.
5. Attorney-Client Privilege
The use of AI note-taking tools in meetings involving legal counsel raises significant concerns about possible waiver of attorney-client and work product privileges. If an AI assistant records or transcribes privileged communications and transmits them to a third-party vendor, courts may scrutinize whether the disclosure constitutes a waiver, particularly if the vendor’s data practices are unclear or the tool is not subject to confidentiality safeguards. Even where privilege is ultimately preserved, the creation of verbatim transcripts may expand the volume of discoverable material and increase the risk of inadvertent disclosure. Employers should evaluate whether AI note-takers are appropriate for privileged meetings, ensure that vendors contractually commit to strict confidentiality and data segregation, and consider disabling recording features or limiting use altogether during discussions involving legal advice.
6. Retention and Purging
Consider that the average hour-long meeting produces about 16 single-spaced pages of transcripts. Multiply this by hundreds or even thousands of meetings per week, and the volume of records that AI note-takers might generate becomes staggering. Retaining these records indefinitely could create extremely burdensome discovery obligations in the event of litigation. Also, in jurisdictions that provide a right of access to personal data or broadly defined personnel files, sorting through this unstructured data would be time-consuming and expensive.
Accordingly, employers should consider imposing a short retention period for these records. In some cases, the technology can be configured to delete them automatically when the retention period expires. Employees might still have the option to save certain AI note-taking records longer in accordance with the storage rules and retention schedule for related records. For many companies, setting a rule to delete the records after a short retention period may be the best default solution.
7. Confidentiality and Data Security
Note-taking technologies may capture a broad range of confidential business information, from discussions about employee discipline to customer information to trade secrets. Employers should assess how to manage this potential trove of confidential records. One strategy is to prohibit the use of AI note-takers in certain classes of meetings. These might include, for example, attorney-client privileged meetings, conversations among senior executives, and discussions about protected health information in employee health plans.
Many other meetings, of course, could also involve information that the company wishes to keep confidential, if only because participants discuss confidential topics incidentally or the meeting changes course. To reduce the risk of unauthorized access to such information, companies should consider carefully how to apply default rules to storage of, and access to, these notes.
Relatedly, it can be important for companies to vet the AI note-taking product for data security and for the control the vendor offers the company over the data collected and generated by the product. Key considerations are: data security measures; which party “owns” the records; what happens to the data at the end of the engagement; the extent to which the employer can configure notices, access restrictions, and deletion; and whether the vendor is permitted to use the data to train AI.
Takeaways
In light of the considerations described above, employers should consider these steps when adopting AI note-takers:
- Vetting the AI note-taking vendor for data security and the configuration options available to control both the technology and the data captured by the technology;
- Configuring the AI note-taker to reduce risks, which may include limiting the use of the AI note-taker in certain jurisdictions, turning off features such as voice recognition, setting pop-ups for notices, implementing data security measures, and setting storage and access controls; and
- Implementing policies regarding when and where AI note-takers are permitted, consent, security, access, disclosure, employees’ responsibility for their work product, and use of AI note-taking records for HR and business decisions.
