AI Meeting Notetakers in Legal Practice: What Lawyers Need to Know Before They Hit "Allow"
Blog post description.
5/31/202610 min read
AI Meeting Notetakers in Legal Practice: What Lawyers Need to Know Before They Hit "Allow"
By Angeli Fitch, AI Compliance & Ethics Attorney | 20+ Years of Trial Experience | Creator of the State Bar-Approved CLE Course "AI Ethics for Attorneys"
What is an AI notetaker, and why are lawyers using them?
An AI notetaker is a software tool that joins a meeting — in person or virtual — records the audio or video, transcribes the conversation, and produces a summary, action items, or searchable record of what was discussed. Tools like Otter.ai, Fireflies.ai, Fathom, Notion AI, Microsoft Copilot in Teams, and dozens of others have made this capability widely available and inexpensive. Many video conferencing platforms now include AI notetaking as a built-in feature that can be enabled with a single click.
Lawyers are using them for the obvious reasons. Client intake calls, case strategy meetings, depositions over video, settlement negotiations, team conferences, and bar association events all generate information an attorney needs to capture accurately. The promise of an automatically generated transcript and summary is genuinely appealing in a profession where billable time is finite and note-taking competes with listening.
The problem is that many attorneys are enabling these tools without asking a single question about what the tool records, where that recording goes, who can access it, how long it is retained, or whether the other people in the meeting have any idea it is happening. Those are not minor administrative details. They are the questions your professional responsibility obligations require you to answer before the meeting starts.
What happens when an AI notetaker joins a meeting?
More than most attorneys realize.
When an AI notetaker joins a virtual meeting, it typically functions as a participant — appearing in the participant list, sometimes with a name like "Otter.ai Notetaker" or "Fireflies Bot," and recording everything said from the moment it joins until the meeting ends. The recording is transmitted to the vendor's servers in real time or immediately after the meeting. The vendor's systems then process the audio into a transcript, generate summaries, identify speakers, and store the resulting data.
That data — which may include client names, case facts, litigation strategy, settlement positions, privileged legal analysis, and confidential communications — now exists on a third-party vendor's servers, subject to that vendor's Terms of Service, Privacy Policy, data retention practices, security infrastructure, and legal obligations to respond to government requests.
For in-person meetings, some AI notetaker applications run on a phone or laptop and capture ambient audio in the room. The recording may begin automatically when the application is open. Participants who are not looking at the attorney's device may have no indication that the conversation is being recorded and transmitted.
The attorney who enabled the notetaker is responsible for all of this — not the vendor, not the platform, not the colleague who recommended the tool.
Does using an AI notetaker in a client meeting violate Rule 1.6?
It can, and whether it does depends on factors the attorney must evaluate before using the tool, not after.
Rule 1.6 requires attorneys to make reasonable efforts to prevent the inadvertent or unauthorized disclosure of information relating to the representation. When an attorney uses an AI notetaker in a client meeting, they are transmitting the content of that meeting — including everything the client says — to a third-party vendor's systems. Whether that transmission is a disclosure that violates Rule 1.6 turns on whether the attorney has taken reasonable steps to ensure it is authorized and protected.
Reasonable steps, at minimum, include understanding what the vendor does with the recorded data, whether the vendor's security practices are adequate to protect confidential legal communications, whether the vendor's terms prohibit using client content for model training or other secondary purposes, and whether the client has been informed and has consented to the recording and its handling.
An attorney who enables an AI notetaker in a client meeting without informing the client, without reviewing the vendor's data practices, and without obtaining any form of consent has not taken those steps. The fact that the notetaker was convenient, that other attorneys use it, or that the vendor markets it as secure does not satisfy the attorney's independent obligation to make that evaluation.
What are the consent and disclosure obligations before recording a client meeting?
They exist at two levels, and attorneys need to address both.
The first is state recording consent law. The United States is divided between one-party consent states, where only one party to a conversation needs to consent to recording, and two-party or all-party consent states, where all participants must consent. California is an all-party consent state under Penal Code section 632. Recording a confidential communication in California without the consent of all parties is a criminal offense, with civil liability on top of it. Attorneys practicing in all-party consent states who enable an AI notetaker without informing meeting participants are not just violating ethics rules — they may be violating the law.
Even in one-party consent states, the professional responsibility analysis does not stop at the legal minimum. An attorney who secretly records a client meeting may be technically compliant with the recording statute and still have violated the duties of communication and candor that define the attorney-client relationship. The client who discovers their attorney was recording meetings without disclosure is unlikely to find the one-party consent defense reassuring.
The second level is informed client consent to the specific data handling the notetaker involves. Telling a client "I'm going to record this for my notes" is not the same as telling a client "this recording will be transmitted to a third-party vendor, stored on their servers, and subject to their privacy policy." If the client's information is going somewhere beyond the attorney's own systems, the client is entitled to know that — and to make an informed decision about whether they consent.
This is not a theoretical concern. Clients in sensitive matters — employment disputes, family law, criminal defense, whistleblower cases — have strong interests in controlling who has access to their communications. An attorney who routes those communications through a vendor's AI system without disclosure has made a unilateral decision that belonged to the client.
What about using AI notetakers in depositions or legal proceedings?
This requires particular care, and in some jurisdictions and contexts, it may be flatly impermissible without explicit authorization.
Depositions are governed by court rules and applicable rules of civil procedure. In most jurisdictions, the permissible methods of recording a deposition are specified — typically stenographic transcription, audio recording, or video recording by a certified court reporter or approved service. Using an AI notetaker application to simultaneously record a deposition without the knowledge and agreement of all parties and their counsel, and without court authorization, may violate those rules regardless of what the recording consent statute says.
The transcript produced by an AI notetaker is not a certified transcript. It is a machine-generated summary that will contain errors, particularly with legal terminology, proper names, and overlapping speech. Relying on an AI-generated deposition summary as a substitute for a certified transcript — or, worse, treating it as accurate without verification — is a competence problem on top of the consent and procedural issues.
For client meetings that are part of an active matter, the attorney should also consider whether communications captured by an AI notetaker might later be discoverable or subject to subpoena. Privilege protections for attorney-client communications do not automatically extend to recordings stored on third-party vendor servers, particularly if those servers are located outside the attorney's control and subject to the vendor's own legal obligations. An attorney who has enabled an AI notetaker without thinking through the privilege implications has potentially created a discoverable record of privileged communications.
What do the ABA and state bars say about AI notetakers specifically?
As of May 2026, no ABA formal opinion has addressed AI notetakers as a distinct category. However, the existing framework of ethics opinions addressing technology, confidentiality, and supervision applies directly, and several principles are clear.
ABA Formal Opinion 477R established that attorneys must apply a fact-based analysis when transmitting client information using technology, considering the sensitivity of the information and the adequacy of the protections in place. An AI notetaker transmitting a client meeting to a third-party server is precisely the kind of technology use that analysis was designed to govern.
ABA Formal Opinion 512, issued in 2024, addressed AI use broadly and confirmed that attorneys must understand the tools they use well enough to supervise their output and must remain personally responsible for all AI-assisted work product. A notetaker that generates a summary of a client meeting is producing work product the attorney is responsible for — including any errors, omissions, or mischaracterizations in that summary.
Several state bars have issued guidance that is directly applicable. The California State Bar's ethics resources on technology and confidentiality address the obligation to vet third-party tools before using them on client matters. New York's ethics opinions on cloud computing and technology establish that attorneys must exercise reasonable care in selecting and supervising third-party vendors who receive client information. The Florida Bar has addressed recording consent obligations specifically in the context of virtual meetings.
The absence of a formal opinion specifically about AI notetakers does not create a gap in the ethical framework. It means the existing rules apply without the benefit of tailored guidance — which is a reason for more caution, not less.
What are the specific risks of AI notetakers that lawyers most commonly overlook?
The bot appears in the participant list — and opposing counsel can see it. In a negotiation, a mediation, or any meeting where the other side is present, an AI notetaker appearing as a participant is visible to everyone. Opposing counsel who notices a notetaker bot may object, may raise it with the court if the matter is in litigation, or may simply note that your firm's meeting practices involve third-party recording tools. In a settlement negotiation, the presence of a recording — even a summary — creates dynamics that may not serve your client's interests.
The summary is not the conversation. AI notetaker summaries are generated by a model that is identifying what it determines to be important, paraphrasing what was said, and presenting a synthesis that may not capture nuance, qualifications, or the precise language that matters in a legal context. An attorney who reviews the summary instead of the full transcript — or who relies on the summary without reviewing it against the recording — is working from a document that may not accurately represent what occurred. In a client meeting, that inaccuracy affects the attorney's understanding of the client's instructions, goals, and disclosures.
The notetaker may be recording more than the meeting. Some AI notetaker applications, when running on a device, may capture ambient audio before and after the formal meeting, during breaks, or in adjacent conversations. An attorney who leaves a notetaker application running on a laptop during a break in a client meeting, during a hallway conversation with a colleague, or during a phone call taken while the application is open has potentially recorded and transmitted communications beyond the scope of what they intended.
Data breaches at AI vendors are a real and documented risk. AI notetaker vendors are attractive targets for data theft precisely because they hold recordings of sensitive business and professional communications. An attorney whose client meetings are stored on a vendor's servers has created a repository of confidential information outside the firm's security perimeter. When — not if — a vendor experiences a security incident, the attorney's clients are affected.
How should attorneys evaluate an AI notetaker before using it on client matters?
The same framework that applies to any AI tool used in legal practice applies here, with particular attention to the provisions most relevant to recorded communications.
Review the Terms of Service for the license grant. Does the vendor claim the right to use recorded content to train or improve their AI models? Does that right apply to all users, or only to users who have not opted out, or only to consumer tiers? For a tool that records client meetings, this provision is not abstract — it potentially means your client's privileged communications are training data for an AI model that will be used by other subscribers.
Review the Privacy Policy for data retention. How long does the vendor keep recordings and transcripts after a meeting? Is there an automatic deletion schedule, or does data persist until the user manually deletes it? What happens to data if the user cancels their account? What happens if the vendor is acquired or goes out of business?
Evaluate whether the vendor offers a business or enterprise tier with enhanced protections. Many AI notetaker vendors offer enterprise agreements that include data processing agreements, commitments against using customer data for training, enhanced security certifications, and contractual data deletion obligations. For a law firm using one of these tools on client matters, the enterprise tier is not an upgrade — it is the minimum appropriate product tier.
Confirm the vendor's security certifications. SOC 2 Type II certification is a meaningful baseline. Ask where data is stored geographically, who within the vendor's organization has access to recordings and transcripts, and what the vendor's breach notification obligations are under their current terms.
What practical steps should attorneys take right now regarding AI notetakers?
Audit what is currently deployed. If attorneys or staff in your firm are using AI notetaker tools — including built-in features in Microsoft Teams, Zoom, or Google Meet that may have been enabled by default — inventory those tools now. Many attorneys are unaware that AI notetaking features are active in the platforms they use every day because they were enabled at the organizational level by IT or by default settings, not by a deliberate decision.
Establish a firm policy before the next client meeting. That policy should address which AI notetaker tools, if any, are approved for use on client matters; what product tier is required; what disclosure must be given to clients and other meeting participants before recording begins; how recordings and transcripts are stored and for how long; and who within the firm has access to meeting records.
Inform clients and obtain consent before using any AI notetaker in a client meeting. This does not need to be a lengthy disclosure. It needs to be an honest one: this meeting will be recorded and transcribed by a third-party AI tool, the recording will be stored on their servers subject to their privacy policy, and here is what that means for how your information is handled. A client who understands this and consents is in a fundamentally different position than a client who discovers it after the fact.
Review your jurisdiction's recording consent law. If you practice in an all-party consent state, there is no discretion here — recording a conversation without all parties' consent is not a professional responsibility question, it is a legal one, with criminal and civil consequences.
What is the core principle for attorneys evaluating any AI notetaker?
The meeting between an attorney and their client is one of the most protected communications in the legal system. Attorney-client privilege exists because clients must be able to speak candidly to their lawyers without fear that those communications will be used against them. That protection depends entirely on the attorney treating client communications with the seriousness they deserve.
An AI notetaker routes the content of that protected meeting through a third party's commercial technology infrastructure. That does not make it categorically impermissible. It makes it a decision that requires informed, deliberate judgment — about the tool, the vendor, the client, and the matter — before anyone hits allow.
The convenience of an automatic transcript is real. So is the professional responsibility exposure of creating one carelessly. Attorneys who understand both are the ones who can use these tools in ways that serve their clients rather than expose them.
If you want structured guidance on building AI governance policies that address notetakers, vendor vetting, and the full range of AI tools your firm is using, this is the work I do with law firms through my advisory practice and through my State Bar-approved CLE course, AI Ethics for Attorneys. [Contact me] to discuss what your firm needs.
Angeli Fitch is an AI Compliance & Ethics Attorney and trial lawyer with more than 20 years of experience. She is the creator of the California State Bar-approved CLE course "AI Ethics for Attorneys" and advises law firms and legal professionals on ethical AI adoption, compliance, and governance. She is Of Counsel at Infinity Law Group and available for speaking engagements, CLE instruction, and advisory work.