Consent Drift.
The AI in your meetings is a liability before it's a convenience. Almost no one is saying so.
A privacy attorney wrapped a call last month and caught something. Her meeting ran on one platform. A different company's AI was transcribing it — through a service that wasn't open on anyone's screen. Nobody started it. Nobody agreed to it. It was there because one participant had connected a tool to their calendar months earlier and forgotten.
Her comment section filled with senior privacy and governance people saying the same thing: seen it, no thanks, we sweep our calls now. People who advise companies on this for a living.
And the part worth sitting with isn't that it happened. It's that it happens constantly, to nearly everyone, and the people best equipped to call it out mostly won't.
They won't because their own firms run these tools. They won't because their clients are the ones exposed. The people closest to the risk have the most reasons to stay quiet. So the warning isn't coming, and the gap stays open.
Here's the mechanism, because it's not what most people think.
01 — MechanismThe recording left the room.
Recording used to be visible. Someone hit a button, a red dot appeared, everyone saw it. The consent attached to a deliberate act in a shared moment.
That's over. Today's notetakers — Otter, Fireflies, Read, and now the platforms' own assistants — hook into a person's calendar. Once connected, the tool joins meetings on its own, as a participant, often on platforms that aren't even its own. It doesn't need the person who installed it to be paying attention. In many setups it doesn't need them in the meeting at all. It joins on their behalf, transcribes everything, and emails the summary to someone who was never there.
The capture left the room. Recording is no longer something a participant does — it's a background process fired by an integration authorized once, for a different purpose, now silently attaching to conversations nobody anticipated.
That gap — between the consent that was given and the capture actually happening — is consent drift.
02 — DefinitionWhat consent drift is.
A user consents to a tool — its terms, its calendar access, its convenience. Real consent. But consent to the tool, from one person, at setup. Never consent from the other people in a specific room, for a specific conversation, at the moment of capture. Meeting after meeting, the distance between what was authorized and what's being recorded widens, until the two have nothing to do with each other.
It's the same failure as a system prompt that says never do X and then watches the model do X. The instruction existed. It just wasn't binding when it mattered. Consent drift is that failure applied to recording: the agreement lived somewhere, once, but nothing bound it to this capture, these people, now.
03 — LiabilityThis is a liability problem.
Here's what lawyers should be shouting about and aren't.
Over a dozen states require all parties to consent before a conversation is recorded — California, Florida, Pennsylvania, Illinois, more. The law has held a hard line: it targets the act of recording a private conversation, not the technology doing it. An AI transcriber gets no exemption for being AI. Capture a conversation one party didn't agree to, in an all-party state, and that's the legal exposure of a hidden tape recorder.
Not hypothetical. It's in federal court now. A consolidated class action against one of the largest notetaker companies turns on this exact design: the tool asked permission only from the host, and the plaintiff — who had no account with the company — says his call was captured anyway because another participant had the integration running. The claims cite the federal wiretap statute, the California Invasion of Privacy Act, and biometric privacy law. A second major vendor faces its own biometric suits. These cases test a design pattern, not one company's slip — the pattern of capturing first and never resolving consent.
And the defense everyone reaches for is dead on arrival. "This meeting may be recorded," buried in a calendar invite or posted on a wall, is notice, not consent. It's passive. All-party states and GDPR demand affirmative agreement — not the absence of an objection. A bot's name in a long attendee list isn't agreement. A banner isn't agreement. The clinic that posts "by entering, you consent to recording" didn't get consent. It posted a sign and hoped. Plaintiffs' lawyers are now testing that hope, and it's not holding.
So every organization running calendar-integrated notetakers across outside calls — every sales team, advisory firm, clinic, professional shop — is stacking exposure one conversation at a time, mostly blind to it. That's the liability story. It's bigger and closer than most of the AI-risk noise, which is busy with hallucinations and bias while this sits in plain view, already in court.
04 — False FixesBoth reflex fixes fail.
Two answers are on the table. Both miss.
Ban the bots.
Kill third-party notetakers, sweep the calls, go back to manual notes. Major enterprises are already doing it for compliance reasons. But this throws away the value — notes, summaries, accessibility, the record — to dodge a problem that was never about recording. It treats the symptom.
Build a better banner.
Clearer disclosure, a bigger notice, a checkbox in the invite. This is the clinic sign again in a nicer font. Still passive notice pretending to be consent. It binds nothing. It stops nothing. It just documents that you warned people before doing the thing they might not have agreed to.
Both share one blind spot: they treat recording as the thing to control. Recording isn't the problem. Recording without bound, provable, per-party authority at the moment it happens — that's the problem.
05 — The FixGovern the commit, not the conversation.
The fix isn't to watch the conversation harder or to stop recording. It's to govern the commit — the act of starting to capture — and leave the conversation free.
That means authority gets established at the moment of capture, not inherited from a months-old integration. Before recording starts, each party's consent is verified — not assumed, not notified, verified. If the meeting's policy requires all-party consent and someone declines, the system enforces what the policy demands: capture doesn't start, or it runs while excluding the declining party, or it proceeds with the decline sealed into the record as a bound fact. Either way, consent state and capture are sealed together as evidence — so anyone can later prove who authorized what, on what basis, at the moment it happened.
And notice what it protects. It doesn't surveil the meeting. The deliberation stays as free as it ever was. What gets governed is the narrow, consequential act — the commit to capture. You don't watch the conversation. You authorize the recording of it, and you prove it.
06 — DistinctionSurveillance and governance are not the same thing.
This is the line the whole moment keeps missing.
The tools we're racing to install are surveillance wearing a productivity label. They capture by default and leave consent for later, if ever. Not a moral charge — a design description. And the courts are starting to describe them the same way.
Consent drift is what you get when you adopt surveillance and call it note-taking. The answer isn't to stop taking notes. It's to put a governed commit between the conversation and the capture — recording authorized in the moment, by the people in the room, sealed as proof.