08/07/26

On the record: AI transcription and the legal risks for employers

As AI transcription becomes increasingly embedded in workplace practices, are employers aware of the risks? In our latest blog we explore the key risks and practical steps for employers to take to manage their exposure.

The running record

AI meeting transcription offers obvious efficiency benefits, replacing a traditional human note-taker with an automatic AI transcription providing an instantaneous and thorough record of everything that has been said, often accompanied by a handy meeting summary or list of action points.

However, such tools can also present tricky legal risks. Aside from the obvious data protection considerations, AI transcription has the potential to:

  • affect how individuals behave in sensitive meetings;
  • result in the unhelpful disclosure of information (both within the workplace and in the context of litigation); and
  • increase the risk of losing confidentiality and legal professional privilege.

Accidental transcription

Consider a straightforward scenario. Following a formal meeting, two senior managers remain on a call to discuss a colleague's ongoing performance concerns. Whilst the formal part of the meeting has ended, the AI transcription tool is left running in the background, capturing the exchange in full. The completed transcript is automatically distributed to all original meeting participants, including the individual under discussion.

The consequences could be significant, ranging from serious impact on working relationships, a grievance, allegations of bullying, to potential claims for harassment or discrimination and documentation that would be disclosable in any subsequent litigation. Unguarded professional commentary that would once have left no trace can now become a verbatim record because of AI transcription.

Using AI transcripts for HR purposes

The temptation to use AI transcription in formal HR processes, such as grievance or disciplinary meetings, is understandable. A verbatim record arguably removes disputes about the content of a meeting and reduces the administrative burden of note-taking. In practice, the risks are complex.

  • Firstly, AI tools involve processing personal data. In particular, in an HR context this may involve special categories of personal data such as health data, trade union membership, race or ethnic origins, religious or philosophical belief. Accordingly, data protection laws are likely to be engaged, and depending on AI tool usage, a data protection impact-assessment may be required. Employers should seek necessary data protection advice to ensure compliance (including for global employers, considering differences in local law as data protection rules are more stringent in certain jurisdictions (e.g. France)).
  • Additionally, while many consider that AI tools are helpful in creating a verbatim note, accuracy can actually be an issue. If a tool mishears technical language, accents, or speaker attribution, the transcript may be unreliable in exactly the context where reliability matters most, and any systematic disparity in accuracy may create additional discrimination risk. For example, if there are higher levels of inaccuracies for those with certain accents or those with certain disabilities, which ends up placing them at a disadvantage, this could have the potential to lead to indirect discrimination claims. It will be crucial for employers to be able to justify their use of AI tools in such situations.
  • Furthermore, a transcript of a grievance or disciplinary meeting can be more of a double-edged document than a handwritten note. An ill-advised remark that may be largely ignored in the context of a wider discussion will be preserved with precision and in any subsequent appeal or Tribunal claim, every word of it may be scrutinised.
  • Finally, disciplinary and grievance meetings depend on a degree of frankness from all parties. An employee who knows that every word is being transcribed may be less willing to speak openly. Even more so, if an “off the record” without prejudice conversation is actually “on the record” (in the sense of all parties being very aware that every word is being transcribed) this could impede the level of candour that is often helpful in reaching a resolution. Employers should consider these issues.

Disclosure risk

As alluded to, AI transcription generates detailed written records of conversations, where there might not otherwise have been one, or the written record may have been much more limited. These records could be disclosable in later litigation and regulatory investigations, and the volume of such records could be significant where AI transcription is regularly used.

Losing confidentiality and legal professional privilege

Privilege depends on confidentiality, and transcription arguably expands the number of ways confidentiality can be lost.

  • Firstly, given an AI transcription tool may not only create a note of the meeting but also a summary, a list of actions points, or other materials, this can create a broader and more vulnerable document trail around privileged communications that may once have remained confined. That matters operationally because if these materials are saved or shared beyond the narrow group entitled to receive legal advice, confidentiality and privilege may be lost. For in-house teams, the combination of narrow privilege rules and internal access to and sharing of materials creates obvious exposure.
  • Supplier terms are also critical. If a third-party tool permits transcript data to be used beyond the organisation's controlled environment, confidentiality risk increases materially; private tools operating within an employer’s secure environment under restrictive terms present a lower-risk model. However, employers should be alive to the risk of employees using personal or unapproved AI transcription applications (so-called "shadow AI") to transcribe meetings. The use of shadow AI also carries broader data protection and confidentiality risks.

For more information on the use of AI and the impact on legal professional privilege please see our blog here.

Next steps for employers

1. Governance and policies

Consider setting out a clear policy on transcript governance and usage. Ensure that a team or individual takes responsibility to help ensure accountability, ownership and oversight.

2. Consider whether transcription by default is the right approach

Take stock of current practices. If there is an organisation-wide approach to include AI transcription for every meeting as a default, explore whether it may be prudent to change this approach.

3. Consider an internal framework governing transcription use

Consider introducing a framework of which meetings should and should not have AI transcription enabled. For example, it may be decided that board discussions, legal advice communications and formal HR meetings should sit outside the permitted use case.

4. Data protection considerations

Seek necessary data protection advice to ensure compliance in all relevant jurisdictions, including considering whether a data protection impact assessment is required.

5. Data retention

Set data retention periods for transcripts (the shorter the better, subject to appropriate preservation protocols where a duty to preserve records is in effect).

6. Information, Education and Training

Ensure that employees are notified when a meeting is being transcribed by an AI tool. Further, train line managers as to the legal consequences of simply enabling AI transcription and the subsequent paper-trail it may create. Make sure they understand the rules and know what categories of meeting are off-limits.

dotted_texture