Why the AI notetaker your team loves is one lawsuit away: 20 questions to ask before you buy

AI notetaker security features determine whether a tool gets approved by IT or becomes a liability on every customer call. This checklist gives security and procurement teams 20 questions to evaluate any AI meeting tool before purchase. It is built from the security evaluations Avoma's enterprise team runs with IT and procurement buyers.

In August 2025, Otter.ai was hit with a federal class action lawsuit alleging it recorded private conversations without consent and used those recordings to train its AI models. The plaintiff was not even an Otter account holder. His conversation was captured because another meeting participant had the tool running. That lawsuit is now a consolidated action in California federal court, with claims under federal wiretap law, the Computer Fraud and Abuse Act, and the California Invasion of Privacy Act.

What privacy and security features should an AI notetaker have?

AI notetaker enterprise-grade security features are the technical and organizational controls that make an AI meeting tool safe for deployment across customer-facing teams in regulated or security-conscious organizations.

These features include data encryption at rest and in transit, SOC 2 Type II certification, GDPR and HIPAA compliance, role-based access controls, configurable data retention, SSO via SAML 2.0, recording consent mechanisms, sub-processor transparency, and contractual guarantees that customer data is never used for AI model training. Without these features, an AI notetaker is a personal productivity tool, not an enterprise-grade platform.

The complete AI notetaker security features checklist at glance

The 20 questions below are organized into six categories. Each question includes context on what to look for, followed by how Avoma addresses it.

Category 1: Data storage and encryption

Q1. Where is data stored, and in which regions?

Data residency determines GDPR exposure. Storing EU customer call recordings in the US without appropriate safeguards is a violation.

In Avoma: All data is hosted on AWS infrastructure in the United States within Avoma's own Virtual Private Cloud (VPC). For organizations requiring EU data residency, the Avoma enterprise team can discuss options.

Q2. Is data encrypted at rest and in transit?

Any enterprise-grade AI meeting tool should encrypt data at rest (AES-256) and in transit (TLS 1.2+), and redirect HTTP to HTTPS. Unencrypted data at rest is vulnerable to storage breaches. Unencrypted data in transit is vulnerable to interception.

In Avoma: All connections use SSL/TLS with automatic HTTP-to-HTTPS redirect. All customer data, including call recordings and transcripts, is encrypted at rest using industry-standard AWS-managed encryption keys.

Q3. Who holds the encryption keys, and can the vendor access encrypted data?

If the vendor holds your encryption keys and can decrypt your data without your consent, they have technical access to your meeting content regardless of their privacy policy.

In Avoma: Avoma uses AWS-managed cryptographic keys. Avoma employees do not have access to your organization's meeting data by default. Admin-controlled access can be temporarily enabled only for support purposes and toggled off afterward.

Q4. Can you control data retention and deletion?

Indefinite retention creates long-term liability. GDPR's storage limitation principle requires data to be kept no longer than necessary.

In Avoma: Admins can set configurable retention periods for recordings and transcripts. Individual meetings can be deleted by the meeting owner or admin at any time. Avoma's security page has additional detail on data handling.

Category 2: Access control and authentication

Q5. Does the tool support Single Sign-On (SSO)?

SSO ensures user access is controlled through your identity provider, enforces MFA policies, and enables instant deprovisioning when employees leave. It is a non-negotiable for most enterprise IT policies.

In Avoma: SSO is supported via SAML 2.0 on Business and Enterprise plans, with integrations for Okta, Azure AD, and Google Workspace.

Q6. What role-based access controls (RBAC) are available?

Granular RBAC prevents privilege creep. Admins need configuration rights. Managers need visibility into their team's recordings. Reps need access only to their own meetings. Look for distinct roles with meeting-level privacy controls where admin access does not automatically override individual privacy settings.

In Avoma: Four roles are available: Admin, Manager, Member, and Guest. Privacy controls (Private, Primary Team, Organization, Public) layer on top of role permissions. Admin access does not override Private meeting settings.

Q7. Can you restrict who records, which meetings are excluded, and how consent is obtained?

Certain meetings, such as board sessions, HR conversations, and attorney-client discussions, should be systematically excluded from recording. Beyond exclusions, consent is the central issue in the Otter.ai lawsuit. The tool should provide configurable mechanisms to notify and obtain consent from all meeting participants, not just the account holder.

In Avoma: Admins can exclude meeting types by title keywords (e.g., "HR," "legal," "board"), exclude participants by email domain, and restrict recording to defined user groups. These exclusions can be locked at the org level so individual users cannot override them. For consent, Avoma offers configurable meeting reminders with recording consent disclaimers, and a verbal recording announcement when the bot joins. Avoma recommends enabling these for all external calls regardless of jurisdiction. For details on how recording policies and consent settings work, see the help center.

Q8. How is user offboarding handled?

When an employee leaves, their access must be immediately revocable. Their meeting recordings and data need a defined ownership transfer process. Orphaned accounts with active access are a common security risk in SaaS environments.

In Avoma: User deactivation is instant. SSO deprovisioning automatically removes access. Recordings from deactivated users remain accessible to the org and can be reassigned to another owner by an admin.

Category 3: Compliance certifications

Q9. Is the tool SOC 2 Type II certified?

SOC 2 Type II evaluates security controls over at least six months. It demonstrates sustained compliance, not a snapshot. Type I is a point-in-time assessment that does not carry the same weight. Ask for the Type II report, not just a badge on the website.

In Avoma: Avoma is SOC 2 Type II certified. Reports are available via the Avoma Trust Center.

Q10. Does the tool support GDPR compliance?

Any AI meeting tool that processes EU/UK data becomes a data processor under GDPR. You need a Data Processing Agreement, explicit consent mechanisms, and support for data subject rights (access, deletion, portability). A privacy policy alone is not sufficient.

In Avoma: GDPR compliance is built in with consent notifications for meeting recordings, data deletion rights, and a DPA available for enterprise customers. Avoma recommends enabling the "Meeting Reminder to Participants + Recording Consent Disclaimer" notification for all external calls regardless of jurisdiction.

Q11. What about HIPAA, CCPA, or other industry-specific regulations?

Healthcare organizations need HIPAA Business Associate Agreements. California-based companies need CCPA-compliant data handling. Financial services firms need FINRA call recording compliance. The vendor should have a clear position on each, not a vague "we take compliance seriously" statement.

In Avoma: HIPAA compliance is supported via a BAA on enterprise plans. See Avoma's data security documentation for details. CCPA compliance is addressed through existing privacy controls. For FINRA requirements, contact the enterprise team.

Q12. Is there a Trust Center where certifications can be verified?

Any vendor can claim compliance. Trust Centers provide public or gated access to current compliance reports, penetration test summaries, and security documentation, making claims verifiable rather than self-reported.

In Avoma: All certifications and security documentation are available through the Trust Center. Detailed reports including the SOC 2 report are available to enterprise prospects upon NDA signature.

Category 4: AI model and data processing

The Otter.ai lawsuit centers on two questions: was there proper consent, and was customer data used for model training?

Q13. Is customer data used to train the vendor's AI models?

If your meeting recordings contain competitive intelligence, customer pricing, or proprietary strategy, you need explicit confirmation that your data is not fed into shared training datasets. The Brewer v. Otter.ai complaint alleges Otter retained conversational data and used it to train its speech recognition technology without participant permission. That is the risk you need to eliminate contractually.

In Avoma: Customer meeting data is never used to train AI models. Customer data is used solely to provide the service. This is stated in Avoma's privacy policy and can be contractually confirmed in enterprise agreements.

Q14. What third-party AI models or sub-processors are used?

Most AI meeting tools call third-party APIs for transcription and summarization. Each sub-processor is a potential data recipient with its own privacy policies. You should know which services handle your data and be notified when the list changes.

In Avoma: The current sub-processor list is available at trust.avoma.com/subprocessors. Enterprise agreements include sub-processor disclosure and change notification provisions.

Q15. Is there a private cloud or on-premise deployment option?

For the most sensitive organizations, such as national security contractors, certain healthcare providers, and some financial institutions, sending audio to any vendor's cloud may not be acceptable. For the majority of enterprise buyers, cloud deployment with proper controls (VPC isolation, encryption, SOC 2, contractual data training prohibitions) meets the security bar. This question is relevant primarily for organizations where regulatory or policy requirements mandate on-premise infrastructure.

In Avoma: Avoma is a cloud-based SaaS product hosted on AWS. On-premise deployment is not available. For most enterprise evaluations, Avoma's VPC isolation, encryption standards, SOC 2 Type II certification, and contractual prohibition on data training address the underlying concerns that drive on-premise requirements.

Category 5: Network and infrastructure security

Q16. What network isolation and perimeter controls are in place?

Multi-tenant SaaS without network isolation means your data could be exposed through vulnerabilities in another customer's account. Look for VPC isolation and restricted security groups that limit communication between servers.

In Avoma: 100% of primary application servers are within Avoma's own VPC on AWS, protected by restricted security groups allowing only minimal required communication between servers.

Q17. How often does the vendor conduct penetration testing?

External third-party penetration tests are the most credible way to validate that a vendor's security claims hold up against real attack techniques. Internal testing alone is insufficient for enterprise procurement.

In Avoma: Application penetration testing is conducted by an external third party at least annually. Penetration test summaries are available to enterprise customers via the Trust Center under NDA.

Q18. What is the vulnerability disclosure and incident response process?

When a security incident occurs, you need to know how quickly you will be notified, what remediation process is followed, and whether there is a defined SLA for response. A 24-hour response SLA to security reports is the industry standard.

In Avoma: Security reports receive a response within 24 hours at security@avoma.com. All new product functionality is reviewed for security impact, and mandatory code reviews are conducted for all code changes.

Category 6: Integration and third-party risk

Q19. What OAuth scopes do calendar and CRM integrations require?

Overly broad OAuth scopes create unnecessary exposure. One enterprise discovered 800 unapproved AI notetaker accounts in 90 days because the tool's OAuth grant requested access to every calendar the employee could reach, automatically adding itself to every meeting.

In Avoma: Calendar integrations (Google Calendar, Outlook) request the minimum permissions required to detect meeting links and send the bot. CRM integrations (Salesforce, HubSpot) require scopes for creating and updating records. Scope documentation is available in Avoma's help center.

Q20. What happens to data if you cancel?

Data portability and deletion on offboarding are GDPR rights and enterprise procurement standards.

In Avoma: Customers can export meeting data (recordings, transcripts, notes) prior to account closure. A data deletion process is available upon request, with enterprise agreements specifying the deletion timeframe.

Red flags: Vendor answers that should make you walk away

"We use your data to improve our AI models." Unless you can contractually opt out, your customer conversations may be training a shared model. The Otter.ai lawsuit shows this is a litigation risk, not a theoretical concern.

"We're working on SOC 2." In-progress certification is not certification. A pending audit is not equivalent to a completed Type II evaluation. Ask for the target completion date and wait.

"Our data is stored securely in the cloud." Without specifying cloud provider, region, encryption standards, or isolation controls, this tells you nothing.

"Admins can see all meetings." If the admin role grants universal meeting access regardless of privacy settings, this creates a surveillance risk. Ask whether private meetings remain private to the meeting owner.

"We don't offer data deletion." This is a GDPR violation. Walk away.

How Avoma scores on this checklist

Avoma passes all 20 questions. SOC 2 Type II certified. GDPR compliant with a DPA. HIPAA BAA available on enterprise plans. VPC isolation on AWS. Annual third-party penetration testing. A 24-hour security response SLA. Customer data is never used for AI model training, and that commitment is contractual, not a policy footnote. All documentation is verifiable through the Avoma Trust Center.

Every week your team uses a tool that has not been evaluated against these 20 questions is a week your customer conversations, pricing discussions, and competitive intelligence sit in a system you have not validated.

Run this checklist against every AI notetaker on your shortlist. For Avoma, the security team will provide the SOC 2 Type II report, DPA, sub-processor list, and penetration test summary directly. Request Avoma's compliance documentation to start your evaluation.