Web Meetings Transcription Pitfalls and Security Issues
TLDR: Transcription services may leak or record data dangerously inaccurately.
Every Web meeting application now has an option to transcribe and summarize meetings for future retrieval. While on the surface this seems like a time saving and efficient method of running a meeting, urgent security issues exist.
The first is that buried deep within the terms of service is a clause where transcripts may be shared with service providers to train their large language models (LLMs), which seems like normal self-interested behaviour. However training with the raw transcripts means that both identifiers (account numbers or company names) and the semantic relationships between them are available to the training pipeline.
How that training occurs is proprietary, as well as the conditions under which names, numbers or facts will be included in updated models. Using identifiers alone, it is conceivable that an LLM would inadvertently share confidential information by confirming the existence of a future brand name, product offering or financial arrangement: "Yes, XYZ corporation is negotiating financing with 123 Inc".
A second issue has to do with the summarization and minute taking feature of some of these software offerings. Classic statistical text summarization has been around for several decades, but the approach taken by LLM summarization is fundamentally different because it builds relationships across paragraphs and concepts.
While flexible, it can also create errors that link disparate ideas inappropriately. A specific example occurred while the author was discussing a distressing event and colloquially remarked that the situation was "insane". The LLM erroneously recorded in the notes that the author had called another participant, who had no connection to the event, "insane" without providing any further context.
The error was obvious to every party and caught early, but one can see how an inoffensive remark while discussing a non-controversial topic could be recorded as a personal insult for posterity. This is not quite the computational equivalent to Cardinal Richelieu, "If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him.", but the opportunity for creating antagonism is clearly there as well as skewing other people's perception of the meeting and its participants.
This is also a strong reminder to committees not to treat administrative tasks, such as approving meeting minutes, as mere formalities. They are of consequence for the organization and it may often be necessary to assign a dedicated note taker instead of blindly relying on technologies.