If you're using Granola to capture meeting notes, there's a privacy problem you need to know about right now. The AI-powered note-taking app claims your notes are "private by default," but they're actually viewable to anyone with a link - and the company's using them to train its AI models unless you manually opt out. It's the kind of default setting that could expose sensitive business conversations, client details, and internal strategy discussions to anyone who stumbles across a shared link.
Granola is facing a privacy reckoning. The AI note-taking app, which markets itself as an "AI notepad for people in back-to-back meetings," has a glaring disconnect between what it promises and what it actually does with your data.
According to The Verge's investigation, while Granola's security page explicitly states that notes are "private by default," the reality is quite different. Every note you create is automatically shareable via link, meaning anyone who gets their hands on that URL can read your meeting transcripts, action items, and whatever else the AI captured during your calls.
It gets worse. The company is also using those notes - potentially containing confidential business information, client details, and strategic discussions - to train its internal AI models. You can opt out, but it's buried in the settings, and most users won't know to look for it.
The app works by integrating with your calendar and capturing audio from meetings. It then uses AI to generate bulleted summaries of what was discussed, which users can edit and share with collaborators. There's also an AI assistant feature that lets you ask questions about your meeting history. It's convenient, sure, but that convenience comes with a privacy trade-off that many users likely didn't realize they were making.
This isn't just a theoretical concern. In enterprise environments, meetings routinely cover sensitive topics - unreleased product plans, M&A discussions, personnel issues, client negotiations, and financial projections. If those notes are accessible to anyone with a link, it creates a potential data leak that could have serious business consequences.
The issue highlights a broader problem in the AI tools space. As companies rush to add AI features to productivity apps, privacy considerations often get treated as an afterthought. The default settings favor data collection and sharing, while privacy protections require users to actively opt out - assuming they even know the option exists.
Granola isn't alone in this approach. Many AI note-taking apps, including competitors in the meeting transcription space, have faced similar scrutiny over how they handle sensitive audio and text data. But claiming notes are "private by default" while simultaneously making them link-accessible sets up a false sense of security that's particularly problematic.
For enterprise IT teams, this is a wake-up call. Any AI tool that processes meeting content needs to be vetted carefully for its privacy defaults, data retention policies, and training data practices. What seems like a helpful productivity tool for your team could be quietly creating a compliance nightmare.
The timing is especially awkward given the current regulatory environment. With the EU's AI Act coming into force and increasing scrutiny on how AI companies use training data, defaults that favor data collection over privacy are becoming harder to justify. Companies that position themselves as enterprise-ready need to match that positioning with enterprise-grade privacy practices.
Users who want to secure their Granola notes should head into the app's settings immediately. Look for options to disable link sharing by default and opt out of AI training data collection. Better yet, review whether the app's privacy model aligns with your organization's security requirements before using it for any sensitive meetings.
The broader lesson here is about reading the fine print on AI tools. "Private" doesn't always mean what you think it means, and "default" settings are often optimized for the company's benefit, not yours.
The Granola privacy issue is a stark reminder that AI-powered productivity tools need serious scrutiny before they get access to your sensitive business conversations. If you're using the app, check your settings now. If you're evaluating AI meeting tools for your team, make privacy defaults a primary consideration, not an afterthought. The convenience of AI note-taking isn't worth accidentally leaking your company's confidential discussions to anyone with a shareable link.
