Tell HN: Notion Desktop is monitoring your audio and network
361 HoyaSaxa 112 7/17/2025, 3:59:54 PM
If you have the Notion Desktop App installed, you may have started to notice a "In a meeting? Start AI Meeting Notes" notification pop up exactly when you are joining a virtual meeting (e.g. joining a Google Meet on Firefox).
At first, I assumed it must have been using my Google Workspace account to snoop on my calendar. But then I started to notice it would notify exactly when I joined even if I was late and the meeting had previously started.
This was the response from Notion Support after they worked with the Notion Engineering team.
> Meeting Detection Architecture:
> - The system uses a sophisticated dual-detection approach: microphone monitoring combined with network port analysis
> - Detection is implemented separately for macOS and Windows at the native operating system level
I've uninstalled the Notion Desktop App...
1. Notion records audio only during your use of the Meeting Notes feature. Here are the docs: https://www.notion.com/help/ai-meeting-notes
2. Notion desktop app has notifications about meetings that ask you if you want to use Meeting Notes, it recognizes this by detecting that your microphone is on (i.e. it does not listen to audio coming from your microphone). This feature is a setting in preferences btw, under Notifications > Desktop meeting detection notification.
source: I work for Notion
The Notion desktop app will observe if there is a process running on your computer that is actively using your microphone, such as Zoom.
Notion does not and cannot listen to the audio coming from your microphone ambiently or snoop on the signal received by another application. This detection is done purely based on the existing of a process using your microphone, not on the audio coming from the microphone. Users can verify this because the OS-level microphone indicator will show that Notion is not listening to their microphone.
If one is detected, Notion will notify the user and try to associate it with a calendar event if you have connected your calendar. Connecting your calendar is not a requirement to receive this notification.
Users can disable this behavior via their account settings in Settings > Notifications > Desktop meeting detection notifications.
Only when the user has started a meeting note and clicked record, will Notion activate the user's microphone. We cannot do this without operating system mediated consent dialog, which is the way it should be! At this point Notion will show up as using the microphone in the OS indicators.
(I work at Notion)
Source: I built the same listening infrastructure into other meeting note taking apps. Our team spoke at length about this security issue with Apple.
A feature that's opt-in will get like 1% of the use of a feature that's opt-out. A happier middle ground would be to enable by default and showed a "I don't like this, pls turn it off" button the first few times.
Our PMs don't like making things opt-in.
-> Your users don't like making things opt-out. Low usage metrics is a UX problem. Activating it without informed consent gives you bloated metrics anyway.
Good compromise.
Runner up is the "what's new" tutorial overlays.
What is so hard about that?
> Our PMs don't like making things opt-in.
Lamest excuse ever.
I wouldn't be surprised if you phoned back home about that mic activation - do you?
I recently joined an org where Notion is in use - I will actively lobby them to not install the desktop app, at all or to quit Notion alltogether.
Thank god the web browser was developed in an era where PMs weren't stack-ranked on rubrics like "feature engagement". Imagine a world where every website was granted access to your filesystem, webcam, microphone, and geolocation by default so that PMs could report back on how many websites were making use of those browser APIs.
Then refuse implementing it. Have some dignity for God's sake.
Also, searching for dignity in a post-“don’t be evil” startup environment seems unusual.
Expecting a shift in corporate culture to come from a short list of individuals making great personal sacrifice (of their careers, reputations, whatever) is not reasonable, sustainable, or realistic.
I know there are a lot of folks who abhor regulation in many contexts, but stuff like this is most effectively handled by such mechanisms.
Well... yeah. It's either because the benefits of opting in aren't communicated well enough or that users just don't actually want it.
For AI meeting notes, I'd imagine it's the latter.
Whenever people on HN and else where present you the mustache twirling evil Microsoft or Apple or Google C-suite/board who are trying to enshitificate a product or a tool because they don’t care, always keep in mind that the reality is often a lot more mundane than that.
The application that is “sneakily” listening to you and transmitting everything you say to their servers can be a legitimate product of a mustache twirling villain, but it’s a lot more likely (in my experience) that a group of 5 engineers and a PM were tasked by “Present relevant products from our company to the user” task and someone was like “what if we record what they are saying (or just zip-up their entire ~/Documents folder), run it through an LLM on our server and prompt it to analyze their convo or documents and recommend one of our products to sell to them? Sounds good to me, no?”
Moustache-twirler A: We've identified these metrics that correlate with increased shareholder value
Moustache-twirler B: But what do those metrics say about user privacy?
(both laugh. This is very funny)
MT A: no but really, fire any PMs that don't make these go up and let the survivors figure out why
MT B: sounds great. See you at golf this weekend
(some time later, in a less fancy conference room)
Engineer: This new feature is great, but could be construed as an invasion of privacy. Can we make it opt-in?
PM (panicking): Oh good heavens, no! Also send the opt-out button to the UX team, that way it doesn't come down on us.
That is an implementation detail. What matters is the outcome:
Notion leadership has signed off on this being opt-out.
The calculus here, as you indicated, was that opt-in has little buy-in.
What leadership didn't take into account was the risk of this being publicized, and the blowback from this awareness.
That, or leadership has already calculated that not enough people will care (possibly true).
I suppose it's then up to those that do care to make more noise about this, to tilt the odds?, so this specific calculus (also known as enshittification) doesn't keep occuring (i.e, if the blowback costs are disproportionate to the value provided by default opt-out....)
I'd prefer an option to silently grab non-security/non-fix updates once every [Day, Week, Month] in the background, and install automatically on next app start up. Urgent updates can happen immediately. The default should be every week as every update is around 85mb. You could go a step further and have an option to only download over WiFi.
As for the mic "issue", I'm not sure what everyone's on about. Acting like it's the first app on Windows to monitor what the system is doing to provide a feature.
People being angry here shows how they distrust software they use and distrusting always online software causes fear and stress.
The best these people can do is relying on free software distributed in a sane way because that's what can help trust software, and, in a professional setting, to push their companies or their providers towards free software as well, and demand guarantees that their privacy is respected.
These matters are not theoretical and this discussion is a witness of this.
If a company is willing to do even small privacy violations, I do not trust them at all. Feel free to run OpenSnitch or LittleSnitch - most apps are opening connections to many domains you won't recognize. Your guess is as good as anyone's what data they're exfiltrating. That is, of course, unless you use more privacy-preserving apps that are typically opensource.
> you just wouldn't be able to tell.
You can setup a local web proxy and tell us. Also check the sources since it's an electron app.
It's probably not always this easy. I see many connections on apps using UDP, so who knows how, exactly, they are encoded.
The data may also be "encrypted", similar to how Zoom "encrypted" data. That is to say, the data is encrypted, but the private key is on the same server. So, if you MITM, it looks encrypted - but there's no security.
Based off of that, I then assume that other companies are exfiltrating as much data as possible off my devices.
I mean, even your car, which, keep in mind, is a multi-tens-of-thousands dollar product, exfiltrates your location, all your texts, all your phone calls, and as much data from your phone as possible.
Yes, this is a "leap of faith". I am not bound by a purely evidence-based worldview - I consider that naivety. I do not need strong irrefutable evidence of bad things happening. When people are untrustworthy, I approach them with skepticism in order to protect myself.
For example, I have absolutely no proof that the NSA is surveilling SMS and telephony right now. None at all. But I know Prism was a thing. It is safe to assume the NSA is absolutely surveilling SMS and telephony.
And, I'm almost always right, in my experience.
I do not want to be spied on and have 0 trust for any company wishing to do any kind of monitoring of my usage in order to provide or advertise "features" to me.
> If you do not want the AI Meeting Notes feature available to your users, administrators may opt-out their workspace at any time via the toggle available in their console.
Here's your problem: Make this opt-in.
Are there other cases where Notion is monitoring my network traffic? If so, what are they?
(edit: see what @jitl said)
EDIT: no, there's no transmission of logs or analytics events besides a check to see if the feature is enabled. We only transmit some data if you ask Notion to record.
Just want to clarify for pedantic reasons - is there transmission regardless of whether it's enabled or disabled? And does that happen only if someone asks Notion to record?
you're talking about the desktop notification in particular, right?
"Bin it, no one will turn it on, make them turn it off if they don't want it"
[0]: https://lookaway.app
After writing the above, I've just reviewed [0] - as much as I could in 5 minutes - and as far as I can tell it confirms our understanding. To do packet filtering or interception or reading, you'd need to do [1].
[0]: https://developer.apple.com/documentation/technotes/tn3179-u...
[1]: https://developer.apple.com/documentation/NetworkExtension/c...
I have it installed but I find it kind of daunting compared to Notion for organizing my notes, it seems to want to be a more abstract kind of 'knowledge management system'.
I just opened it again and it popped up a 'What's New' with phrases like 'Relations are now properties' and something about 'types', 'templates', 'sets' and 'queries', I really just want to take notes and organize them in a straightforward hierarchy.
I’ve found Anytype to be more streamlined. I’m highly familiar with Notion though, so adapted easily.
With Thymer we really care about performance, but Thymer is also end-to-end encrypted because we don't want to compromise on privacy. And it's real-time collaborative and offline first.
Thymer has optional self-hosting. Then you can upgrade (or not) at your own leisure, or intentionally stick to an older version you like better. Enshittification is a big problem in our industry. We've all been burned by it -- we certainly have -- and being able to opt out of a "new and improved!" version is a real feature.
Thymer will also be very extensible. Today we launched our plugin SDK: https://thymer.com/plugins and https://github.com/thymerapp/thymer-plugin-sdk/ with a bunch of examples. With Thymer you will be able to "vibe code" the very simple plugins and with VSCode/Cursor you can make more complex plugins with hot-reload.
You can self host too if you like. Not all features as Notion but comes very close. Seems more private too compared to Notion.
I am also looking for more private and secure Notion alternatives. My company doesn’t allow using Notion.
I like templates, tasks, scrum etc. which I use for personal use. But I am reluctant on saving any personal information in it.
I tried some other tools like Confluence and Obsidian but like you say, there seems to be no match from a UX perspective.
Do I love Notion? Definitely not. Would I change to another tool with the same feature set? Instantly.
There are also plugins like make.md [1] that are focused more on making the UX feel more like notion.
[0] https://relay.md
[1] https://github.com/make-md/makemd
https://github.com/nocodb/nocodb
So two hours later, I realize I’ve transcribed at the bottom of our team overview page what read like the diary of a madman from fragments of conversation I was having with my wife and dog. I am glad I caught it and deleted it.
It has a nice UI, real-time collaboration, diagrams support and more.
You can self-host it too.
Will you consider making it publishable as a wiki? The current share feature is close but forces me to share a specific URL and live-edit public pages.
Would that fit the ideas you have in mind?
I wish tools like this could be embeddable. For example, being able to add it into existing apps.
No comments yet
You can detect patterns of hardware use that suggest you’re in a meeting without actually eavesdropping on an actual audio stream of any kind.
Basically is some app using the mic hardware for something?? Likely a meeting so.
Don’t assume consent.
The former is actually concerning to me. I can't imagine caring if it only knows my microphone is in use.
I have been pulling my hair trying to learn these new no code db tools. And I think I have come to a simple explainer.
It is a list of documents built with (something called) block-editors. Each document can be given properties. The properties get listed into columns. The columns are fields. The documents are rows. And that makes a database table.
In reverse, it is a database table of records. One record can be can be configured with various fields, plus a document "canvas" made by a block-editor.
The block editors can import and display views (aka queries) of database tables. And that is what makes it a full circle spaghetti. A document (listed in a database) can display a database table.
Why should you entrust them with your private notes and data?
[1] https://news.ycombinator.com/item?id=26113444
There is a rule in journalism to not burn one's sources, did you violate that rule in the OP? (I don't know, I am not a journalist.)
We could invite Notion management to comment on this thread.