Security and Privacy for Zoom AI Companion

Zoom AI Companion is expected to be available in January 2025 for meetings hosted by faculty and staff.

Zoom AI Companion is similar to other Zoom features like meeting recording and live transcription in that it creates a record of what is said and done in a meeting. When activated, AI Companion creates a transcript of what is said and by whom. It also captures messages in the meeting chat and attempts to capture text from screen sharing content. It uses all of this information to generate a summary of the meeting and to answer questions posed by participants about what has happened so far.

When a host turns on an AI Companion feature, participants are notified with a pop-up banner. A flashing “sparkle” icon is also present at the top right of the meeting window.  If you’re the host of a meeting and want to use Zoom AI Companion, make sure to notify your meeting attendees that you are turning it on.

If you are an attendee of a meeting where the host chooses to use AI Companion and you have concerns or objections, you have a few options:

  • Let the host know your concerns, and ask if they will turn it off. AI Companion can also be turned off for only a portion of the meeting. Like pausing a recording, it will stop recording data until it is turned back on.
  • Limit your participation as much as you feel you need to. Don’t say, type into the chat, or screen share anything you are concerned about AI Companion transcribing.
  • Leave the meeting.
  • Host meetings yourself when possible. The Host is the person whose Zoom account was used to create the meeting. 

Meeting hosts should take participant concerns seriously, especially if there are concerns around the type of information or data that will be discussed in the meeting.

How Meeting Data is Used

To generate meeting summaries and answer questions, AI Companion processes meeting data through Zoom’s artificial intelligence platform models. However, per the University’s contract, Zoom does not use any of your audio, video, chat, screen sharing, attachments, or other communications-like customer content (such as poll results, whiteboard, and reactions) to train Zoom’s or its third-party artificial intelligence models. You can click here to find out more about how Zoom AI Companion handles your data.

Meeting hosts are in control of which AI Companion features are used in their meetings and of the transcripts and summaries that are generated:

  • Meeting summaries are only accessible to the meeting host by default. Individual hosts can choose whether to share summaries after review or change their settings to automatically share summaries with participants.
  • In-meeting questions can be turned on or off by the meeting host. Only the questioner can see the responses.
  • AI Companion transcripts are only available to the meeting host to download and use.

When is AI Companion Not Appropriate to Use?

Hosts and participants should still take care with the types of information that are shared and discussed in meetings where AI Companion or any type of recording or transcribing are used.

  • Do not discuss, screenshare, or record any sensitive Personal Identifiable Information (PII) or Protected Health Information (PHI), such as social security numbers (SSNs), dates of birth, medical records, or personal contact information. This includes PII or PHI related to research participants unless a specific exemption has been granted by the UISO as part of the approved protocol.
  • Consider the nature of your meeting. Use caution in deciding whether to use the Zoom AI Companion or other recording features in meetings where particularly sensitive, privileged, or confidential data or information may be discussed. Bear in mind that any recordings, summaries, or transcripts generated using these tools may be discoverable in the event of any dispute or litigation to which Georgetown University is a party.
  • Do not use the Zoom AI Companion features in clinical, telemedicine, or healthcare settings (e.g., during patient encounters), peer review meetings, animal care meetings, or meetings that are entered into public records, except under an institutionally approved procedure for such use.
  • Be cognizant of the audience with which meeting summaries and smart recordings are shared.

The University Information Security Office (UISO) prohibits other non-Zoom third-party AI bots, such as Otter.ai, due to security and privacy concerns, and lack of contractual protection of data.