Comment by jitl
6 days ago
To elaborate:
The Notion desktop app will observe if there is a process running on your computer that is actively using your microphone, such as Zoom.
Notion does not and cannot listen to the audio coming from your microphone ambiently or snoop on the signal received by another application. This detection is done purely based on the existing of a process using your microphone, not on the audio coming from the microphone. Users can verify this because the OS-level microphone indicator will show that Notion is not listening to their microphone.
If one is detected, Notion will notify the user and try to associate it with a calendar event if you have connected your calendar. Connecting your calendar is not a requirement to receive this notification.
Users can disable this behavior via their account settings in Settings > Notifications > Desktop meeting detection notifications.
Only when the user has started a meeting note and clicked record, will Notion activate the user's microphone. We cannot do this without operating system mediated consent dialog, which is the way it should be! At this point Notion will show up as using the microphone in the OS indicators.
(I work at Notion)
It is not genuine to say that Notion cannot listen in. Notion can listen in. Anytime it wants. Yes on Macs an indicator will be displayed - but not always prominently depending on what other apps/devices are being used (for example using continuity camera)
Source: I built the same listening infrastructure into other meeting note taking apps. Our team spoke at length about this security issue with Apple.
I work at Notion. We don't ship code that would let us listen in until users explicitly click start recording. We don't want to, we aren't in the business of selling data and this would be incredibly expensive - and destroy trust. We are cash flow positive so we can sustain our values for the long term. We build useful software and get paid by our users for it. It's pretty simple. Agree that operating systems should display prominent indicators when the microphone is in use.
Side note - why isn't E2E encryption a higher priority for Notion?
If you check Reddit and similar forums, it's been raised so many times by users.
Please tell me which meeting note apps use underhanded methods to secretly record my conversations, just so that I can blacklist them company wide.
Make it opt-in and this would be not an issue.
Notion doesn't like making things opt-in.
A feature that's opt-in will get like 1% of the use of a feature that's opt-out. A happier middle ground would be to enable by default and show a "I don't like this, pls turn it off" button the first few times.
EDIT: shouldn't single out any specific role here. We think opt-out, enable-by-default makes a feature have far greater total utility. But we could do more to provide user agency for these features in-line during first use or find a different balance point.
Your PMs should not decide what your software does with my hardware without me giving my informed consent.
Our PMs don't like making things opt-in.
-> Your users don't like making things opt-out. Low usage metrics is a UX problem. Activating it without informed consent gives you bloated metrics anyway.
5 replies →
Your new feature is privacy invading. It's none of your business to detect if someones mic is on unless they invite you to do that.
What is so hard about that?
> Our PMs don't like making things opt-in.
Lamest excuse ever.
I wouldn't be surprised if you phoned back home about that mic activation - do you?
I recently joined an org where Notion is in use - I will actively lobby them to not install the desktop app, at all or to quit Notion alltogether.
8 replies →
Make a pop-up with the opt-in/out for all the features on first launch with everything defaulted to on so people can turn features off and get notified that such features exist. You can also use this to gather metrics on what features people are actually interested in.
Good compromise.
4 replies →
> Our PMs don't like making things opt-in.
Thank god the web browser was developed in an era where PMs weren't stack-ranked on rubrics like "feature engagement". Imagine a world where every website was granted access to your filesystem, webcam, microphone, and geolocation by default so that PMs could report back on how many websites were making use of those browser APIs.
> A feature that's opt-in will get like 1% of the use of a feature that's opt-out.
Well... yeah. It's either because the benefits of opting in aren't communicated well enough or that users just don't actually want it.
For AI meeting notes, I'd imagine it's the latter.
Get better PMs. Seriously. Users shouldn’t have to opt-out of something for privacy. Respecting privacy should be the default. If a user finds value in letting you listen to the microphone, then great! But you have to inform them! There are also other ways to get the same information — such as if the user also shares their calendar. This is sneaky and evasive behavior.
But none of this conversation makes me want to use Notion. We used to use it at $OLDJOB for meeting notes and light DB work for non-technical users. Now I’m happy we stopped.
3 replies →
>Our PMs don't like making things opt-in
Then refuse implementing it. Have some dignity for God's sake.
7 replies →
> Our PMs don't like making things opt-in.
“Ze engagement metrics must go up on ze dashboard every quarter, jah!” I can’t wait for the day PMs and other parasites find a new industry to move to. They sure have sucked the fun out of this one.
> Our PMs don't like making things opt-in.
Tell them that alone is one reason I'll never use it. I'm sure I'm a minority, but not zero.
>Our PMs don't like making things opt-in
That is an implementation detail. What matters is the outcome:
Notion leadership has signed off on this being opt-out.
The calculus here, as you indicated, was that opt-in has little buy-in.
What leadership didn't take into account was the risk of this being publicized, and the blowback from this awareness.
That, or leadership has already calculated that not enough people will care (possibly true).
I suppose it's then up to those that do care to make more noise about this, to tilt the odds?, so this specific calculus (also known as enshittification) doesn't keep occuring (i.e, if the blowback costs are disproportionate to the value provided by default opt-out....)
thats a red flag imho
> Our PMs don't like making things opt-in.
Whenever people on HN and else where present you the mustache twirling evil Microsoft or Apple or Google C-suite/board who are trying to enshitificate a product or a tool because they don’t care, always keep in mind that the reality is often a lot more mundane than that.
The application that is “sneakily” listening to you and transmitting everything you say to their servers can be a legitimate product of a mustache twirling villain, but it’s a lot more likely (in my experience) that a group of 5 engineers and a PM were tasked by “Present relevant products from our company to the user” task and someone was like “what if we record what they are saying (or just zip-up their entire ~/Documents folder), run it through an LLM on our server and prompt it to analyze their convo or documents and recommend one of our products to sell to them? Sounds good to me, no?”
5 replies →
If they made borderline "features" like this opt-in, no one would and then the people driving this won't get the career prospect boost of shipping a new feature.
To be clear: recording is opt-in. We also remind users to ask for two-party consent. (obligatory "i work at notion")
Thanks for the explanation. I was about to install Notion Desktop today. I Won’t install it.
Why? I don't understand the objection to this. If the app was sending off any data to Notion without consent, that would obviously be a privacy issue, but why is it a problem for a desktop app to simply check if your mic is being used and offer to record?
The application is almost certainly sending off data to Notion without consent, you just wouldn't be able to tell.
If a company is willing to do even small privacy violations, I do not trust them at all. Feel free to run OpenSnitch or LittleSnitch - most apps are opening connections to many domains you won't recognize. Your guess is as good as anyone's what data they're exfiltrating. That is, of course, unless you use more privacy-preserving apps that are typically opensource.
7 replies →
This could be a good feature in open source software packaged by Debian and whose build is reproducible.
People being angry here shows how they distrust software they use and distrusting always online software causes fear and stress.
The best these people can do is relying on free software distributed in a sane way because that's what can help trust software, and, in a professional setting, to push their companies or their providers towards free software as well, and demand guarantees that their privacy is respected.
These matters are not theoretical and this discussion is a witness of this.
If Notion wants to be trusted, they should go open source. I see Notion people are here. Do it! Stop doing closed source software! That doesn't bring anything worth and see what badness it brings. Your value is elsewhere. It's in you expertise, your vision and how well you do things.
I work for an open source competitor (or at least in the neighborhood) and that works out well for us and has been for 20 years.
The day you open source your desktop client, you'll be able to show us the code and show that you indeed don't send audio records or related logs to your headquarters. We won't have to reverse engineer, sandbox just to be sure, and hope for the best.
Knowledge management software shouldn't hide knowledge.
Yeah, no. You don't get to monitor my anything in order to provide features. I was never a user of notion and I definitely won't be. It is just an oversight of the OS that your process is allowed to see the list of other processes.
I do not want to be spied on and have 0 trust for any company wishing to do any kind of monitoring of my usage in order to provide or advertise "features" to me.
While you're here - can you tell your PM's that your auto update on windows is annoying. Every time I start the app there's a prompt asking me to either "Install and Relaunch" or "Remind me later" (which seems to just hassle me again on next app start). The worst part is the pop-up doesn't show until 5-10 seconds after I start the app. So I'll start the app, start clicking around and then I'm interrupted by this pop-up. This seems to happen every day because you push a lot of updates.
I'd prefer an option to silently grab non-security/non-fix updates once every [Day, Week, Month] in the background, and install automatically on next app start up. Urgent updates can happen immediately. The default should be every week as every update is around 85mb. You could go a step further and have an option to only download over WiFi.
As for the mic "issue", I'm not sure what everyone's on about. Acting like it's the first app on Windows to monitor what the system is doing to provide a feature.