Governance built in, not retrofitted

Every meeting I've taken since March sits in plain markdown on my laptop.

I built a small open source tool called Minutes to do it: local transcription, speaker labels, action items, nothing leaves the machine. Three months of dogfooding taught me something I didn't expect. I almost never reread a transcript. The value shows up later, when an agent answers "what did we decide about pricing in April" from files it can actually read.

That experience is why one line in a16z's piece "Everything Is Recorded Now" stuck with me. David Haber argues default-on recording is inevitable and that a new system of record will form around voice. He's right, and the piece is worth reading. But he also concedes the governance controls will get "retrofitted on top" after adoption wins.

Retrofitting worked when the reader of a record was a person. It breaks when the reader is an agent, because an agent will happily surface the one conversation you never should have captured, in a context you never imagined, years later. Whoever holds the corpus sets the rules, and if the corpus lives on someone else's servers, the rules were never yours to set.

So we're building the controls into the record itself. Every Minutes recording now carries its consent basis in the file's frontmatter. Next: meetings you designate sensitive produce structured notes with no audio captured at all, plus a sensitivity field the agent layer is required to respect. A restricted meeting simply never appears in search results, graph queries, or anything an agent assembles.

Recording everything is coming either way. I'd rather own my record, and have my agents respect boundaries I set, before the default flips.

Minutes is MIT licensed. If you're building in this space, the consent spec and the phase 2 plan are in the repo. Point Claude or Codex at it and spin up your own version.