Who should see what the AI wrote about your 1:1, and who should not

The useful question about AI in a 1:1 is no longer whether it belongs there. It is which output goes to whom. A summary, the decisions, and the action items belong to both people in the meeting. A read on how the conversation went, what might need attention, and what you might coach on next belongs to the manager alone. Put those two things in the same feed and you have not added transparency. You have changed what your report is willing to say.

That placement question is getting sharper this year, and from two directions at once.

The room is filling up with AI that listens

One direction is the live meeting. Meeting assistants now sit inside the call and summarize it in real time or after it ends, and they suggest action items while the conversation is still happening. ^source For 1:1 and group calls they will also produce notes, recommended tasks, a list of who spoke, the topics covered, and chapters of the recording. ^source That is a lot of capture, and most of it lands in a shared artifact by default.

The other direction is the category around structured 1:1s and performance, which has been adding AI that drafts coaching notes and reads sentiment, then putting more of that output in front of more people inside the tool. Useful, in the right place. The trouble is that "the right place" is the part nobody decided on purpose.

Two design philosophies, then. One listens to the live room. The other reads what people deliberately wrote down. They produce a similar looking artifact and a very different consent situation.

Why placement is the whole game

A 1:1 only works if the report can be candid, and candor is fragile. The moment a report believes their manager's private read ("seemed checked out this week", "this is the third slipped commitment", "needs support on the migration") will show up in a record they can also see, they start managing their words around it. People perform for the audience they think is listening. Drop the sentiment read into the shared feed and you have quietly taught your report to give you less.

This is not an argument against the manager having that read. Managers already keep private notes after a hard 1:1, in a doc or a notebook somewhere, and pretending they do not makes the tooling weaker rather than safer. The argument is about the line between two documents. The shared record and the private read have two different audiences, and the software should treat them as two different things instead of one stream with everything in it.

The EU is drawing a version of that line too

There is a regulatory edge here, and it is worth reading as a placement and consent signal, not as legal advice. The EU AI Act's prohibited-practices rules already apply, ahead of the broader implementation timeline. ^source Among those prohibited practices is using AI to infer emotions in the workplace, outside narrow medical and safety exceptions. ^source

Be careful about what that does and does not say. It is not a verdict that any particular product is compliant, and none of this is legal advice for your situation. What it does signal is direction. Inferring how an employee feels from how they sound in a live meeting is exactly the move that regulators chose to fence off early. A read built on what people chose to write down, across recurring sessions, sits on noticeably different ground from one inferred from the audio of a room.

The boundary we chose

When a session ends in 1on1, the output splits in two on purpose. The summary, the key takeaways, the decisions, and the action items go to both participants. Same record, same words, both sides looking at the same thing. That is the whole point of keeping a record.

The manager-only addendum is the other half. It carries a short sentiment read, a few risk indicators, and a couple of coaching prompts, and it is meant for the manager. The report's view never includes it; access is restricted to the manager and admins on the server. Underneath that, tenant data is isolated by Postgres row-level security at the database layer, and a manager's private notes are encrypted at rest with per-tenant keys. ^source

Two choices make this defensible rather than creepy. First, the addendum is written from the recurring written record (prior sessions, action items that closed or slipped, the trend in a simple session rating), not from live audio of the meeting. Second, the split is the default, not a toggle someone has to remember. The private read stays private because the data model puts it there, not because everyone behaved well that day.

What to do with this

You do not need a policy memo to get this right. You need to decide, for one relationship, which output is shared and which is yours.

Run one manager and one report for four sessions. Keep the summary, the decisions, and the action items in the record you both see, and keep it clean. Keep your own read (how it is going, what you are worried about, what you want to coach next) on your side of the line. After the fourth session, ask yourself one thing: did your report bring you something harder because the shared record stayed safe to read? That answer tells you where the line belongs, in whatever tool you end up using. You can run that test with one pair before you change anything for the rest of the team. ^source