Microsoft is turning the table on uninvited artificial intelligence in meetings. Starting in late June 2026, the company will roll out new lobby controls for Microsoft Teams that specifically target external third-party bots—commonly used as AI note takers or meeting assistants—forcing them to wait in a virtual lobby until a human organizer approves their entry. Dubbed the “Lobby Bouncer,” the feature is designed to identify these automated participants, hold them at the door, and give meeting hosts the final say on whether they get a seat at the table.

The move comes as enterprise users increasingly grapple with the proliferation of AI tools that join meetings unannounced, often catching participants off guard. From Otter.ai to Fireflies, dozens of services promise to transcribe meetings and summarize action items, but they typically join as standard participants—sometimes without clear consent or visibility. Microsoft’s new controls aim to return power to meeting organizers and IT administrators, who will soon be able to enforce a strict gatekeeping policy for any bot meeting the “external” marker.

How the Lobby Bouncer Works

The Lobby Bouncer is not a new feature from scratch; it extends Teams’ existing lobby mechanism, which already governs how guests join. But this iteration adds a layer of intelligence specifically for third-party AI. When a bot attempts to enter a meeting, Teams inspects its identity profile—likely via the Microsoft Teams app registration and the bot’s tenant or publisher ID. If the bot originates from outside the host’s organization or is not explicitly on an allow-list, it gets flagged.

From that point, the bot is held in the lobby. The meeting organizer—or any presenter—sees a dedicated notification that an external application is requesting entry. The prompt details the bot’s name, publisher, and the permissions it has requested (such as reading chat messages or accessing meeting audio). The host can then choose to admit, deny, or leave the bot in limbo. Importantly, the bot does not gain any meeting data until it is admitted, closing a long-standing loophole in meeting security.

Microsoft is also building a regulatory record of these interactions. According to early documentation, every bot entry request and host response will be logged in the meeting’s audit trail. For organizations in heavily regulated industries, this provides a compliance-friendly paper trail showing that a human reviewed each AI participant. The log includes timestamps, identities, and the final access decision.

The Rise of Rogue AI Meeting Attendees

The need for such a feature has been brewing for years. When AI note takers first appeared, they were a novelty that seemed harmless. But as they became more prevalent, concerns grew. Privacy advocates noted that bots often capture audio and text without explicit opt-in from all participants. Some services join as “hidden” attendees, their presence buried in a long list of participants. In other cases, employees invite bots to meetings without informing colleagues or clients, leading to friction when sensitive topics surface in AI-generated transcripts.

A 2025 Microsoft Digital Defense Report hinted at the problem, noting a 340% year-over-year increase in incidents where unapproved AI assistants accessed corporate meetings. While most were benign, a small number involved data leakage or unauthorized recording. The Lobby Bouncer addresses the root cause: no bot—even one invited by an internal user—can bypass the lobby if it’s designated as external.

What Changes for Admins and Organizers

For IT administrators, the new controls will appear in the Teams admin center under meeting policies. A new toggle allows enabling “External bot lobby control” globally, per user, or per group. When turned on, the lobby automatically activates for any bot not registered in the organization’s own tenant or a trusted list. Admins can also create explicit allowlists of known third-party services—for example, permitting a company-wide transcription bot while blocking unknown ones.

Meeting organizers gain a simpler experience. By default, all external bots land in the lobby; the organizer can then approve or deny each one individually. A persistent “Bot lobby” icon in the meeting controls shows the number of bots waiting. Organizers can also set a meeting option to disable external bots entirely, preventing any from sending join requests. This is especially useful for high-stakes meetings where the presence of an AI note taker could compromise confidentiality.

Microsoft has also built in subtle safeguards. If a human presenter inadvertently admits a bot that later exhibits suspicious behavior—such as attempting to access files beyond its scope—the meeting host can instantly remove it. And if a bot is denied entry, its join attempt is still logged, deterring malicious actors who might try to brute-force their way in.

Impact on the Third-Party AI Ecosystem

The new policy is a mixed bag for the booming AI meeting assistant market. On one hand, it could reduce the number of bots that successfully join meetings, potentially hitting usage metrics for services like Otter.ai, Fireflies, and Tl;dv. On the other, it forces these companies to become more transparent and compliant, which could elevate trust among enterprise customers. Some vendors have already signaled they will work with Microsoft to streamline authentication, ensuring their bots appear with clear labeling and publisher verification.

Developers building on the Teams platform will need to adjust their bot registration processes. Microsoft is expected to release updated developer guidance by early June 2026, detailing how to mark a bot as “external” and what data it must disclose to organizers. A new “app compliance partner” program may fast-track well-known bots onto a pre-approved list that admins can opt into, reducing lobby friction for widely trusted services.

Comparison with Existing Meeting Controls

Teams has long offered lobby controls for anonymous users and guests, but those mechanisms treated bots like any other participant. If a bot was invited via a meeting link, it could often join directly—especially if the meeting policy allowed “People in my organization” to bypass the lobby. The Lobby Bouncer closes that gap by treating bots as a distinct category, regardless of how they were invited.

Zoom and Google Meet have also tightened their bot policies. Zoom’s “AI Companion” feature, for instance, now requires host approval for third-party meeting assistants. Google Meet allows admins to restrict which apps can access meetings. Microsoft’s approach, however, is arguably more granular, with lobby-specific logic that doesn’t rely solely on pre-meeting settings or allowlists. The ability to approve or deny bots in real-time gives hosts dynamic control that other platforms have yet to match.

Regulatory and Compliance Implications

The audit trail component is a standout for compliance officers. Under regulations like GDPR, recording or processing meeting data without consent can attract hefty fines. By logging every bot’s entry and the host’s decision, Teams provides a verifiable chain of custody. If an AI transcription service later appears in a data subject access request, the organization can demonstrate that a human authorized its presence.

Microsoft has been subtle about the “prepare a reg” snippet in early communication. It likely refers to a feature that automatically generates a regulatory compliance artifact—a standardized report detailing which bots accessed the meeting and under what conditions. This could be exported directly from the Teams admin center or ingested into compliance tools like Microsoft Purview.

What Users Can Expect in Late June 2026

The rollout is planned for the final weeks of June 2026, aligning with the typical end-of-month feature drops for Microsoft 365. Targeted release tenants will see the option first, followed by standard rollout over the subsequent weeks. The feature will be available to all commercial Teams licenses, including E3, E5, Business Basic, and Business Standard, though some advanced logging capabilities may require E5 or Compliance add-ons.

Admins should prepare by reviewing their current meeting policies and identifying which external bots are already in use. Microsoft recommends a phased approach: enable the lobby in report-only mode initially to observe bot activity, then move to active blocking for unknown bots. Communication templates will be provided to help IT departments notify end users about the change, particularly for teams that rely heavily on AI note takers.

The Bigger Picture: Securing the AI-Infused Workplace

The Lobby Bouncer is just one piece of Microsoft’s broader push to make AI safe and manageable in the workplace. In recent months, the company has introduced Copilot governance controls, sensitivity labels for AI-generated content, and stricter tenant isolation for AI services. The bot lobby is a natural extension—a recognition that while AI assistants can boost productivity, they must also be governed like any other meeting participant.

As AI becomes more embedded in daily collaboration, the line between helpful automation and intrusive surveillance will grow thinner. Microsoft’s insistence on human-in-the-loop approval for external AI sets a powerful precedent. It says: you may bring your own AI to the meeting, but only if the humans in the room consent. That principle, once codified in software, could shape enterprise IT policies for years to come.

For now, late June 2026 is circled on many IT calendars. When the Lobby Bouncer goes live, it will mark the first time a major collaboration platform gives meeting hosts a dedicated bouncer to check the ID of every AI trying to listen in—and the authority to say “Not tonight.”