As Zoom, Teams, and Google Meet have quickly become the default way we gather, a new trend has emerged: many virtual meetings now end up being “attended” by more AI notetakers, like fireflies.ai or Otter.ai, than actual people. What most users don’t realize, as they rely on these tools for effortless transcriptions, is that AI notetakers are increasingly attracting litigation under federal and state wiretapping laws. Otter.ai, in particular, has drawn significant attention from the plaintiffs’ bar, with multiple lawsuits alleging that its AI notetaker joins meetings, records participants, and uses their conversations without securing the consent required under applicable wiretap statutes.
In Brewer v. Otter.ai Inc., No. 5:25-cv-06911 (N.D. Cal. Aug. 15, 2025), the complaint alleges that Otter automatically joins Google Meet, Zoom, and Microsoft Teams meetings and records, accesses, reads, and learns the contents of conversations involving non-users without their consent, in violation of the federal Electronic Communications Privacy Act (“ECPA”). According to the allegations, Otter transmits call content to its servers in real time, uses participant conversations to train its machine-learning models, retains recordings indefinitely, and provides no meaningful disclosure to non-Otter participants. The complaint also alleges that Otter shifts responsibility onto accountholders to obtain permission for recordings rather than obtaining required consent itself.
In Walker v. Otter.ai Inc., No. 5:25-cv-07187 (N.D. Cal. Aug. 26, 2025), the plaintiffs allege that Otter’s system captures and stores “voiceprints” or unique biometric identifiers during video-conference calls and uses those voiceprints to identify speakers in later meetings. The complaint alleges that Otter collects, stores, and uses this biometric data without providing notice, obtaining written consent, or maintaining a publicly available retention schedule, in violation of the Illinois Biometric Information Privacy Act (“BIPA”).
The complaint in Theus v. Otter.ai Inc., No. 5:25-cv-07462 (N.D. Cal. Sept. 3, 2025), alleges that Otter engages in covert surveillance by joining meetings as a silent participant, recording audio, taking screenshots, storing sensitive data indefinitely, and sending transcripts and summaries to attendees without their knowledge. The complaint purports that Otter collects names, emails, and metadata from calendars, links those details to recordings and transcripts, sends unsolicited promotional emails to non-users, and uses recorded content to train AI models, all without disclosure or consent, in violation of ECPA and the California Invasion of Privacy Act (“CIPA”). It further alleges that Otter’s auto-join feature is enabled by default and, in some cases, continues to join meetings even after users attempt to disable it.
Finally, in Winston v. Otter.ai Inc., No. 5:25-cv-07712 (N.D. Cal. Sept. 10, 2025), the complaint alleges that Otter automatically joins meetings through synced calendars, records conversations, transcribes them in real time, captures identifying information about participants, and stores and distributes meeting content without notice or consent, in violation of ECPA, BIPA, and CIPA. The complaint also alleges that Otter sends follow-up emails containing partial transcripts and screenshots to all invitees, regardless of whether they attended, and encourages non-users to create accounts. According to the allegations, Otter’s default configuration does not notify non-users that they are being recorded and only offers the option to notify non-user attendees with its “Enterprise plan” which is its most expensive offering.
These cases are proceeding as a consolidated action in before Judge Eumi K. Lee of the Northern District of California in In re Otter.AI Privacy Litigation, No. 5:25-cv-06911. Although no substantive rulings have been issued yet, these filings highlight the significant risk associated with undisclosed AI notetakers. Importantly, the fact that a notetaker does not store audio does not eliminate exposure. CIPA prohibits “reading, attempting to read, or learning” the contents of communications without consent, and prohibits using or attempting to use information derived in that manner. See Cal. Penal Code § 631(a). Under the California Supreme Court’s decision in Ribas v. Clark, 38 Cal. 3d 355, 364 (1985), merely listening to a call without all-party consent may violate CIPA, as the statute’s objective is to prevent situations in which one participant “permits an outsider to tap her telephone or listen in on the call.”
We’ll keep an eye on these cases make sure to bring you all the latest updates!
CIPAWorld 