Violating consent laws – not the only risk with recording and transcription

Yuri Kostun January 7, 2026 2 minutes read

A significant federal class-action lawsuit, Brewer v. Otter.ai, Inc., has been filed, raising urgent concerns about the privacy implications of AI transcription tools across corporate meeting platforms. The suit alleges that Otter.ai’s products, specifically Otter Notetaker and OtterPilot, unlawfully recorded and used private conversations conducted over platforms like Zoom, Google Meet, and Microsoft Teams without the informed consent of all participants—particularly those who were not Otter account holders.

The legal claims are serious, centering on the idea that these actions violate both federal wiretap laws (the Electronic Communications Privacy Act, or ECPA) and stringent state statutes like the California Invasion of Privacy Act (CIPA), which often requires all-party consent for recording. The lawsuit highlights a major compliance gap: the responsibility for obtaining consent for automated recording is shifted from the vendor to the individual user, a mechanism the plaintiff argues is insufficient when the Notetaker joins automatically and quietly.

Crucially, the suit also alleges that Otter.ai used these unauthorized recordings and their resulting transcripts to train and improve its proprietary machine learning models for its own financial benefit. This constitutes a secondary use of personal data that was never disclosed to, or consented to by, the recorded participants. The outcome of Brewer v. Otter.ai will be a pivotal test, defining how existing wiretap and privacy laws apply to AI systems that automatically record, process, and ultimately use conversational data to enhance their underlying machine learning technology. This has major implications for every company relying on AI to document and analyze virtual meetings.

Great post by Honeit in this post: https://lnkd.in/gYS_9MfN

hashtag#AICompliance hashtag#PrivacyLaw hashtag#Wiretap hashtag#RemoteWork hashtag#HRTech