Can Your Company Be Sued for Using Otter.ai or Fireflies? Employer Liability for AI Notetakers in 2026

Yes — your company can be sued for using Otter.ai, Fireflies.AI, or similar AI meeting assistants, and the risk profile changed materially in the first half of 2026. A consolidated federal class action in the Northern District of California is testing whether the businesses that deploy AI notetakers share liability with the vendors that built them, under Illinois' Biometric Information Privacy Act (BIPA), California's Invasion of Privacy Act (CIPA), and the federal Wiretap Act. Damages math is unforgiving, and the defenses most companies thought they had — single-host consent, calendar-invite disclaimers, terms-of-service flow-downs — are being directly attacked in court.

The case that put employers in the crosshairs

The bellwether litigation is In re Otter.ai Privacy Litigation, a consolidated putative class action pending before Judge Eumi K. Lee in the U.S. District Court for the Northern District of California. The lead complaint, Brewer v. Otter.ai Inc., No. 5:25-cv-06911 (N.D. Cal. Aug. 15, 2025), alleges that Otter automatically joins Google Meet, Zoom, and Microsoft Teams meetings and records the contents of conversations involving non-users without their consent, in violation of federal and state wiretap statutes.

According to a January 2026 analysis by Babst Calland's review of the Brewer complaint, plaintiffs frame Otter's tools not as neutral productivity software but as "unauthorized third-party surveillance operating inside private meetings." The complaint alleges the AI assistant joins calls as an autonomous participant, transmits conversations to Otter's servers for transcription, records even non-account holders, provides little or no participant notice, and shifts responsibility for consent onto the meeting host — which is to say, onto the employer.

That last point is what makes this an employer story. As HR Executive's coverage of the consolidated case explained, plaintiffs' theory is that Otter "recorded private conversations without the consent of all participants and used those recordings to train its AI models without adequate disclosure" — but the meeting host who flipped the switch is the party that brought the bot into the room. Employment attorneys are already telling clients that this is where liability is likely to land.

BIPA: the $1,000-per-person trap that doesn't care where you're headquartered

The most expensive risk for employers in 2026 isn't CIPA — it's Illinois' Biometric Information Privacy Act. Under BIPA (740 ILCS 14), as explained by Mason LLP, voiceprints are classified as biometric identifiers, and companies that collect them must provide written notice, obtain informed written consent before collection, and maintain a publicly available data-retention and destruction policy. Penalties run up to $1,000 per negligent violation and $5,000 per intentional or reckless violation — per person.

The companion case to Brewer is Cruz v. Fireflies.AI Corp., No. 3:25-cv-03399-SEM-DJQ, filed December 18, 2025. The plaintiff, an Illinois resident, attended a meeting hosted by an Illinois nonprofit that had enabled Fireflies. As Lewis Rice's analysis of the Cruz complaint notes, she had never created a Fireflies account and never signed any written release, but the AI assistant used speaker recognition technology to distinguish between participants — which the complaint argues necessarily involves creating voice-derived biometric identifiers.

For non-Illinois employers, the critical detail is that BIPA's protection follows the individual, not the company. If a single Illinois employee, customer, or vendor is on the call when speaker diarization runs, the deploying organization is exposed. A February 2026 alert from Amundsen Davis warned employers that BIPA has become one of the most litigated biometric privacy statutes in the nation, and that proactive governance of AI notetaking technology is the only way to capture productivity gains without absorbing the privacy risk.

Why "the vendor handles it" is not a defense

The most quietly explosive analysis of 2026 came from SGR Law's March 2026 client alert, which framed Cruz v. Fireflies as a scenario "that will resonate with many organizations": an Illinois resident joined a routine virtual meeting, never signed up for any AI service, and never consented to data collection. The bot was there because another participant — an employer, a nonprofit, a partner organization — had configured it to auto-join. That host is the entity that brought biometric collection into the room.

An April 2026 analysis by tldv's review of the AI meeting recorder lawsuits made the deploying-organization risk explicit: BIPA liability isn't limited to the vendor named in the complaint, and organizations that enable AI notetakers in meetings involving Illinois residents "can, in some circumstances, find themselves drawn into the same legal territory" — particularly when teams regularly record calls with external participants across state lines.

CIPA: California's two-party consent rule applies even when audio isn't stored

California's Invasion of Privacy Act is the other half of the squeeze. Most employers assume CIPA is only triggered when audio is recorded and stored. That assumption is wrong. According to a November 2025 National Law Review analysis of the Otter litigation, CIPA prohibits "reading, attempting to read, or learning" the contents of communications without consent, and prohibits using or attempting to use information derived in that manner — see Cal. Penal Code § 631(a). Under the California Supreme Court's decision in Ribas v. Clark, 38 Cal. 3d 355, 364 (1985), merely listening to a call without all-party consent may violate CIPA.

The practical implication is brutal: even if your AI notetaker vendor proudly advertises that it "doesn't store audio," the act of analyzing the audio in real time to generate a transcript can itself be the CIPA violation. Federal wiretap claims add another layer — and as Frankfurt Kurnit's August 2025 client alert on AI recording lawsuits noted, the Federal Wiretap Act provides statutory damages of the greater of $100 per day or $10,000 per violation, per class member — numbers that can quickly reach the many thousands across a healthcare or call-center customer base.

How the discoverability problem compounds the consent problem

The consent exposure runs parallel to a discoverability exposure that PYMNTS covered in June 2026. Corporate lawyers have begun ejecting AI notetakers from meetings before they start, because automated transcripts turn routine business conversations into discoverable evidence in lawsuits and investigations. A 2025 Fellow.ai survey of IT and business leadership cited in that piece found three out of four professionals using an AI notetaker in their work meetings — which means the volume of cloud-stored, searchable, time-stamped corporate conversation is growing faster than any company's records-retention policy was designed to handle.

For employers, the two problems compound. A meeting recorded without all-party consent is both a privacy violation and a piece of evidence that the plaintiff can use to prove the violation. There is no "delete the transcript and the problem goes away" path once a class action is filed and a litigation hold attaches. For more on that mechanism, see our coverage of AI meeting transcripts as discoverable evidence.

The August 2026 EU AI Act adds a second front for global employers

For multinational employers, August 2026 introduces a second regulatory front. The HR Executive analysis of the consolidated Otter case flagged that the EU AI Act introduces a separate layer of obligation: AI systems used for worker monitoring and management may be classified as high-risk, a category that could encompass tools offering sentiment analytics or productivity scoring alongside transcription. Combined with Article 5 of the GDPR's data minimization mandate and Article 9's special-category treatment of biometric data, the EU stack effectively prohibits the casual deployment of cloud AI notetakers across workforces that include EU residents.

The employer liability matrix at a glance

The following table summarizes the statutes most often invoked against employers that deploy AI notetakers, the exposure per individual, and whether on-device processing eliminates the claim. This is the matrix your procurement and legal teams should be building against today, not after a complaint lands.

The defenses that don't work (and why)

Single-host consent

The most common employer defense is that the host who turned on the bot consented on behalf of the room. UMEVO's BIPA compliance analysis calls this the "implied consent myth" and points out that BIPA explicitly requires written consent from each individual whose biometric data is captured. CIPA's two-party-consent regime is structurally incompatible with a single-host-clicks-yes model. The defense fails on the face of the statute.

Calendar invite disclaimers

A line in the meeting invite reading "this meeting may be transcribed by AI" is not BIPA-compliant written consent and is not CIPA-compliant all-party consent. It also doesn't satisfy GDPR Article 7's requirement that consent be "freely given, specific, informed and unambiguous" — particularly in the employer/employee context where the power asymmetry makes "freely given" almost impossible to demonstrate.

Vendor terms-of-service flow-down

Many employers assume that because they accepted Otter's or Fireflies' terms of service, the vendor's representations protect them. The opposite is closer to the truth. As the Otter.ai privacy policy and the Fireflies privacy policy both make clear, the vendors expressly shift consent-collection responsibility to the meeting host and to the deploying organization. That shift is binding on the employer, not on the non-consenting third party who happens to be on the call.

How Basil AI solves this: the third party simply doesn't exist

The structural problem with cloud AI notetakers is architectural, not policy-based. Every one of the statutes above turns on the introduction of a third party into a private conversation — a vendor that "intercepts," "reads," "learns," or extracts biometric identifiers from the audio. The only way to neutralize that risk is to make sure no such third party exists.

Basil AI runs transcription entirely on-device using Apple's Speech Recognition framework and the Neural Engine inside iPhone, iPad, and Mac. Audio is captured by the host's own device, processed locally, and stored locally. No bot joins the meeting as an autonomous participant. No audio is transmitted to a vendor's servers. No voiceprint is extracted to a third-party database. The host is one of the parties to the conversation, which means under federal wiretap law and one-party-consent jurisdictions, no third party has "intercepted" anything. BIPA is not triggered because no biometric identifier leaves the device. CIPA's third-party prohibition has no target.

For a deeper architectural comparison, see our guide to bot-free AI notetakers for consultants and solo founders, our Mac-native bot-free transcription comparison, and our coverage of how on-device processing avoids attorney-client privilege waiver.

Your Monday-morning checklist

1. Inventory every meeting tool in use. Audit Zoom, Teams, Google Meet, and standalone bots (Otter, Fireflies, Fathom, Read.ai). Flag anything with speaker recognition.
2. Map the Illinois exposure. Identify any team that regularly meets with Illinois residents — employees, customers, vendors, candidates. That is your BIPA perimeter.
3. Disable auto-join by default. Configure meeting platforms to require explicit per-meeting enablement, not background auto-attach. This alone reduces unintentional collection materially.
4. Replace single-host consent with per-participant consent. If you continue using a cloud notetaker, build a flow that captures each attendee's affirmative written consent before the bot processes their voice.
5. Move sensitive meetings to on-device capture. Board meetings, HR conversations, legal strategy, M&A diligence, and any conversation with regulated data should never run through a cloud notetaker.
6. Update retention policies. Transcripts are discoverable. Apply the same defensible-deletion schedule to AI transcripts that you apply to email and Slack.
7. Document the procurement decision. If you adopt on-device tooling specifically to manage BIPA/CIPA/wiretap risk, write that down. It is evidence of reasonable governance.

The procurement decision is no longer a feature comparison

Through 2024, choosing an AI notetaker was a feature exercise — speaker labels, summary quality, calendar integration, price per seat. In 2026, it is a liability-allocation exercise. The vendor that "doesn't store audio" can still trigger CIPA. The vendor that promises "enterprise-grade security" can still produce voiceprints that violate BIPA. The vendor whose terms of service push consent onto the host is, by design, pushing the lawsuit onto the host's employer.

The architectural alternative — capture audio on the host's own Apple device, transcribe with the same Speech Recognition framework Apple uses for Siri, and never transmit the audio off the device — collapses the entire attack surface. There is no third party to sue. There is no voiceprint to recover. There is no transcript in a vendor's cloud waiting to be subpoenaed. That is the procurement story for the rest of 2026, and it is the one Basil AI was built to tell.

Eliminate the third party. Keep the notes.

Basil AI runs entirely on your iPhone, iPad, or Mac — no bot, no cloud upload, no voiceprint in someone else's database. Reclaim your meeting privacy and your procurement story.