In Brewer v Otter.ai, the U.S District Court for the Northern District of California, Justin Brewer filed a class-action lawsuit against Otter.ai. Brewer alleges that Otter.ai’s “Otter Notetaker” and “OtterPilot” tool deceptively record private conversations without proper consent and use them to train AI systems. This raises concerns under federal law and the California Privacy and Electronic Communications Privacy Act of 1986 (ECPA). In relation to South Africa, this is similar to the Regulation of Interception of Communications and Provision of Communication-Related Information Act 70 of 2002 (RICA). Both these Acts serve to regulate any electronic communications by protecting the privacy of electronic communications, prohibiting the real-time interception, use, or disclosure of electronic data without the consent of at least one party to the communication.

Who should care about Brewer v Otter AI and why?

Any organisation that uses an AI meeting assistant (like Otter.ai or Copilot) in virtual meetings on platforms like Zoom, Teams, and Google Meet.

What could you do about the Brewer v Otter.ai?

  • Make an informed decision about whether your organisation should use AI meeting assistants.
  • If you decide to use AI transcription tools, conduct a Privacy Impact Assessment (PIA) to identify consent risks and compliance gaps.
  • Update your internal policies to clearly inform all employees about using transcription or audio capture and explain how you will use the recordings.
  • Negotiate contractual terms or settings with vendors to limit or opt out of the AI tool using your organisation’s data.
  • Enable or require pre-meeting notices in the app settings so participants can give informed consent or opt out.
  • Train staff to pause or disable AI notetakers in sensitive or regulated meetings.

Our insight on the litigation

This case is a wake-up call. We have come to accept the gift of AI in our organisations, boosting productivity, and freely welcomed it into our ecosystems. Yet Justin Brewer v Otter.ai highlights a critical risk, which is the potential violation of POPIA and RICA. The case reminds us that the convenience of AI can never come at the expense of compliance. For leadership, the lesson is clear. Organisations must take a deliberate decision on whether to use AI meeting assistant tools at all. If you choose to do so, management should ensure that the chosen tool aligns with legislation and internal policies, and that employees are properly trained in its responsible use. We have written extensively about the importance of consent when recording conversations. This case underlines why consent cannot be an afterthought; it must be a core compliance checkpoint in adopting any AI tool in your organisation.

Digest

Facts

Justin Brewer, a California resident, filed a class action lawsuit against Otter.ai Inc. in the U.S. District Court for the Northern District of California. He alleges that Otter.ai’s transcription features, including Otter Notetaker and OtterPilot, secretly joined virtual meetings on platforms like Zoom, Microsoft Teams, and Google Meet. According to the complaint, these AI assistants recorded conversations without obtaining consent from all participants, particularly non-users who never signed up for Otter.ai’s services.

Brewer claims that Otter.ai went further by storing transcripts and recordings on its server. He says Otter.ai is using that data to train its AI models, again without consent. He argues this violates both federal and state privacy laws that require informed consent from every party to a conversation.

Because Brewer filed the case as a class action, he seeks relief not just for himself but for anyone whose conversations Otter.ai captured in the same way. His allegations put Otter.ai’s business model under pressure. The company promotes its tools as productivity boosters, but the case shows they may create serious privacy and compliance risks for organisations

Reasoning

This case is still in its early stage. We only have Justin’s side while we wait for Otter.ai to respond. His reasoning is based on the premise that AI meeting tools that record and process conversations without proper consent can violate privacy laws. The California Invasion of Privacy Act (CIPA) requires consent from all parties before recording private conversations. Otter.ai’s approach of requesting consent only from the host or sometimes skipping it entirely could be non-compliant. At the federal level, the ECPA and the Computer Fraud and Abuse Act (CFFA) restrict the unauthorised interception or access of communications. Using meeting recordings to train AI without explicit consent could violate these laws.

Finally, the case highlights that shifting responsibility to account holders is not enough. Even if an AI meeting assistant tool asks the host to get consent from participants, that doesn’t remove the developer’s responsibility. The AI tool provider, as the data controller, is still responsible for how personal information is collected, stored, and used. For organisations, this means you need to carefully check consent practices and ensure the AI meeting assistant tool complies with privacy laws before using it.

Order

As of now, no judgment or court order has been issued yet.

Details of Justin Brewer v Otter.ai

  • Universal Citation: Brewer v. Otter.ai Inc., 5:25-cv-06911
  • Case Number: 5:2025cv06911
  • Full name: Justin Brewer v. Otter.ai Inc.