Far more people can see your AI meeting notes than the people who were in the meeting. The bot that joins your call can auto-email the transcript to everyone on the calendar invite, including people who never showed up, and in some states it can record your voice and store it as a biometric voiceprint without asking first. Two live 2026 lawsuits, against Otter.ai and Fireflies.ai, turn on exactly these two facts: who the transcript reaches, and whose voice gets captured.
This post is about the silent bot sitting in your call, not the chatbot you type into. The distinction matters legally. When you paste text into ChatGPT, you chose to share it. When an AI notetaker joins a Zoom or Google Meet, it captures every voice in the room, often before anyone has consented, then distributes a written record on its own schedule. That is where consent law, auto-distribution, and biometric retention collide, and it is why a tool people treat as a harmless convenience keeps ending up in court.
The transcript goes further than the meeting did
Most privacy advice tells you to mute or leave a call. It misses the real leak: automatic distribution. Otter sends follow-up emails with partial transcripts and screenshots to people on the calendar invite whether or not they attended, and it nudges non-users to create accounts to read them. So a colleague who declined the meeting, or never opened the invite, can still find a summary in their inbox of what was said about them, by them, or near them.
Here is why the leak stays silent. The bot does not wait for a speaker to approve a quote. It transcribes continuously, attaches the output to the calendar event, and follows the host's sharing rules, which often default to the full invite list. Nobody re-reads the transcript to decide what is safe to forward. The distribution fires automatically, a setting you cannot see picks the audience, and no one asks the speaker.
Consider a candid moment. A frustrated aside, a salary figure, a half-formed strategy, a client name: once the notetaker writes it down, the people who heard it are no longer the only people who can read it. The invite list can. The host's shared workspace can. So can any integration the host wired up. The recording outlives the conversation and travels without the speaker pressing send. A sentence meant for the room turns into a searchable line that anyone with access can quote back weeks later, stripped of the context that made it reasonable.
Rule of thumb: assume anything said while an AI notetaker is active will be readable, searchable, and forwardable by people who were never in the room.
Your voice can become a biometric voiceprint
BIPA protects your voice even if you never signed up, never agreed to the terms, and were just sitting in the call, with statutory damages of $1,000 to $5,000 per violation. That is the second shock, and it lands harder than the first. Some notetakers use speaker recognition to tell participants apart, and to do that they build a voiceprint: a mathematical model of the unique characteristics of your voice. A voiceprint is not just a recording. It is a biometric identifier, in the same legal family as a fingerprint or a face scan, and that classification triggers a specific set of obligations in Illinois.
In December 2025, Illinois resident Katelin Cruz filed a proposed class action against Fireflies.ai in federal court. The complaint alleges that when the Fireflies bot joined a meeting she attended, its speaker-recognition feature created a voiceprint of her voice without notifying her, obtaining written consent, or publishing a retention policy. Critically, the suit covers people who never created a Fireflies account, never agreed to its terms, and were simply present in a recorded call. That is the injustice at the center of these cases: the duty to ask sits with the vendor and the host, never with the person whose voice gets modeled.
Why Illinois is the pressure point: BIPA
The Illinois Biometric Information Privacy Act, 740 ILCS 14, is the strictest biometric law in the country, and it is why voice cases keep landing there. Before a company collects a biometric identifier like a voiceprint, BIPA requires three things: written notice that it is collecting the data, including the purpose and length of collection; informed written consent; and a publicly available retention and destruction schedule. Miss any one and the violation is actionable on its own, so a vendor can be liable even when no one was ever harmed by the data.
BIPA also has teeth because it lets individuals sue directly and recover fixed statutory damages: $1,000 per negligent violation and $5,000 per reckless or intentional violation, plus attorney fees. Those amounts attach per affected person, not per lawsuit, and they do not require proving anyone lost money. The Cruz complaint seeks exactly those statutory amounts. That is why notetaker vendors that quietly voiceprint meeting guests are now defendants: the exposure follows the number of people whose voices got modeled, even where each person's claim resolves to a single award.
BIPA protects you even if you never signed up for the tool. If a notetaker captured your voice in an Illinois meeting, the consent obligation was the vendor's and the host's, not yours.
Is it legal to record a meeting with an AI notetaker?
It depends on the state, and the dividing line is consent. In an all-party consent state, every person on a call must agree before anyone can legally record it, so the AI notetaker has to be disclosed before it captures a word. People often call these two-party consent states, but the accurate term is all-party: two people or twelve, everyone has to consent. The rest of the country largely follows the federal one-party standard, where a single participant's consent is enough.
The exact count varies by source, because a few states have mixed or unsettled rules, but roughly 11 to 12 states require all-party consent. The list reliably includes California, Illinois, Florida, Maryland, Massachusetts, Pennsylvania, and Washington, with Connecticut, Delaware, Montana, New Hampshire, and Oregon added depending on how each survey reads the case law. The practical rule beats the map. If you cannot confirm every participant is in a one-party state, treat the call as all-party and announce the bot. Over-announcing costs you a sentence at the top of a meeting. Under-announcing can cost you a statutory claim.
California's piece of this is the California Invasion of Privacy Act. Penal Code 632 makes it a crime to use a recording device to capture a confidential communication without the consent of all parties, with penalties up to a $2,500 fine per violation and separate civil damages. A confidential communication is one where a participant reasonably expects it stays among the people present, which is precisely the expectation an undisclosed notetaker breaks. A silent bot in the call does not change that expectation for the people talking, and that gap between what they expect and what the tool does is what the statute reaches.
The Otter.ai case: a notetaker framed as an eavesdropper
Four putative class actions against Otter.ai have been consolidated into In re Otter.AI Privacy Litigation, No. 5:25-cv-06911, before Judge Eumi K. Lee in the Northern District of California. The core theory frames the notetaker as an unauthorized third-party eavesdropper that auto-joins and records calls without affirmative consent from all participants. The motion-to-dismiss hearing, first set for May 20, 2026, was reset and is now scheduled for July 15, 2026 at 10:00 AM in the San Jose federal courthouse, Courtroom 7, before Judge Lee.
The claims stack several laws at once: the federal Electronic Communications Privacy Act, California's CIPA, Illinois BIPA, and the Computer Fraud and Abuse Act. Otter, for its part, denies that any interception occurred and argues the plaintiffs failed to plead the core legal elements. The case matters beyond Otter because the same auto-join, auto-record design sits inside most of the category. A ruling on whether that design counts as unauthorized interception reads as a signal for every competitor watching.
A motion-to-dismiss hearing decides whether a case can proceed, not who wins. Treat any single ruling as a signal about the trend, not a final answer on whether notetakers are legal.
| Question | All-party consent state | One-party consent state |
|---|---|---|
| Who must agree to record | Every participant on the call | Just one participant (often the host) |
| Must the AI bot be announced? | Yes, before it captures anything | Not strictly, if a participant consents |
| Example states | CA, IL, FL, MD, MA, PA, WA | Most other states, federal default |
| Voiceprint capture in Illinois | Adds BIPA notice and written-consent duties | BIPA still applies if a participant is in IL |
How to stop AI meeting notes from being shared
Control starts before the bot joins, not after the transcript ships. Most of the useful levers sit with whoever scheduled the meeting, so the first move is finding out who that is rather than trying to claw a transcript back after it has already gone out.
- Ask who hosts and configures the notetaker. Auto-distribution and auto-join are settings the host controls, so the host decides who gets your transcript.
- Require an announcement at the top of every recorded call. In all-party states this is the law, and it is good practice everywhere.
- Object on the record if you do not consent, and ask that your audio and any voiceprint be excluded and deleted.
- Check whether the tool uses speaker recognition. That feature is what builds a voiceprint, and it is the trigger for BIPA obligations.
- For sensitive topics, turn the bot off and take notes the old way. No recording means no transcript to distribute and no voiceprint to retain.
- If you are an admin, disable auto-emailing transcripts to non-attendees and set a short, published retention window.
Where a private memory layer fits
The deeper issue is that meeting transcripts are personal knowledge stored on someone else's terms. If you want a searchable record of what you discussed, decided, and committed to, the safer pattern keeps that record under your own control rather than in a shared vendor workspace that auto-distributes and retains it. That is the gap MemX is built for: a consumer AI memory layer over your own documents, notes, and photos across Android, iOS, and WhatsApp.
MemX is private by architecture, with per-user keys, encryption at rest, and an on-device first pass, so your own notes stay yours instead of becoming a transcript in everyone's inbox. It is not a meeting bot, and it is not a substitute for legal advice on recording consent. The point is narrower: when the knowledge from a conversation is yours to keep, keep it somewhere that does not email it to people who were never in the room.
01Can an AI notetaker send my meeting transcript to people who did not attend?
Yes. Tools like Otter have emailed partial transcripts and screenshots to everyone on the calendar invite, whether or not they attended. The host's distribution settings, not the speakers, decide who receives the record, so candid remarks can reach people who never joined the call.
02Is it illegal to use an AI notetaker without telling people?
Yes, in roughly 11 to 12 all-party consent states. California, Illinois, Florida, and Washington require every participant to consent before recording, so an undisclosed bot may break the law. Most other states follow a one-party rule where a single participant's consent is enough.
03What is a voiceprint and why does it matter legally?
A voiceprint is a mathematical model of your voice used to recognize you, and it counts as a biometric identifier like a fingerprint. Under Illinois BIPA, collecting one requires written notice, informed written consent, and a published retention policy, with statutory damages of $1,000 to $5,000 per violation.
04What are the Otter.ai and Fireflies.ai lawsuits about?
Otter.ai faces consolidated California claims alleging its notetaker eavesdrops and records without all-party consent, with a motion-to-dismiss hearing set for July 15, 2026. Fireflies.ai faces an Illinois BIPA suit alleging it built voiceprints without notice or consent. Both are pending, not decided.
05How do I stop a notetaker from capturing my voice?
Ask the host to disable the bot, or object on the record and request that your audio and any voiceprint be excluded and deleted. For sensitive discussions, turn recording off entirely. If speaker recognition is enabled, that is the feature creating a voiceprint, so disabling it limits biometric capture.
