AI Companies Sued After Analyzing Bank Phone Calls

“This call may be recorded for quality assurance” is a phrase we hear on almost every customer service call. However, a customer consenting to their call being recorded doesn’t mean that the customer necessarily consents to that call being shared. This is especially true when those calls are to financial institutions and contain sensitive information. Two emerging cases are being brought against AI companies contracted by banks to analyze confidential phone calls. Turner v. Nuance Commc’ns, Inc. in California and Gladstone v. Amazon Web Servs., Inc. in Washington state are both cases challenging the ability of third parties to use AI to eavesdrop on consumer calls. A recent memo from BCLP summarizes the crux of these cases:

“Plaintiffs in both actions claimed that they expected their calls with the bank representative to be confidential, and not be tapped by AI without their knowledge or consent. Plaintiffs sued the AI service providers under the California Penal Code § 631(a), which prohibits tapping of phone calls between parties without their consent, and § 632(a), which forbids eavesdropping or recording of confidential communications. In Turner, plaintiffs also alleged violation of § 637(3) of the California Penal Code that bars nonconsensual scrutiny of voice patterns to authenticate the speaker’s statements.”

Both cases have survived summary judgment and are continuing beyond the pleading stage. This litigation reminds us that AI operators are subject to all laws, not just those directly regulating AI. The use of AI systems does not circumvent state or federal law. When considering a potential AI implementation, ask: would this practice be unlawful if conducted by humans instead of AI? If the answer is “yes” then the activity is likely to still be unlawful, regardless of the use of AI. AI compliance is about more than complying with AI-specific regulations, it’s also about making sure AI systems comply with all existing regulations.