A human agent picks up an inbound call and, somewhere in the first few seconds, says some version of "this call may be recorded." Nobody thinks hard about it. The line is a habit, baked into the contact-centre platform, and it has been there so long that most people assume it is one rule applied everywhere.
It is not one rule. The legal basis for recording a phone call — and the words your agent must say to do it lawfully — changes with where the caller is. In the UK and EU, recording is a transparency obligation: you tell the caller, you log that you told them, and the recording itself is personal data the moment it exists. In the United States there is a federal one-party-consent floor, but roughly a dozen states require all parties to consent before a call can be recorded, and recording without that consent is a criminal wiretapping offence, not a paperwork slip. When your caller base spans jurisdictions, the recording notice has to be jurisdiction-aware at second one — and a voice AI agent is the first system in your stack that can actually deliver that reliably, or get it catastrophically wrong at machine scale.
This guide is shipped by the team behind Dilr Voice — enterprise voice AI live in 40+ countries, where recording-notice logic is a deployment requirement, not an afterthought. Or see DATS, our five-stage AI consulting system for regulated enterprises.
This post is about recording consent specifically — the lawfulness of capturing the audio. It is deliberately not about two adjacent things people conflate it with. It is not about your lawful basis to place the call in the first place; the GDPR and PECR architecture for outbound calling consent is covered in our guide to consent capture in AI voice calls and, for outbound programmes, AI outbound calling under GDPR and PECR. And it is not about the obligation to disclose that the caller is talking to an AI rather than a human — that is a separate statement, governed in the EU by the AI Act, which we cover in Article 50 disclosure enforcement. Recording consent, AI disclosure, and lawful basis to call are three different obligations that happen to be spoken in the same ten seconds. Treating them as one is the most common reason a "compliant" script is quietly non-compliant.
Three statements, one opening — keep them separate
The reason recording consent gets muddled is that everything compliance-relevant in a voice call happens in the same breath. Your agent's first turn has to do three distinct legal jobs, and each answers to a different body of law:
| Statement | What it establishes | Governing regime | Where we cover it |
|---|---|---|---|
| "You're speaking with an AI assistant" | The caller knows they are not talking to a human | EU AI Act Article 50; emerging UK transparency norms | AI disclosure under Article 50 |
| "This call is recorded" | The caller knows, and where required consents to, the audio capture | GDPR/PECR transparency (UK/EU); state wiretap law (US) | This post |
| "Is now a good time / may we continue" | Lawful basis and engagement for the purpose of the call | GDPR lawful basis; PECR; TCPA (US calling consent) | Consent capture |
The carve matters because the failure modes are different. Skip the AI disclosure and you breach the AI Act. Skip the recording notice in California and you have committed a wiretapping offence. Skip lawful basis and your whole outbound programme is unlawful regardless of how clean your recording notice is. A well-designed agent says all three, in the right order, and logs each one separately — because when a regulator or a claimant's lawyer asks "prove the caller was told X," you need the answer to X, not a single undifferentiated "consent: true" flag. We will come back to that audit trail, because it is where most deployments are thinnest.
One more conflation to kill up front, on the US side specifically. The TCPA governs whether you may place an automated or AI-voiced call to a given number — it is consent to be called. State wiretap and eavesdropping statutes govern whether you may record that call once it connects — it is consent to be recorded. They are different statutes, with different consent standards, different penalties, and different exceptions. You can be perfectly TCPA-compliant on the dial and still commit a recording offence on the same call. Our TCPA compliance guide for outbound AI voice handles the calling side; the recording side is what follows here.
The UK and EU position: notice, not "permission"
Start with the most common misconception among teams building for UK and EU callers: that you need the caller's consent to record. In the overwhelming majority of cases, you do not — and designing your agent to chase recording consent as a tick-box is both unnecessary and a quiet way to create a legal mess.
Under the UK GDPR and the EU GDPR, a call recording is personal data (it identifies a living individual and captures their voice and words). Processing that personal data needs a lawful basis, but for ordinary business call recording that basis is almost always legitimate interests or performance of a contract — not consent. What you owe the caller is transparency: under Articles 13 and 14, the individual must be told, at the point of collection, that recording is happening, who is doing it, why, and what their rights are. PECR sits alongside this for electronic communications. So the operative obligation in the UK and EU is a notice, delivered before any substantive content is captured, not a request for permission you have to wait for.
This distinction has real design consequences:
- You do not pause for a yes. A notice is informational. The agent states that the call is recorded and the lawful basis, and proceeds. (Contrast the US all-party states below, where you genuinely may need to stop.)
- Consent, if you do rely on it, is fragile. If you ever record on a consent basis — for example, capturing voice for a purpose that legitimate interests will not carry — the caller can withdraw it, and your agent must be able to honour that mid-call by stopping the recording and noting the time. Most enterprises should avoid building their recording programme on consent precisely because of this fragility, and reserve consent for genuinely special-category processing.
- Special-category data raises the bar. If your platform performs voice biometrics, voiceprint matching, or emotion and tone analysis, you may be processing biometric special-category data under Article 9, which triggers a far higher consent and assessment standard. That is a different obligation we treat in full in voice biometric data security and GDPR — flag it here only so you do not assume "we send a recording notice" covers it. It does not.
The ICO's consistent position is that telephone-call recording is lawful where the caller is clearly informed and the processing is proportionate to a stated purpose. The practical bar is: a clear notice, early, that a reasonable caller would actually register — not a sub-clause buried after thirty seconds of menu. For a voice agent this is easy to do well and easy to do badly. Done well, the recording notice is the agent's second sentence, in plain language, logged with a timestamp. Done badly, it is a fast disclaimer the caller talks over, with no record of whether it was even reached before the caller started giving account details. The architecture choice that makes it defensible — surfacing and logging the notice as a discrete, auditable event — is the same architecture-as-compliance discipline we argue for across voice AI architecture for regulated industries.
The United States: a federal floor and a dozen exceptions that bite
The US is where the recording-consent map gets genuinely hard, and where an automated agent dialling or answering at scale converts a small legal nuance into a large liability.
The federal baseline, under the Electronic Communications Privacy Act (18 U.S.C. § 2511), is one-party consent: a call may be recorded if at least one party to the conversation consents. In an enterprise deployment, your agent is a party to the call, so it can consent on your behalf — which means that, federally and in most states, you may record without separately obtaining the caller's agreement. Most states track this one-party floor.
The complication is the minority of states that require all-party consent (often loosely called "two-party," though it means every party). In these states, recording a call without the consent of everyone on it is a criminal offence under the state's wiretapping or eavesdropping statute, frequently with a parallel civil right of action — meaning the person you recorded can sue you directly, often for statutory damages per call. At AI-dialling volumes, "per call" is the phrase that should focus the mind.
As of 2026, the states generally treated as all-party consent for telephone recording are: California, Connecticut, Delaware, Florida, Illinois, Maryland, Massachusetts, Montana, New Hampshire, Oregon, Pennsylvania, and Washington. That is the working list most compliance teams operate from — but the honest position is that the count is debated, and the debate is exactly where the risk hides:
- The number floats between about eleven and twelve depending on how a source treats mixed-rule states. Connecticut requires all-party consent for telephone recording but follows a one-party rule for in-person conversations under its criminal statute. Oregon requires all-party consent for in-person oral communications but applies a one-party rule to electronic communications. Whether you "count" such a state depends on the call type.
- Nevada is the trap. Nevada's statute reads as one-party, but the Nevada Supreme Court has interpreted it to require all-party consent for telephone calls. A team that builds its logic off the statutory text alone will mis-classify Nevada and under-disclose.
- Statutes shift and courts reinterpret. California's Penal Code § 632.7 extends all-party consent specifically to cellular and cordless calls; Illinois rewrote its eavesdropping statute after its original was struck down; Pennsylvania is strict on any oral or electronic communication. The membership and the edges of this list are not static, which is the whole reason you should not hard-code it once and forget it.
If you take one thing from this section, take this: the precise membership of the all-party list is the wrong thing to be clever about. The next section explains why.
Why jurisdiction detection is the wrong place to be clever
The intuitive engineering instinct is to build a jurisdiction lookup: take the caller's number, resolve it to a state, branch the disclosure logic, and record-or-suppress accordingly. It feels precise. It is, in practice, the most fragile design you can choose — and it fails in the direction that creates criminal liability.
The reason is that a phone number no longer tells you where the person is, or even which state's law governs the call. Number portability means a caller who moved from Texas to California a decade ago may still carry a Texas mobile number while standing in San Francisco. VoIP and virtual numbers can present an area code with no relationship to the user's physical location. A mobile caller roams across state lines mid-journey. Area-code-to-state inference was never reliable and gets less reliable every year. Build your recording logic on it and you will, on some non-trivial fraction of calls, suppress a notice you legally owed — and there is no way to retroactively obtain all-party consent for a call you already recorded.
So the defensible architecture inverts the instinct. Rather than detecting jurisdiction and disclosing only when the law forces you to, you default to the strictest applicable standard and disclose-and-where-needed-seek-consent on every US call where you cannot establish, with confidence, that a more permissive rule applies. Concretely:
- For US calls, deliver an all-party-grade recording notice by default, framed so that a continued conversation constitutes the caller's consent ("This call is recorded for quality and training; if you'd prefer we don't record, let me know and I'll switch it off"). This satisfies the strict states and is entirely lawful in the permissive ones, where you were over-delivering at zero cost.
- Give the caller a real opt-out, and make the agent able to honour it — stop recording, continue the call, log the switch. An all-party "consent" that the caller cannot actually decline is not consent.
- Use jurisdiction signals to relax, never to withhold. If you have a verified service address or an authenticated account that reliably places the caller in a one-party state, you may simplify the notice. The signal lowers friction; it never removes a disclosure you would otherwise owe. The default is strict; evidence buys you down, not up.
This is not legal over-caution for its own sake. It is the only design that survives the unreliability of the inputs you actually have. The cost of over-disclosing in a one-party state is a few seconds and a marginally longer opening. The cost of under-disclosing in an all-party state is a criminal statute and a per-call civil claim. When the downside is that asymmetric, defaulting to strict is not conservatism — it is the correct expected-value decision, and it is exactly the kind of trade-off our AI operating model consulting exists to make explicit and own at the right level of the business.
The recording-notice architecture: what good looks like
A jurisdiction-aware recording programme is not a longer script. It is a small number of components that have to exist as discrete, observable, logged events — so that the agent behaves correctly in real time and you can prove it behaved correctly afterwards. Here is the anatomy.
1. A disclosure decision, resolved before substantive capture. The agent decides which notice set to deliver — AI disclosure, recording notice at the right strictness, and any purpose framing — and delivers it before the caller is invited to share anything substantive. "Before substantive content" is the line that matters: a recording notice delivered after the caller has already read out an account number has failed, regardless of how well-worded it was.
2. A real opt-out path on the strict branch. Where you deliver an all-party-grade notice, the agent must be able to detect a decline (including a barge-in over the notice), stop the recording, and continue the call without it. An opt-out the agent cannot operationalise is theatre. This is closely tied to how your agent handles interruptions generally; if the agent talks over a caller trying to decline, the consent is void.
3. A separated consent log. Each disclosure is recorded as its own event with a timestamp, the exact wording delivered, the branch taken (standard vs all-party), the caller's response, and the resulting recording state. Not one Boolean. When a complaint lands eighteen months later, "here is the recording-notice event, at 00:06, wording version 4.2, caller continued, recording state ON" is a defence; "consent: true" is not. This is the same explainability discipline we lay out in voice AI auditability and explainability — a recording-consent decision is exactly the kind of automated determination regulators now expect you to be able to reconstruct.
4. Versioned, governed notice wording. The exact words of each notice are configuration, not code buried in a prompt, so legal can review and change them, and every change is versioned. When wording v4.1 becomes v4.2, the logs say which calls heard which — because a recording made under wording you have since corrected is still a recording you have to account for.
5. A boundary on what the recording then becomes. Capturing the audio lawfully is step one. Where it is stored, how long it is kept, who can reach it, and whether it crosses a border are separate obligations that ride on top of the recording — and they are where a clean notice gets undone by a sloppy back end. Retention is covered in voice AI data retention, storage location in data residency for enterprise voice AI, and movement of recordings between jurisdictions in cross-border data transfer. A recording lawfully captured in Frankfurt and then casually replicated to a US bucket has re-opened a question you thought you had closed.
Sector calibration: the same map, different stakes
The architecture is constant; what changes by sector is how expensive a miss is and how much you should invest in the strict-by-default discipline. The figures below are illustrative of our methodology and representative of engagements — they are not a published market benchmark.
| Sector | Why recording consent bites harder | Calibration |
|---|---|---|
| Financial services | Recorded advice calls are also evidential records; FCA expectations on suitability and on treating customers fairly ride on top of the recording | Strict-by-default, plus a vulnerability route to a human — see DNC logic in AI voice diallers for the outbound-control companion |
| Healthcare | Recordings frequently contain special-category health data; the back-end retention and access controls matter as much as the notice | Strict notice, minimised capture, short retention by default |
| US multi-state collections / sales | High outbound volume across mixed one- and all-party states is the classic per-call civil-claim exposure | All-party-grade notice on every US call; opt-out honoured; consent event logged per call |
| Cross-border enterprise CX | A single queue answers callers from multiple jurisdictions; the disclosure must branch in real time | Region signal to relax only; default strict; residency boundary enforced downstream |
The thread through all four is that the recording notice is the cheap part and the governance around it is the expensive part. That is the inversion most "we added a disclaimer" deployments get wrong — and the reason recording consent belongs in the operating model, not in a prompt. If you are deciding who owns that call across legal, compliance, and the business, our note on building the execution office for AI programmes covers the accountability structure, and the MSA clauses that actually bind a voice AI vendor covers pushing the obligation into the contract with your platform.
A 90-day plan to get recording consent right
You do not need a year. You need a disciplined sprint that ends with a jurisdiction-aware notice, a real opt-out, a separated log, and governed wording. Numbered so the steps are explicit.
Step 01 — Days 1–15: Map the call estate. Inventory every inbound and outbound flow, the jurisdictions each one touches, and the current recording notice (if any) and where in the call it lands. Most teams discover at this stage that they have one disclaimer applied uniformly and no record of whether callers reach it before disclosing data. This map is the same artefact an AI placement diagnostic produces — if you are doing one, fold recording-consent mapping into it.
Step 02 — Days 10–25: Decide the default and the relax-signals. Set the default to strict (all-party-grade for US, clear early notice for UK/EU). Define the narrow, verified signals that let you relax — authenticated account, confirmed service address — and write down explicitly that no inferred signal (area code, presented CLI) is permitted to withhold a notice. Get legal to own this decision, not engineering.
Step 03 — Days 20–40: Build the disclosure component. Implement the notice as governed, versioned configuration delivered before substantive capture, with the all-party branch carrying a detectable opt-out. Wire the opt-out to actually stop recording and continue the call.
Step 04 — Days 35–55: Build the separated consent log. Each first-turn statement — AI disclosure, recording notice, purpose — logged as its own timestamped, versioned event with the caller's response and resulting state. Confirm you can reconstruct, for any single call, exactly what was said and what the recording state was.
Step 05 — Days 50–75: Red-team the edges. Test the opt-out via barge-in, the strict branch on an uncertain region, a caller who declines then changes their mind, a mid-call roam, and a number whose area code disagrees with the account address. Confirm the system fails strict — when uncertain, it discloses more, never less.
Step 06 — Days 70–90: Govern and hand over. Put notice-wording changes under versioned legal review, set the retention and residency defaults for the captured recordings, and assign a named owner for the recording-consent posture. This is where the programme stops being a project and becomes part of how the business runs — the transition our AI operating model work is built to make durable.
Where this sits in the wider compliance picture
Recording consent is one decision in a voice agent's first ten seconds, but it is the one that turns a transparency nicety into criminal exposure when you get the US map wrong. It rewards the same discipline as every other hard part of enterprise voice: don't be clever where the inputs are unreliable, default to the strict standard, log the decision as a discrete event you can defend, and push the back-end obligations — retention, residency, cross-border — to the components that own them. A voice AI platform that treats the recording notice as a configurable, versioned, logged, jurisdiction-aware event is doing compliance by architecture; one that treats it as a line in a prompt is hoping no one in California ever complains.
Want to see this in production? Try Dilr Voice live (free, $20 credits) and hear the disclosure logic open a call, book an AI placement diagnostic to map where your call estate crosses jurisdictions, or read about our approach to placing AI inside regulated enterprise systems.
Frequently asked questions
Do we need the caller's consent to record calls in the UK?
In most cases, no — you need a lawful basis (usually legitimate interests or performance of a contract) and you must give the caller clear, early notice that the call is recorded, why, and what their rights are, under GDPR transparency obligations and PECR. Consent is generally the wrong basis to build on because it can be withdrawn. The exception is special-category processing such as voice biometrics, which raises the bar significantly — see our piece on voice biometric data security.
Which US states require all-party consent to record a call?
As of 2026 the working list is California, Connecticut, Delaware, Florida, Illinois, Maryland, Massachusetts, Montana, New Hampshire, Oregon, Pennsylvania, and Washington — though the count is debated between roughly eleven and twelve because some states have mixed rules for phone versus in-person recording, and Nevada's one-party statute has been interpreted by its courts as requiring all-party consent for phone calls. Because the list has fuzzy edges and a phone number does not reliably indicate location, the safe design is to deliver an all-party-grade notice on every US call by default.
Is recording consent the same as TCPA consent?
No. The TCPA governs whether you may place an automated or AI-voiced call to a number — consent to be called. State wiretap and eavesdropping laws govern whether you may record the call once connected — consent to be recorded. They are different statutes with different standards and penalties; you can be TCPA-compliant on the dial and still commit a recording offence. The calling side is covered in our TCPA guide.
Should we detect the caller's state and only disclose where required?
No — that is the fragile design that creates liability. Number portability, VoIP, and mobile roaming mean a phone number is an unreliable indicator of jurisdiction, and you cannot retroactively obtain consent for a call you have already recorded. Default to the strictest applicable standard and use verified signals (authenticated account, confirmed address) only to relax the notice, never to withhold one.
Is the recording notice the same as disclosing that the caller is talking to an AI?
No — they are two separate statements that happen to be spoken in the same opening. AI disclosure (governed in the EU by the AI Act) tells the caller they are speaking with an AI; the recording notice tells them the audio is being captured. A compliant agent delivers both and logs them as distinct events. We cover the AI-disclosure obligation in Article 50 enforcement.
What happens to the recording after the call?
Lawful capture is only the first obligation. Where the recording is stored, how long it is retained, who can access it, and whether it crosses a border are separate duties that ride on top of the recording. See data retention, data residency, and cross-border transfer.
Make recording consent an architecture decision, not a prompt.
30-min scoping call · No deck · Confidential. We’ll tell you where your call estate crosses jurisdictions and where the disclosure logic has to branch.
Written by the Dilr.ai engineering team — practitioners who ship enterprise voice AI in regulated markets, where the recording notice is a logged, versioned, jurisdiction-aware event. Follow us on LinkedIn for shipping notes, or subscribe via the RSS feed.