Introduction
The increasing use of AI recording tools by companies has raised significant legal concerns [3], particularly regarding compliance with the Federal Wiretap Act and other privacy regulations [3]. This issue is exemplified by a class action lawsuit against Heartland Dental, LLC [1], highlighting the potential legal ramifications of using AI technologies without adequate policies and safeguards.
Description
The use of AI recording tools is increasingly prevalent among companies [1], raising significant legal concerns [3], particularly regarding compliance with the Federal Wiretap Act, 18 USC § 2510 et seq [3]. Many organizations, however, lack comprehensive policies to address these issues [1]. A class action lawsuit has been initiated against Heartland Dental [1] [2], LLC [1], related to the use of a third-party AI service from RingCentral [1], Inc. [1], which allegedly monitors and analyzes calls between Heartland and its patients without their knowledge or consent [1]. The lead plaintiff [2], Megan Lisota [2], asserts that her calls to a Heartland Dental-affiliated practice were processed by the RingCentral AI system [2], purportedly violating the Federal Wiretap Act [1], specifically 18 USC § 2511 [1]. The lawsuit [1] [2], filed on July 3 [2], encompasses all US residents who have made or received calls to or from Heartland Dental or its managed clinics that were processed by RingCentral [2], and a jury trial has been requested [2].
The complaint raises concerns that patients are not informed about RingCentral’s involvement in listening to and analyzing their calls [1], which may also violate the Health Insurance Portability and Accountability Act (HIPAA) [1], particularly 42 USC § 1320d-6 [1], prohibiting the unauthorized disclosure of individually identifiable health information [1]. Furthermore, it is alleged that RingCentral utilizes patient calls to train its AI models and develop products for other clients [1], a practice that remains undisclosed to patients.
To mitigate legal risks [3], companies employing AI recording tools must establish robust policies that address critical areas [1], including managing notice and consent for recorded communications [3], handling situations involving non-consenting parties [3], ensuring the accuracy of AI-generated transcripts and summaries [1] [3], and maintaining confidentiality and privilege [3]. Additionally, companies should establish protocols for the retention and deletion of recordings, conduct thorough due diligence on third-party vendors [1], scrutinize their terms of service and privacy policies [1], and understand the technical features of these tools that may either mitigate or exacerbate risks [3]. Given the rapidly evolving landscape of AI technology [1], organizations must remain vigilant about legal developments and regularly update their AI policies to ensure compliance with applicable legal standards.
Conclusion
The implications of using AI recording tools without proper legal safeguards are profound, potentially leading to significant legal liabilities and breaches of privacy laws. Organizations must proactively develop and implement comprehensive policies to navigate the complex legal landscape surrounding AI technologies. By doing so, they can protect themselves from legal challenges and ensure compliance with evolving legal standards.
References
[1] https://www.jdsupra.com/legalnews/listen-up-if-your-ai-policy-does-not-1950253/
[2] https://www.beckersdental.com/dso-dpms/heartland-dental-hit-with-class-action-lawsuit-over-ai-use/
[3] https://natlawreview.com/article/listen-if-your-ai-policy-does-not-cover-ai-recording-issues-another-class-action
