Many businesses monitor or record customer service, telemarketing, and other telephone calls with consumers to help them improve customer service and for evidentiary reasons. Under federal and many state laws, calls may lawfully be monitored or recorded by businesses as long as those businesses have permission from their employees who participate on the calls. However, some states require the permission of everyone participating on a call before the call may legally be monitored or recorded. And some state laws potentially implicated by monitoring and recording calls are not clear as to what is required. California is one of those states.

This may be why there has been significant litigation surrounding California’s call monitoring and recording statutes: California Penal Code Section 632 and Section 632.7 (the “California Eavesdropping Statutes”).¹ This litigation has included private claims typically brought as class actions, and at least one complaint by the California Attorney General’s Office. As discussed below, this activity creates uncertainty and risk for businesses looking to monitor or record calls placed to or from California.

Litigation over the California Eavesdropping Statutes

Section 632 of the California Penal Code requires the consent of all parties on telephone calls that involve a confidential communication before a person may eavesdrop upon or record the call.² Violation of this statute gives rise to a private right of action for $5,000 per call or three times the actual damages suffered, whichever is greater.³ The availability such high statutory damages incentivizes claims filed on behalf of a putative class. As described below, two interpretive issues are being litigated in cases alleging violations of Section 632.

First, there is disagreement among the courts as to whether Section 632 applies at all to calls monitored by the employer of one party to the call. In one case, the U.S. Court of Appeals for the Ninth Circuit concluded that Section 632 does not apply to call monitoring by an employer where there is no third party (i.e., someone not employed by the employer) listening in on the call.⁴ It reasoned that California courts had interpreted “eavesdrop” to refer to a third person secretly listening in on a conversation between two parties, and that the employer was one of the parties to the call, not a third party. A California appellate court held, however, that an employer is not a party to a call between employees and non-employees; therefore, business call monitoring violates the eavesdropping law when done without consent from all parties to the call.⁵

Recent litigation involving Section 632 also has focused on the meaning of a “confidential communication” under the statute. The statute itself defines a “confidential communication” as “any communication carried on in circumstances as may reasonably indicate that any party to the communication desires it to be confined to the parties thereto, but excludes a communication made in a public gathering . . ., or in any other circumstance in which the parties to the communication may reasonably expect that the communication may be overheard or recorded.”⁶ California courts have held that for a call to be a confidential communication, a party to the conversation must have an objectively reasonable expectation that the conversation is not being overheard or recorded.⁷ The determination depends upon the particular circumstances of the call, as well as the consumer’s prior experience with the business. For example, the Ninth Circuit recently concluded that there may not be an objective expectation of privacy for calls to customer service representatives to dispute charges.⁸ Moreover, given that assessing whether a call was a confidential communication requires an inquiry into the particular circumstances of the call, some defendants have defeated class certification of claims under this statute arguing that this individualized issue predominates.⁹ Thus, organizations may be able to defeat a class action litigation involving Section 632 where individualized analysis of the circumstances is necessary.

Perhaps for these reasons, more call monitoring and recording-based claims are being filed under California’s other eavesdropping statute, California Penal Code Section 632.7. This statute applies to calls to or from cell phones, which increasingly are the only phones many consumers use. Unlike Section 632, Section 632.7 is not limited to “confidential communications.”¹⁰ Nevertheless, as with Section 632, there remains a question of whether an employer monitoring an employee’s call falls within the scope of the statute. At least one court has held that it does not.¹¹ Businesses wishing to avoid such litigation may want to notify consumers at the outset of both incoming and outgoing calls if such calls will be monitored or recorded.

Wells Fargo Settlement

Wells Fargo learned this lesson the hard way. On March 28, 2016, the California Attorney General’s Office announced a multi-million dollar settlement with Wells Fargo regarding the company’s call-recording practices. The California Attorney General had sued Wells Fargo alleging violations of both of the California Eavesdropping Statutes. More specifically, the complaint alleged that Wells Fargo violated these statutes through activities “including but not limited to the failure of WELLS FARGO employees to timely and adequately disclose the recording of communications they had with members of the public.”¹² Wells Fargo did not admit to any wrongdoing, but the company decided to settle rather than litigate the case.¹³

Pursuant to the terms of the settlement, Wells Fargo agreed to pay $8.5 million in civil penalties, restitution, and investigatory costs to the California Attorney General’s Office and the California counties that partnered in the investigation. Wells Fargo also agreed to comply fully with the California Eavesdropping Statutes, including by making clear, conspicuous, and accurate disclosures about call recording to consumers immediately at the beginning of a call following a greeting (“Notice Requirement”). Wells Fargo agreed to maintain a compliance program for one year and conduct periodic testing of the company’s and its agents’ compliance with the California Eavesdropping Statutes and Notice Requirement. In one year, Wells Fargo is required to provide the State of California with a report describing its internal testing activities.¹⁴

Implications

The Wells Fargo settlement and the active litigation under the California Eavesdropping Statutes are reminders to businesses of the significant legal risks that arise from calls with consumers. In addition to states’ call recording and call monitoring statutes, organizations that make outgoing calls have obligations under the Telephone Consumer Protection Act and the Telemarketing Sales Rule, which are enforced by federal agencies, state attorneys general, and private litigation. States have similar laws governing certain types outgoing calls, which may be enforced through state attorneys general and private litigation. Given the many sources of risk and the substantial fines that can result from calls with consumers, businesses would be wise to regularly review their outbound and inbound call programs to ensure that they are in compliance with applicable federal and state laws.

¹ Section 632 applies to all calls, while Section 632.7 applies to calls to cell phones and other specific types of calls.

² Cal. Pen. Code § 632 (a) (“Every person who, intentionally and without the consent of all parties to a confidential communication, by means of any electronic amplifying or recording device, eavesdrops upon or records the confidential communication, whether the communication is carried on among the parties in the presence of one another or by means of a telegraph, telephone, or other device, except a radio” violates California law.).

³ Cal. Pen. Code § 637.2.

⁴ Thomasson v. GC Services Limited Partnership, 321 Fed. Appx. 557 (9th Cir. 2008) (unpublished) (holding that a company and its employees are one “person” under the California statute, so no third-party eavesdropping occurred); Re Monitoring of Telephone Conversations Rulemaking, 11 Cal. P.U.C.2d 692 (1983) (a California state agency regulating telephone companies ruled that a third person was necessary to establish liability under § 632).

⁵ See Kight v. CashCALL, Inc., 133 Cal. Rptr. 3d 450 (Cal. Ct. App. 2011) (holding that §632 prohibits a business from monitoring its own customer service and other telephone calls conducted in the ordinary course of its own business unless consent is obtained from each person on the call, stating “we conclude the statute applies even if the unannounced listener is employed by the same corporate entity as the known participant in the conversation”); Montemayor v. GC Servs. LP, 302 F.R.D. 581, 584 (S.D. Cal. 2014).

⁶ Cal. Pen. Code § 632 (c).

⁷ See, e.g., Flanagan v. Flanagan, 117 Cal. Rptr. 2d 574 (2002).

⁸ Faulkner v. ADT Security Services, Inc., 2013 U.S. App. LEXIS 1108 (9th Cir. 2013) (basing its conclusion on the plaintiffs’ failure to allege that the nature of the defendant’s business and the character of the call would lead to an objective expectation of privacy). See also Rogers v. Ulrich, 52 Cal. App. 3d 894, 899-900 (Cal. Ct. App. 1975) (stating that plaintiff would not be able to allege that “a communication with a public employee, concerning public business such as the use of the council chambers for a meeting, could be confidential”).

⁹ Hataishi v. First American Home Buyers Protection Corp., 168 Cal Rptr 3d 262 (Cal. 2d Dist. 2014).

¹⁰ Cal. Pen. Code § 632.7 (a) (“Every person who, without the consent of all parties to a communication, intercepts or receives and intentionally records, or assists in the interception or reception and intentional recordation of, a communication transmitted between two cellular radio telephones, a cellular radio telephone and a landline telephone, two cordless telephones, a cordless telephone and a landline telephone, or a cordless telephone and a cellular radio telephone” violates California law.).

¹¹ Young v. Hilton Worldwide Inc., 2014 U.S. Dist. LEXIS 98268; 2014 WL 3434117 (C.D. Cal. 2014). But see Ades v. Omni Hotels Mgmt. Corp., 46 F. Supp. 3d 999, 1018 (C.D. Cal. 2014) (all party consent required for recording under § 632.7).

¹² See California v. Wells Fargo Bank, N.A., No. BC611105, *5 (Cal. Sup. February 22, 2016) (Complaint), available at http://oag.ca.gov/sites/all/files/agweb/pdfs/privacy/wells-fargo-complaint-02-22-2016.pdf.

¹³ State of California Department of Justice, Office of the Attorney General, “Attorney General Kamala D. Harris, District Attorneys Announce $8.5 Million Settlement with Wells Fargo Bank Over Privacy Violations,” available at https://oag.ca.gov/news/press-releases/attorney-general-kamala-d-harris-district-attorneys-announce-85-million.

¹⁴ California v. Wells Fargo Bank, N.A., No. BC611105 (Cal. Sup. March 28, 2016) (Stipulated Final Judgment).