As the debate simmers about the proper application of the wiretapping provisions of the California Invasion of Privacy Act (CIPA), courts continue to weigh in on what technologies may constitute improper third-party wiretaps. On February 10, 2025, the Northern District of California denied a motion to dismiss in Ambriz v. Google, LLC and held that the definition of a third-party wiretap under CIPA extends to AI voice products that have the "capability" to use data for the benefit of the software provider. The court adopted the expansive reasoning in a prior decision from the Northern District of California in Javier v. Assurance IQ, LLC. Businesses that use or are considering using third-party AI voice and similar AI products to aid in customer service interactions should be aware of Ambriz's potential implications.
The Alleged Invasion of Privacy & Google's Motion to Dismiss
The plaintiffs in Ambriz alleged that Google eavesdropped on conversations that they had with customer service contact centers of other companies (such as a large home improvement retail chain and nationwide cellular telephone service provider) that were using the Google Cloud Contact Center AI (GCCCAI) service. According to the complaint, the GCCCAI service is a "virtual agent for callers to interact with" that "can also support a human agent" through (a) recording and sending a real-time transcript of the callers' conversations with the GCCCAI, and (b) managing the customer service session by providing guidance, suggestions, and "smart replies" to the human agent based on the call transcript. The plaintiffs contended that Google used the GCCCAI service to intercept and record their...
