Google managed to avoid a major blow to its reputation and CCaaS business.
A lawsuit which alleged the tech giant had used its AI-powered cloud CX platform to eavesdrop on customer conversations was dismissed by a California court.
This resolution happens as the AI tools offered by Google and other vendors of tech services face increased scrutiny by regulators, attorneys and the public at large.
What’s new?: After many legal twists and turns, Judge Rita F. Lin from the Northern District of California dismissed the lawsuit against Google (Ambriz v. Google LLC) on June 20, 2024. The complaint was filed in October of the year prior.
Background: Google was accused of using its CCaaS platform to “wiretap” conversations of Verizon customers. Verizon is one of the many companies that use Google’s platform to automate and augment their customer care operations.
-
According to the plaintiff, Google –through a “virtual agent” embedded in its CCaaS platform– acted as an unannounced third party in conversations between Verizon customers and the company’s customer care agents.
-
Google’s presence was not explicitly consented to, thus it was regarded by the plaintiff as a violation of privacy.
-
Google is dealing with a very similar lawsuit, filed four months later, in which Home Depot is also listed as a defendant. The complaint is almost identical in its general terms to the Ambriz case.
The argument: The Ambriz complaint was dismissed under the argument that the California Invasion of Privacy Act (CIPA) does not apply to telephone companies (like Verizon) “or to the officers, employees or agents thereof”, as long as their “eavesdropping” is done as part of their business operations.
-
“Ambriz alleges that Google’s Cloud Contact Center AI provides a ‘virtual agent’ to interact with Verizon customers in a way that ‘consumers reasonably believe the virtual agent is provided by the company they are calling’. By acting as Verizon’s representative to its customers, Google acted as an ‘agent’ under California law,” the judge explained in her dismissal of the complaint.
-
“Those allegations indicate that Google was acting on Verizon’s behalf with its assent and under its control when performing these tasks using the features that Verizon required,” she continued.
Bigger picture: There’s a plethora of cases similar to Google’s. Some legal experts have spoken of “hundreds of class actions” against providers of AI-powered software and/or their clients. And not all of them have been able to shake the accusations off.
-
A California court recently denied a motion to dismiss the complaint against fitness equipment and media company Peloton Interactive, which is accused of rerouting chat conversations with customers to a third party provider (Salesforce-owned Drift).
-
The court explained that software providers can be liable under CIPA if they use the collected data “for its own commercial purposes” instead of in aid of a client’s business. The latter instance would make the software a tool, not a third party.
-
A complaint that’s almost identical to the Ambriz case was filed in California against clothing retailer Patagonia and cloud CX software provider Talkdesk.
To be continued: Google filed a motion in late May of 2024 to move its Home Depot case to the Northern District of California for it to be litigated in conjunction with the Ambriz lawsuit.
-
A month later, Google asked the judge in charge of the Home Depot lawsuit to “take judicial notice” of the dismissal of the Ambriz case. In its motion from May, Google noted that both complaints were “nearly identical.”
-
The judge dismissed the Amrbiz case with “leave to amend”. That is, the plaintiff can still amend its complaint and continue litigation.
NSAM’s take: If even Google can get in trouble over its own tech, then smaller tech providers –that is, pretty much the rest of the market– should watch out.
As we’ve noted so many times before, compliance culture seems to be growing more solid in business, especially when it comes to matters of privacy and personal data management. As common as data breaches are today, few scandals will make customers or a client angrier than having their sensitive information compromised or taken without consent.
Unfortunately for vendors and their clients, it will likely take several more lawsuits to settle the matter of AI-powered software and data privacy law, at least in California. The courts themselves seem to be sorting out the application of CIPA to AI through litigation.
In that sense, the basic advice of speaking to a lawyer might not be enough to provide a definitive answer to businesses wondering about the risks of using AI-powered software for CX or other customer-facing operations.
This won’t stop AI from marching deeper into business operations. Companies are skeptical about its reaches and potential, but most regard the implementation of the technology as a must if they wish to stay afloat.
In that scenario, any privacy issues that might arise from the use of AI-enabled software will have to be solved with very careful wording.
Thanks, Cesar, for the insightful article! The dismissal of the wiretapping lawsuit against Google is indeed a noteworthy development. It’s fascinating how the court’s interpretation hinged on Google acting as an agent of Verizon. This case underscores the complexities of data privacy laws in the age of AI.
For Nearshore IT tech providers, it’s a stark reminder to stay ahead of these issues by prioritizing compliance and transparency. As AI integrates deeper into business operations, maintaining trust and avoiding legal issues is crucial.