Do I need to tell customers and staff that I’m recording phone calls?
Call recording is often cited as one of the most beneficial tools provided by business telecommunications systems. But while recording phone calls can provide several advantages to an enterprise, businesses must tread carefully when doing so – especially in a digital economy and communications environment where data privacy and the rights of the individual are highly valued and protected by laws and regulatory compliance frameworks of increasing strictness.
Disclosure and consent are key requirements in the current climate, so it’s well worth knowing what your rights and responsibilities are to staff and customers, when it comes to recording phone calls.
The Case for Call Recording
Business telecommunications systems with call recording facilities can be of immense benefit, to an enterprise. VoIP (Voice over Internet Protocol) telephony systems such as those from specialist providers like LG Networks come equipped as standard with tools for creating and storing call transcripts.
These transcripts or call recordings can serve as documented evidence of actual encounters and transactions with customers and suppliers. Such evidence can be very helpful in clearing up misunderstandings, as proof of the exchanges which actually occurred, and in resolving or troubleshooting problems.
Call transcripts may be used as models of good and bad procedure, for staff training purposes. And companies with a policy for recording in-house phone calls may use the recordings as evidence in settling disciplinary matters or resolving disputes.
There’s always been a stigma attached to recording conversations, stemming from historical associations with Cold War spying tactics, or “Big Brother” style surveillance by governments and law enforcement agencies.
However noble the intentions, for business telecommunications, it’s rarely a wise move to record people’s phone calls without their knowledge or consent, in some form. This applies from an ethical standpoint, and very often in legal terms as well.
The Legal Picture
The UK’s consumer and business telecommunications watchdog Ofcom sums the legal picture up, in the following manner:
“…you should make every reasonable effort to inform all parties to a call that it may or will be recorded, silently monitored or intruded into. The particular means by which you choose to do this are not specified in the condition. Acceptable options, depending on circumstances, might include warning tones, pre-recorded messages, spoken warnings by the operator or written warnings included in publicity material, telephone directories, contracts, terms of business, staff notices, etc.”
For business telecommunications in the UK, there’s a set of specific conditions that must be met if phone calls are to be recorded, legally. Under some of these conditions, it’s not legally necessary for you to inform each individual caller that their conversations are being recorded. These may generally be described as:
- Calls recorded for training or Quality Control purposes
- Recording calls in order to meet regulatory compliance conditions
- Calls recorded as evidence of business transactions
- Calls recorded for the prevention or detection of crime or fraud
Several different laws govern the interception, monitoring, and recording of telephone calls in the UK. These include:
- Regulation of Investigatory Powers Act 2000 (“RIPA”)
- Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 (“LBP Regulations”)
- Data Protection Act 1998
- The Employment Practices, Data Protection Code
- Telecommunications (Data Protection and Privacy) Regulations 1999
- Human Rights Act
The specific terms of these statutes vary, but common to all is the assumption that all parties to a monitored or recorded call, (which includes staff, customers, and supply chain partners) should be somehow notified in advance, that their conversation is going to be recorded.
Matters Of Compliance
Call recording can assist businesses in complying with industry standards and statutory regulations. In fact, some legal frameworks (such as in the financial services industry) actually require enterprises to keep records of their transactions, including recorded phone calls – often for specified periods of time.
Today’s compliance regimes can get extremely complex – and a number of grey areas may arise, in meeting their demands. It’s a good idea therefore, to seek legal advice, and the counsel of organisations like LG Networks, which specialise in business telecommunications, data-handling, and network management.
The Europe-wide General Data Protection Regulations (GDPR) which come into force on 25th May 2018, will apply to organisations within the UK (Brexit notwithstanding), and those doing business and/or dealing with the personal information of EU residents and citizens.
The compliance demands of this legal framework have implications for business telecommunications systems – including the conditions regarding how and when phone calls may be recorded. Organisations wishing to record phone calls must demonstrate the legality of their doing so, by being able to confirm that the purpose of call recording satisfies at least one of the following conditions:
- The people involved in a call have given their consent to being recorded.
- Recording is required to fulfil a business contract.
- Recording is required in fulfilling a legal requirement.
- Recording is needed to protect the interests of one or more participants in a conversation.
- Recording is in the public interest or required for the exercise of official authorities.
- Recording is in the legitimate interests of the recorder – unless those interests are overridden by the interests of the participants in a call.
Companies in the financial services or health care industries (for example) would be covered under the clauses permitting call recording to fulfil a legal requirement, while those in the emergency or government services could be argued to be serving the public interest, when recording calls.
But for general business telecommunications, GDPR pretty much restricts organisations to the options of recording calls in their own “legitimate interests” (for which they would have to present a strong case), or in cases where the participants in a call have given their consent.
What You Need to Tell Them
Both GDPR and UK regulations require that all reasonable efforts should be made to inform those participating in a call that their exchange is being recorded. The barest minimum to achieve this would be mentioning on your advertising and customer-facing documents that calls to your organisation are routinely monitored and recorded. The same holds for companies that record all in-house communications – including any private phone calls made by staff, on lines designated for that purpose.
But the “explicit consent” demanded by GDPR requires that you go beyond this, in some way. Ideally, some kind of formalised policy for notifying people and asking for their consent should be put in place, including:
- Telling them that the call will be recorded.
- Telling them why the call is being recorded (business, monitoring, training, etc.).
- Notifying staff and suppliers of which lines are being monitored or recorded, and which types of calls recording applies to.
- Asking their consent to being recorded.
The VoIP telephony systems offered by LG Networks and its partner organisations contain tools and features to facilitate this, including customised messages for Auto-Attendant (electronic receptionist) platforms, in-app notifications for mobile users, and the like.
So, in addition to making call recording possible, your business telecommunications system can help ensure that your recording practices remain comfortably within the boundaries of ethics and the law.
If you would like to know more about call recording, compliance issues, or business telecommunications in general, contact the experts at LG Networks.