What are the Legislations on Call Recording?

We were asked…

“I am working on a quality project, I held some workshops with the front-line staff and one of the groups raised this issue of compliance in the recording of the calls. Some of them said if the recording is done just with the purpose of supporting the agents’ skills and training then we do not require training. However, if we are also recording with a purpose of resolving customer disputes in that case the customer can sue us for breaking the privacy act.”

Answer

We always point our customers to the Ofcom website, the guidelines they lay out are as follows:

Recording and monitoring telephone calls or emails

A general overview of interception, recording and monitoring of communications

The interception, recording and monitoring of telephone calls is governed by a number of different pieces of UK legislation. The requirements of all relevant legislation must be complied with. The main ones are:

• Regulation of Investigatory Powers Act 2000 (”RIPA”)
• Telecommunications (Lawful Business Practice)(Interception of Communications) Regulations 2000 (”LBP Regulations”)
• Data Protection Act 1998
• Telecommunications (Data Protection and Privacy) Regulations 1999
• Human Rights Act 1998

It is not possible to provide comprehensive detail of that legislation here. Any person considering interception, recording or monitoring of telephone calls or emails is strongly advised to seek his/her own independent legal advice and should not seek to rely on the general information provided below. It should be borne in mind that criminal offences and civil actions may occur when the relevant legislation is not complied with. Accordingly, Oftel accepts no liability for reliance by any person on the following information.

Can I record telephone conversations on my home phone?

Yes. The relevant law, RIPA, does not prohibit individuals from recording their own communications provided that the recording is for their own use. Recording or monitoring are only prohibited where some of the contents of the communication – which may be a phone conversation or an email – are made available to a third party, i.e. someone who was neither the caller or sender nor the intended recipient of the original communication. For further information see the Home Office website where RIPA is posted.

Can a business or other organisation record or monitor my phone calls or email correspondence with them?

Yes they can, but only in a limited set of circumstances relevant for that business which have been defined by the LBP Regulations. The main ones are:

• to provide evidence of a business transaction
• to ensure that a business complies with regulatory procedures
• to see that quality standards or targets are being met in the interests of national security
• to prevent or detect crime to investigate the unauthorised use of a telecom system
• to secure the effective operation of the telecom system.

In addition, businesses can monitor, but not record, phone calls or emails that have been received to see whether they are relevant to the business (e.g. open an employee’s voicemail or mailbox systems while they are away to see if there are any business communications stored there). For further information see the DTI website where the LBP Regulations are posted.

However, any interception of employees’ communications must be proportionate and in accordance with Data Protection principles. The Information Commissioner has published a Data Protection Code on “Monitoring at Work” available on its website here. The Code is designed to help employers comply with the legal requirements of the Data Protection Act 1988. Any enforcement action would be based on a failure to meet the requirements of the Act – however, relevant parts of the Code are likely to be cited in connection with any enforcement action relating to the processing of personal information in the employment context. Accordingly this Code of Practice and the Data Protection Act must also be considered by any business before it intercepts employees’ communications.

Do businesses have to tell me if they are going to record or monitor my phone calls or emails?

No, as long as the recording or monitoring is done for one of the above purposes, the only obligation on businesses is to inform their own employees. If businesses want to record for any other purpose, such as market research, they will have to obtain your consent.

What do I do if my calls have been recorded unlawfully?

Under RIPA it is a tort to record or monitor a communication unlawfully. This means that if you think you have suffered from unlawful interception of your phone calls or emails you have the right to seek redress by taking civil action against the offender in the courts.

(If you have been following the steps to contact Oftel and this FAQ has not helped then proceed to Step 3)

Do I have the right to listen to a call recording?

“I am in dispute over a holiday price. They have recorded the conversation but are still saying a different price than I was quoted. Have I the right to request to listen the call?”

Under the data protection act you have the right to see any information that a company holds about you.

This web link should provide you with more information

ICO FAQ data protection for the public

Can I get a recording of my phone conversation?

The legal answer to this is yes.  But the practical complication may be that the business might not have recorded the phone calls,  or that they may not have kept the phone call.

How do we have to inform customers that calls are being recorded?

Are we being compliant if we include ‘your calls maybe recorded for training & security purposes’ on letters/external emails to business contacts, rather than say it on every outbound call?

In short, yes!

You only actually *need* to inform once, if it’s on a document it’s fine. The exception would be outbound cold or inbound first contact. (That’s the FSA side anyway).

Click here for our Data Protection Act and Call Recording Laws in the UK

Call Recording is a Must for Business

I really agree with call recording is a must for business.
I always use call recording feature whenever I have business call or online business meeting, this really help me lots in different way.

thanks to Tom

UK suggestions

If you are in the UK and the organisation is in the UK, You can ask for the recording. If they have a transcript you can ask for that as well.

They may charge you £10 for this. See the link below.

https://ico.org.uk/for-the-public/personal-information/

thanks to Jonty

Thought on Personal Information

Where a bank customer makes regular telephone calls in order to carry out account transactions he is taken through a security check for which he provides detailed personal information. He is also asked to provide certain characters in his password: eg 1st, 4th, and 5th characters. Thus if a recording of the call is made by the bank, assumedly the speech of both parties, it will contain much of the data required for another party to attempt to access the callers account. If there were such a person within the bank staff complement, or for that matter, anyone else, who has access to bulk call recordings of the bank, he might also be able to work out individual passwords by filtering out a number of recorded calls involving the same customer. He would then be in a position to attempt, with some degree of confidence, to steal from this person’s account.
I would like to know if this vulnerability is overcome in the operating process of banks.
I would also like to know if, and how, a customer might successfully insist on there being no recording of his telephone calls.

Thanks to Jim

Further Reading

• Call Recording Guidelines
• Data Protection Act and Call Recording