Skip to content
All posts

Compliance · 10 min read · June 23, 2026

Call recording compliance for Zoom, Google Meet, and phone calls

One-party vs. two-party consent, explained, and why it applies to Zoom, Meet, and Teams recordings exactly like phone calls. Plus how to prove every recording was disclosed.

By The PyAI Trace team · Compliance & GTMLast reviewed June 23, 2026 · PyAI Trace team, checked against the primary sources linked on this pageEducational, not legal advice.

The short answer

Whether you can record a call without asking depends on where the people are, not what app you used. The U.S. federal floor is one-party consent (18 U.S.C. § 2511): one person on the call (you) can consent. But about a dozen states require all-party (two-party) consent, meaning *everyone* must agree, and California's CIPA makes a violation both a crime and a civil claim. Crucially, these rules apply to Zoom, Google Meet, and Teams recordings exactly like phone calls. Recording the conversation is what's regulated, not the wire it traveled on.

Picture two glasses of water. In a one-party state, you can record a conversation as long as *one* glass (you) says “okay.” In a two-party (all-party) state, *every* glass at the table has to say “okay” first. The moment one person on the call is sitting in a two-party state, the stricter rule can apply to the whole call. That's why the safe, universal habit is simply: tell everyone the call is being recorded, at the start.

It's the conversation, not the channel

This is the single most expensive misconception in the space: teams assume “recording compliance” is something their phone vendor handles. It isn't. A Zoom sales demo, a Google Meet support session, a Teams interview, and a phone call are all the same thing to the law: a recorded conversation. An AI notetaker silently joining a Meet in a two-party-consent state is the same legal event as secretly taping a phone call.

Any conversation

Phone callsAI agents & human reps
ZoomSales demos, interviews
Google MeetSupport sessions
Microsoft TeamsInternal & external
AI voice agentsAny provider, any stack
Trace scans it100% of calls

One compliant record

  • PASS / WARN / FAIL verdict
  • Findings that cite the rule
  • Auto-redacted PII / PHI
  • Tamper-evident audit trail

Trace runs over the conversation, not one provider's wire, so you keep your existing phone, meeting, and agent stack and add compliance as a layer on top.

The state map, simplified

Most U.S. states follow the one-party federal floor. A minority require all-party consent. The exact list shifts with case law, and some states treat in-person vs. electronic differently, so use this as orientation and confirm the current status for your states with counsel.

RuleRoughly whoWhat you must do
One-party consentFederal floor + most statesYou may record; you (one party) consent
All-party (two-party) consent~12 states incl. CA, FL, IL, MD, MA, PA, WAEveryone must be told and agree
Mixed / context-specifice.g. some states differ on in-person vs. phoneTreat as all-party to be safe
Orientation only. The all-party list and its edge cases change with legislation and court rulings. Verify with counsel for your jurisdictions.

The simple rule that keeps you safe everywhere

If you operate across states (and you do, the moment you take calls from anywhere), just disclose the recording to everyone at the start of every call. A clear 'this call is recorded' line satisfies the strictest states and is good practice in the rest.

Add AI and there's a second disclosure

When the caller is an AI agent, recording consent isn't the only disclosure in play. A growing set of state laws, led by California's B.O.T. Act, can require you to tell the person they're talking to a bot. So an AI call may owe two disclosures: “you're being recorded” and “you're speaking with an AI.” Both are short scripts; the hard part is verifying they were actually said on every call.

How to prove the disclosure happened

Saying the line in your script is not the same as proving it was said on call #57,213. If you can't show it, it didn't happen. Trace scans every recording (phone, Zoom, Meet, or Teams) and verifies the recording disclosure (and, for AI calls, the bot disclosure) was actually present, flags the ones that missed it, redacts sensitive data captured in the transcript, and stamps each call with a tamper-evident hash. That's the difference between hoping you disclosed and being able to show it.

Manual QA~2% sampled

Two calls reviewed by hand. The violation is almost certainly in the 98 nobody listened to.

Trace100% scanned

Every call scored against your rule packs, automatically, the moment it ends. Nothing hides.

Frequently asked questions

Do call recording laws apply to Zoom and Google Meet?

Yes. Recording-consent laws regulate the conversation, not the transport, so Zoom, Google Meet, and Microsoft Teams recordings are treated like phone-call recordings. If anyone on the call is in an all-party-consent state, you generally must disclose and get agreement.

What's the difference between one-party and two-party consent?

One-party consent (the federal floor and most states) means one participant can consent to recording. Two-party / all-party consent (about a dozen states, including California) means everyone on the call must be informed and agree.

What's the safest way to handle recording across states?

Disclose at the start of every call that it's being recorded. A clear recording notice satisfies the strictest all-party states and is good practice everywhere, so you don't have to track each participant's location in real time.

Does an AI agent need an extra disclosure beyond recording consent?

Often yes. State bot-disclosure laws like California's B.O.T. Act can require telling the person they're interacting with an AI, so an AI call may owe both a recording disclosure and a bot disclosure.

See what Trace finds on your calls.

Trace scans 100% of your calls, phone, Zoom, Meet, or Teams, against TCPA, HIPAA, PII, and brand-voice rule packs, and returns a per-call scorecard with cited findings, redaction, and a tamper-evident audit trail. Keep your stack; add compliance on top.

No credit card - OpenAI-compatible - cancel anytime