Skip to content
Original research · First edition in progress

The State of Voice AI Compliance

Most AI voice agents in the wild are non-compliant in ways their operators don't know. We're measuring exactly how, from aggregate, anonymized findings across real AI-agent calls scanned by Trace. Here's the methodology, the metrics, and how to be part of the dataset before the first edition publishes.

Why there are no numbers here yet. This is a compliance brand, accuracy is the whole point. We publish a statistic only when it comes from a real, large-enough, anonymized sample. The figures below populate when the dataset reaches our release threshold; until then we show exactly what we measure and how.

The metrics

What the report will quantify.

Each headline number is a direct aggregate of what a Trace scan detects on a call, no surveys, no estimates dressed up as data.

MetricWhy it landsFirst edition
Calls missing the recording disclosureThe most universal, scariest gap Measured, not estimated
Calls missing the AI / automated-voice disclosureTies straight to the FCC ruling + state laws Measured, not estimated
Calls with PII exposed in the transcriptConcrete and visceral; broken out by type Measured, not estimated
Calls where a caller opt-out was not honoredDirect TCPA / DNC liability Measured, not estimated
Calls missing business identity47 CFR § 64.1200 identification Measured, not estimated
Average compliance flags per callThe one number for the headline Measured, not estimated

We'll also model estimated $ exposure (flags × the $500-$1,500 TCPA statutory range) and slice by industry and provider, only where the sample is large enough to publish responsibly.

How it's built

Methodology and guardrails.

Methodology
  • Source: AI-agent calls scanned via the free scan + opted-in customers, over a stated period.
  • Each metric is an aggregate of Trace findings, disclosures present/absent, opt-outs honored, PII by type.
  • Sample size, period, and slice sizes stated openly. Transparency raises citeability.
  • Caveats up front: skews to orgs that ran a scan; directional, not a census.
Privacy guardrails
  • Aggregate-only, never a customer, deployment, or end-caller.
  • No raw PII/PHI in the report. The whole point is that we redact it.
  • Minimum cell size per slice before any cut is published, to prevent re-identification.
  • Legal sign-off on the dataset and the report before release.

Be part of the first edition.

Run the free scan on your last 1,000 calls. You get your own compliance scorecard, and your anonymized, aggregate findings help build the benchmark the whole industry will cite.

Know where you stand before the report does.

See your own compliance gaps now with a free scan, across any provider, and prove you fixed them with Trace's audit trail.

No credit card - OpenAI-compatible - cancel anytime