Yes, it is legal to record a phone call with a customer as long as you have the required consent, and what counts as required depends on the state. Federal law and most states follow one-party consent, meaning the call can be recorded if any one participant (including you or your business) agrees. About a dozen states require all-party consent, meaning everyone on the call has to agree. The safest and simplest practice is to announce the recording at the start of every call, which satisfies both standards everywhere.
This article is general information, not legal advice. Recording laws vary by state and change over time; talk to an attorney about your specific situation.
One-party consent vs all-party consent
The federal Wiretap Act sets the floor: recording a phone call is legal if at least one party to the call consents. If you are on the call and you decide to record it, you are that one party, and federal law is satisfied.
States can be stricter, and a meaningful group of them are. In an all-party consent state (sometimes called two-party consent), every person on the call must consent to the recording. Recording without that consent can be a crime, and in several of these states it also exposes you to civil lawsuits from the person you recorded.
The states generally treated as all-party consent for phone calls are:
- California
- Connecticut (for civil liability; criminal law is one-party)
- Delaware
- Florida
- Illinois
- Maryland
- Massachusetts
- Michigan (courts have read it narrowly, but treat it as all-party to be safe)
- Montana (requires notification)
- Nevada (for phone calls, per state court rulings)
- New Hampshire
- Oregon (for in-person conversations; phone calls are one-party, but many businesses treat Oregon as strict anyway)
- Pennsylvania
- Vermont (no clear statute; courts have implied all-party expectations)
- Washington
Everywhere else, one-party consent applies. But notice how many caveats appear in that list. Several states have quirks, court interpretations, or splits between criminal and civil standards. That messiness is exactly why most businesses do not try to track it call by call.
Interstate calls follow the stricter rule
Here is where it gets practical for a contractor. You are in Texas (one-party). Your customer is calling from their winter place in Florida (all-party). Which law applies?
Assume the stricter one does. Courts have applied the law of the state where the person being recorded is located, not just where the recorder sits, and a well-known line of California cases held out-of-state businesses liable for recording calls with California residents without consent. You usually cannot tell where a cell phone physically is when it rings. An area code tells you where the number was issued, not where the caller is standing today.
So the working rule for any US business that takes calls from the public: behave as if every call is an all-party consent call. That sounds burdensome until you see how easy compliance actually is.
Announcing the recording satisfies consent
You do not need signed forms or a verbal yes from every caller. In every state, consent can be implied: if a person is clearly told the call may be recorded and they stay on the line, they have consented. This is why nearly every large company opens with some version of this call may be recorded for quality and training purposes. It is not boilerplate for its own sake; it is the consent mechanism.
To make the announcement do its job:
- Put it at the very start of the call, before any substantive conversation.
- Make it audible and plain. A fast mumble or a disclosure buried three menu levels deep is asking for an argument later.
- Apply it to outbound calls too. If your office or an automated system calls a customer and records, the disclosure belongs in the first few seconds of that call as well.
If a caller objects, you have two clean options: stop recording and continue the call, or explain that calls on this line are recorded and offer another way to reach you. What you cannot do is keep recording after someone has said no.
This is the approach we took with Coastline's AI assistant, Current, when it answers or places calls on a workspace's business line. Every call opens with a fixed disclosure: the business name, the fact that the caller is speaking with an AI assistant, and a note that the call may be recorded. It cannot be turned off, because the disclosure is what makes the rest of the call defensible. If you are weighing an automated answering setup, our guide to avoiding missed calls without hiring a receptionist compares the options and shows where these guardrails fit.
Recording consent is not the same as calling consent
Consent to record answers one question: may this conversation be captured? It says nothing about whether you were allowed to place the call in the first place. That is a separate body of law, mainly the TCPA, and it turns on things like whether the call is automated and whether it is a sales call or a servicing call about existing business. If you are recording outbound calls, make sure the call itself is permitted before worrying about the recording; our TCPA overview covers when that consent is needed, and the marketing call vs servicing call distinction explains why an appointment reminder is treated very differently from a cold pitch.
Retention: keep recordings only as long as they earn their keep
Legally recording a call is step one. Storing it forever is its own liability. Every recording you hold is discoverable in a dispute, in scope for a data breach, and subject to any privacy law that reaches your customers. Good retention practice for a small business looks like this:
- Pick a fixed retention window and automate the deletion. Ninety days to one year covers most dispute and quality-review needs for home-services work. If a specific recording matters (a disputed change order, an insurance claim), export and preserve that one deliberately.
- Restrict who can listen. Recordings of customer calls should not be ambient content for the whole company. Limit access to the people who need it and log access if your system supports it.
- Do not keep payment card numbers in recordings. If customers read card numbers aloud on recorded lines, you have a PCI problem. Pause recording during payment capture or take payment through a link instead.
Transcripts vs raw audio
A transcript and a recording are not the same asset, and treating them differently is smart.
Raw audio is the heavier liability. It captures the customer's actual voice, which is biometric-adjacent data under some newer state privacy laws, and it captures everything: background conversations, the customer's kid, the card number they read out before you could stop them. It is also the thing juries hear tone in.
A transcript is text. It preserves the operational value (what was promised, what address, what price) with a smaller privacy footprint and it is searchable. For most day-to-day purposes, the transcript is what your team actually needs; the audio is only needed when tone or authenticity is disputed.
A sensible default, and the one Coastline ships with for Current's calls: keep transcripts by default with permission-gated access inside the workspace, and make raw audio strictly opt-in with a short fixed retention window (90 days) when it is enabled. Whatever tools you use, the principle carries: default to the lighter artifact, opt in to the heavier one, and put an expiration date on it.
The short version
Recording customer calls is legal everywhere in the US if everyone on the call has been told and stays on the line. Announce the recording in the first seconds of every call, inbound and outbound, and you never have to care which state the caller is in. Keep transcripts as your working record, treat raw audio as opt-in with a firm deletion date, and remember that recording consent does not substitute for consent to place the call at all. Get those habits in place once and recorded calls become an asset (training, dispute protection, better notes) instead of a risk.