Genesys is being hit with a class action suit alleging violations of Federal and California law.
The lawsuit claims that having been deployed by the US National Domestic Violence Hotline (NDVH) to handle customer communications, Genesys used its CCaaS platform to intentionally record and analyze these communications without obtaining customer consent.
The suit states that the NDVH “purports to offer confidential support” to individuals affected by domestic violence via online chat, phone, and text messaging.
It continues by noting that people who contacted the Hotline were under the impression that they were communicating directly with a member of staff from the NDVH but were instead speaking to an undisclosed third party (Genesys) before being passed onto an NDVH representative.
The complaint argues that prior to being connected to the NDVH, Genesys had access to private and sensitive customer information, including name, age, gender, location, race, and reason for calling the Hotline.
Not only does the suit claim this information was stored and recorded without obtaining the customer’s permission, but it suggests that Genesys is directly benefiting from this data by using it to inform and improve its systems.
“Genesys does not simply enable customer interactions with third-party website owners – it mines them for information that it uses to improve its own services,” the lawsuit states.
This process of incorporating individuals’ information into its own systems, known as ‘machine-learning,’ gives Genesys a unique competitive edge, enabling it to gather business intelligence, improve its products, and provide enhanced services to its customers.
CX Today has reached out to Genesys for a comment but has not yet received a response.
The Plaintiffs, Allegations, and Damages
The complaint is being brought forward by three California-based plaintiffs who contacted the NVDH between 2021 and 2024.
While each plaintiff’s experience is slightly different, all three of the callers claim that they passed on personal details to Genesys without their knowledge or consent.
In doing so, the suit argues that Genesys has broken both Federal and California law.
The former refers to the Federal Wiretap Act, which bans the intentional interception or sharing of wire, oral, or electronic communications without consent.
While the latter concerns the California Invasion of Privacy Act (CIPA). Although CIPA is very similar to the Federal Wiretap Act, it provides additional protection in the form of a “private right of action” against those who unlawfully intercept communications.
In response to this, the plaintiffs are seeking damages of $10,000 or $100 per day for each violation of CIPA.
From both a legal perspective – and a customer service/experience perspective – it is the allegations of a lack of customer consent that are most pertinent.
The recording and analyzing of customer communications is common practice for most customer service departments and contact centers, but under US and California law, organizations must obtain consent before doing so.
The suit specifically outlines Genesys’ CX Cloud CCaaS solution throughout the document, making a point of highlighting how the platform’s wide suite of features was deployed across various channels of communication for the NDVH.
The suit provides examples from the Hotline’s chat, phone, and text services. It claims that these detail how, in each instance, Genesys failed to disclose that it had access to customers’ information.
Moreover, plaintiffs also accuse Genesys of using customer information “for its own purposes.”
The document asserts that Genesys acknowledges that when recording is enabled, it collects and stores user interactions with third parties.
In addition, the company’s Cloud Privacy Policy states that it may use this data for internal purposes such as statistical analysis, benchmarking, research, and service improvements.
The suit also references a previous version of its privacy policy, which it believes further confirms that Genesys may use customer data for market research, marketing enhancement, and to improve its website, services, and products.
In the opinion of the plaintiffs, this “self-admitted ability to use data collected from individuals to improve its own products, designs, and services distinguishes it from a run-of-the-mill phone service provider.
Put simply, Genesys is not merely facilitating interactions between users and the Hotline – it is also capable of mining data from these interactions for its own purposes to maintain its competitive edge.
Vendors in the Crosshairs
Interestingly, this lawsuit shares similarities with a complaint filed against Patagonia last year.
The suit – which was subsequently thrown out by a California judge – accused Patagonia’s CCaaS solutions provider, Talkdesk, of recording and analyzing customer communications without consent.
While the suits are alike in many ways, interestingly, it was Patagonia – not Talkdesk – that was accused in the 2024 suit.
This time around, the plaintiffs have chosen to specifically target the customer service vendor rather than the organization.
Given the nature of the services that the NDVH provides, the plaintiffs and their representatives may not have wished to bring the case against a charity.
With that being said, the suit is still a firm reminder and warning to any customer service or experience tech provider handling sensitive customer data to ensure that they are complying with all necessary laws and regulations.
Join the CX Community That Values Your Voice
This is your space to speak up, connect, and grow with thousands of CX leaders. Share your voice, influence what’s next, and learn from the best in customer experience. Join the conversation today.
