A regular Consumer World reader from Florida who we’ll call N.W. recently wrote to us about a disturbing discovery when she called the technical support department of Spectrum, her cable provider.
Rather than ask a whole series of verification questions when first connected, N.W. explained that the representative immediately identified her by her voice. She asked how this was possible, and was told that customers’ voices are recorded for Spectrum’s use. One of the newest uses is to digitize a person’s voice and speech pattern to create a unique digital identity or voiceprint that can act like an automatic password when they call again.
According to our consumer, Spectrum claimed they had notified her about their new Voice ID security system via email, but when she inquired what email address they had on record for her, they admitted they had none.
N.W. is a very privacy- and security-sensitive person and was distressed by Spectrum’s use of this technology without her knowledge or affirmative consent.
According to a press release and a fact sheet that Spectrum issued last May at the launch of the feature, Voice ID was supposed to be an “optional” and “completely voluntary” service.
*MOUSE PRINT:

Obviously, their Voice ID system only works if the company can hear or record the customer’s voice and then analyze it. Most companies’ customer service lines announce that “your call may be monitored or recorded for training or quality control purposes.” Anecdotally, Spectrum may not always do this in all cases, but it has a disclosure in its terms of service:
*MOUSE PRINT:
a. Recording of Communications. Subscriber acknowledges and agrees that all communications between Subscriber and Spectrum may be recorded or monitored by Spectrum for quality assurance or other purposes [emphasis added] subject to applicable law.
To get a straight answer as to what happened in N.W.’s case (and perhaps to others), we asked the PR folks at Charter Communications, the cable operator that provides Spectrum service. It has over 31 million customers in 41 states.
After doing their research, N.W. got a call from Spectrum. According to her, the Spectrum rep admitted that the company had recorded voices for Voice ID without customers’ knowledge and consent, they were very apologetic, and said there was no excuse for what happened.
So could N.W. be the only customer they did this to? We asked the company how widespread the problem was, why it was done without consent, whether reps were incentivized to enroll customers in Voice ID, and what were they going to do now to remedy the situation. They issued this short statement but declined to comment further:
“We take customer security and privacy very seriously and our policy is, and always has been, to obtain customer consent prior to enrollment in Voice ID. In the event the enrollment is disputed, we will remediate the situation immediately by unenrolling the customer and deleting their voice file, as has been done in this instance.â€
From a legal standpoint, there are two key issues. Does Spectrum properly alert callers when they are recording or monitoring customer conversations and the reasons for doing so? And did Spectrum enroll other customers in Voice ID without permission? The strongest biometric protection laws (that govern a third party’s use of your fingerprint, iris scan, voice, face, etc.) prohibit collecting and using such identifiers without first notifying the subjects and getting their affirmative consent. And remember that in Spectrum’s case, they explicitly told customers they would not enable Voice ID without permission.
As of mid-2021, five states (Illinois, Arkansas, California, Texas, and Washington) had specific laws governing biometrics. Some other states apply their generic privacy laws to biometric issues, while still others have pending legislation on the subject. (See state list.)
So how do you feel about a company recording your voice, and creating and using a voiceprint to identify you? Should you have to give your permission for them to do this? And do you think that N.W. was the only customer who was involuntarily opted into Voice ID? Enter your comments below.
And, as an experiment, if you have Spectrum service, considering calling customer service and asking if Voice ID is or is not enabled on your account. You can report your results here.
For an interesting article on the commercial use of your voice, check out Professor Joseph Turow’s opinion piece recently published in the New York Times.
The slippery slope continues unabated as corporate America eviscerates our privacy.
The lie is that they’re using Voice ID for security. They never verified who N.W. was before creating the voice record, otherwise N.W. would have been aware of the enrollment. Using it as an “automatic password” actually creates a security problem. Imagine new accounts taken over by identity thieves who don’t have to first prove who they are.
This is a huge violation of personal privacy in the US. If this issue is, at all, widespread this deserves a class action lawsuit.
Obviously, this has happened with most, if not ALL their subscribers. I smell a lawsuit coming. I’ll bet lawyers are already salivating over this.
Len… I don’t think so. I had a few people check their accounts, and they were NOT enrolled automatically.
Dominos pizza uses that as does Atlantic cable. In one case the hospital computer system pulls up my records as they answer. 991 can trace your location which seems like a good thing.
I’ve called Spectrum a few times and was asked to enroll in the voice security program. I declined each time. So, it does sometimes work how they described.
While I respect the concerns of those who view this as a serious privacy matter, I do have to wonder how much different it is from being identified by one’s phone number (Caller ID).
I remember calling a customer support line (not Spectrum) and being asked, “Is this William?” by the support representative. I was taken aback, but didn’t really feel that my privacy had been violated, when the rep responded that my phone number was in the company database along with my name.
You do have the ability to block caller ID (*67) and you did previously voluntarily provide your phone number to the company. The case here was that they recorded the person’s voice and stored it in their database without consent.