Jones Walker Logo
  • News & Insights
  • Professionals
  • Services
  • News & Insights
  • Professionals
  • Services

  • Firm
  • Offices
  • Careers
  • Events
  • Media Center
  • Blogs
  • Contact

  • text

AI Law and Policy Navigator

The Chatbot on the Witness Stand - Part 2: AI at the Drive-Thru, Voice Ordering, and the Vendor Contract That May Decide Who Pays

By Jason M. Loring, Michelle Ramsden
July 2, 2026

The voice taking your drive-thru order is increasingly not human. Quick service restaurants have moved quickly to deploy AI voice agents at the drive-thru speaker and on phone ordering lines, drawn by the promise of increased order accuracy, speed, labor flexibility, and upsell consistency. The business case is easy to understand. The legal framework governing these deployments, however, remains unsettled, and recent litigation has brought companies deploying these systems (and not just the vendors building them) closer to the center of a sixty-year-old wiretapping debate.

Part One of this series examined how the California Invasion of Privacy Act ("CIPA") has become one of the most active litigation tools for claims targeting AI-powered website chatbots and previewed coverage of the federal dimension, healthcare-specific exposure, the emerging liability for off-script chatbot statements and a practical risk assessment framework. 

This installment touches part of that federal dimension and applies the practical risk framework to a use case moving just as quickly as the website-chatbot cases: AI voice ordering at the drive-thru and over the phone. Healthcare-specific exposure and off-script chatbot liability will follow in Part Three.

The Short Version, and Where This Picks Up

As we noted in our first entry in this series, CIPA was enacted in 1967 to address wiretapping and related interception of communications. Its central provision, Section 631, generally prohibits unauthorized interception of communications by third parties. Courts evaluating modern AI deployments have applied differing frameworks when assessing whether a vendor should be treated as a third party or as an extension of the business deploying the technology.

Some courts have focused on allegations that a vendor possesses the ability to use communication data for purposes independent of the customer relationship, while others have emphasized the vendor's role as a service provider acting on behalf of the business itself. The resulting case law remains highly fact-dependent and continues to evolve.

Against that backdrop, AI voice ordering presents a natural next test case. Below we examine how the distinctions between website-based communications and telephone or drive-thru interactions may matter in ways courts have yet to fully address.

How a Drive-Thru Order Becomes a Wiretap Claim

The structure of these deployments is what has attracted attention from plaintiffs' counsel. When a restaurant deploys a third-party AI voice agent, the interaction is typically presented as a communication with the restaurant. At the same time, a vendor's technology may be transcribing, processing, routing, or otherwise facilitating the interaction. The restaurant is certainly a party to the conversation, but whether and under what circumstances the vendor should be treated as an independent third party is one of the questions currently being litigated.

In Taylor v. ConverseNow Technologies, Inc., a federal court allowed claims arising from an AI-powered restaurant ordering system to survive a motion to dismiss. The plaintiff alleged that when she called to place a restaurant order, her communications (including personal and payment information) were allegedly intercepted and recorded by the AI vendor without her knowledge or consent. The court concluded that the allegations were sufficient at the motion to dismiss stage, including allegations concerning the vendor's ability to use interaction data to improve its services.

Importantly, Taylor does not resolve the ultimate merits of these issues. Like many of the recent chatbot cases, it illustrates the types of allegations plaintiffs are advancing and the kinds of facts courts may consider when evaluating them at the pleading stage.

Voice ordering deployments may also raise issues beyond Section 631's third-party interception theory. Depending on the facts, plaintiffs may assert claims under other CIPA provisions, including Section 632’s restrictions on recording confidential communications.

Why the Capability Test Matters

One recurring theme in recent litigation is what many commentators have referred to as the "capability test." Under that approach, some courts have examined not only what a vendor allegedly did with communications data, but also what the vendor was allegedly capable of doing.

Plaintiffs increasingly focus on allegations that vendors possess the ability to use interaction data for product improvement, analytics, model training, benchmarking, or other purposes independent of delivering services to the customer. Defendants, by contrast, often emphasize contractual restrictions, technical limitations, the vendor's role as a service provider, and the absence of any actual independent use.

The resulting disputes illustrate why diligence surrounding AI deployments increasingly extends beyond a review of contractual terms alone. Businesses evaluating AI voice platforms should understand both the contractual commitments being offered and the technical architecture through which those commitments are implemented.

Several courts have suggested that contractual restrictions may not necessarily be dispositive where plaintiffs plausibly allege that a vendor retains the technical ability to use information independently. At the same time, courts continue to evaluate these issues on a fact-specific basis, and meaningful defense victories have occurred as these theories move beyond the pleading stage.

The distinction matters. While some courts have allowed capability-based theories to survive motions to dismiss, defendants have also secured meaningful victories later in the litigation. For example, in Gutierrez v. Converse Inc., the Ninth Circuit affirmed summary judgment for the defense, underscoring that allegations sufficient to proceed past the pleading stage and evidence sufficient to establish liability on the merits are not necessarily the same. That gap between pleading standards and merits standards is one reason these cases can generate substantial litigation costs long before a court ultimately resolves the underlying issues.

As a practical matter, organizations assessing AI voice systems may wish to evaluate available technical controls alongside contractual protections. Depending on the vendor and deployment, that analysis may include feature selection, training restrictions, access controls, data segregation, retention settings, and other configuration choices that affect how customer communications are handled.

It is also worth remembering that the doctrine remains unsettled. Courts, including the Ninth Circuit, have continued to recognize the general principle that a party to a communication cannot eavesdrop on its own conversation, and some courts have declined to find liability absent evidence of actual interception or misuse. At the same time, plaintiffs continue to advance broader third-party interception theories. The resulting uncertainty is one reason that these cases can create litigation risk before courts ultimately reach the merits.

Some defense-side arguments advanced in website chatbot litigation arise from the differences between internet-based and telephone-based communications. Whether, and to what extent, those arguments translate to voice ordering systems remains an evolving question that courts have only begun to address.

Two Fronts the Restaurant Has to Watch at Once

Potential wiretap-related litigation risk does not stop at California's borders. The federal Electronic Communications Privacy Act ("ECPA") may provide a parallel theory in some circumstances, although it operates differently from CIPA. Among other distinctions, federal law generally permits recording or interception where one party to the communication has consented. As a result, issues relating to consent, vendor relationships, and deployment architecture may play out differently under federal law than under California's “all party consent” framework.

Several states (including Florida, Pennsylvania, Illinois, and others) maintain their own consent-based recording statutes. For organizations operating nationally, AI voice deployments therefore require attention to a patchwork of potentially applicable state and federal requirements.

At the same time, a separate and rapidly evolving legislative track governs disclosures and other obligations associated with certain AI systems. As discussed in Part One, California's SB 243 regulates companion chatbots and imposes disclosure and safety obligations within that context while excluding certain customer service uses. Depending on the functionality and purpose of a particular deployment, a drive-thru or phone-ordering system may fall outside that framework. But organizations should evaluate that question carefully rather than assume that a statutory exclusion automatically applies.

More broadly, the AI-disclosure question and the wiretap consent question remain distinct legal issues. A statute governing disclosures about AI use does not necessarily resolve questions concerning consent to the collection, recording, or processing of communications. As a result, businesses should evaluate both issues independently even where they arise within the same customer interaction.

Where the Risk Is Often Managed: The Vendor Contract and the Consent Flow

Although the legal theories continue to evolve, many of the issues driving these disputes arise from facts businesses can evaluate before deployment.

The Vendor Agreement

Most AI voice-ordering agreements were not originally drafted with emerging chatbot and voice-ordering litigation in mind. As a result, organizations increasingly focus on provisions addressing how communication data is collected, used, retained, shared, and protected.

The contract review should focus on the provisions that matter most in these cases: model training, product improvement, analytics, benchmarking, downstream uses, retention periods, deletion obligations, subprocessor access, and whether the vendor's commitments are reflected in the actual system configuration. Businesses should also confirm they have sufficient visibility into relevant system settings, including whether features relating to training, human review, analytics, or product improvement are enabled.

If a dispute arises, technical discovery, access to system information, cooperation obligations, defense coordination, and allocation of litigation responsibilities can become as important as the underlying contractual promises. Organizations should consider whether their agreements appropriately address those contingencies before they arise.

Ultimately, the objective is not simply to negotiate stronger language. It is to understand whether the contractual commitments, technical architecture, and operational realities of the deployment align with one another.

The Consent Architecture

Questions concerning disclosure and consent continue to feature prominently in litigation involving customer-facing AI systems. For voice interactions, businesses should test whether disclosures are clear, appropriately timed, and designed to support the consent framework applicable to the deployment. For drive-thru deployments in particular, that may require practical decisions concerning how disclosures are delivered, whether an alternative ordering channel is available where relevant to the legal analysis. 

Organizations should also evaluate whether disclosures accurately describe the role of service providers and the processing of customer communications. A disclosure delivered contemporaneously with the interaction may present different considerations than information available only through a separate privacy policy or website.

The Practical Path

The operational response does not need to be complicated, but it should be deliberate.

Start with an inventory. Identify where AI voice-ordering systems are deployed, which vendors support them, and whether the interaction occurs at the drive-thru speaker, over the phone, through an app, or across multiple channels.

Then review the vendor relationship. The key questions are not limited to what the agreement says. They include how the system is configured, whether training or product-improvement features are enabled, what data is retained, who can access it, which subprocessors are involved, and what support the vendor must provide if a dispute arises.

Next, map the customer experience. Confirm what the customer actually hears or sees before substantive interaction begins, whether the disclosure matches the way the system operates, and whether any alternative ordering channel is available where that matters to the legal analysis.

Finally, broaden the review beyond CIPA. Depending on the deployment, the relevant analysis may include ECPA, state call-recording laws, AI-disclosure laws, biometric laws, consumer-protection rules, and sector-specific privacy requirements. Building that review into vendor onboarding is easier than reconstructing it after a demand letter or complaint.

AI voice ordering is not a risk to be avoided. It is a technology to be deployed on terms the company has actually examined. The organizations that do that work before scaling are better positioned to keep a 1967 wiretapping statute where it belongs: in the background of a modern customer-service strategy, not at the center of a class-action complaint.

For questions about AI voice ordering deployment, vendor governance, contract structuring, wiretap and privacy litigation risk, or consent architecture, contact the Jones Walker Privacy, Data Strategy, and Artificial Intelligence team. Part Three of this series, addressing healthcare-specific exposure and the emerging liability for off-script chatbot statements, is coming next. Stay tuned for continued insights from the AI Law and Policy Navigator.

Related Professionals
  • name
    Jason M. Loring
    title
    Partner
    phones
    D: 404.870.7531
    email
    Emailjloring@joneswalker.com
  • name
    Michelle Ramsden
    title
    Special Counsel
    phones
    D: 404.870.7503
    email
    Emailmramsden@joneswalker.com

Related Practices

  • Privacy, Data Strategy, and Artificial Intelligence
Sign Up For Alerts
© 2026 Jones Walker LLP. All Rights Reserved.
PrivacyDisclaimerAvident Advisors
A LexMundi Member