Is it legal to record phone calls in Australia?

DISCLAIMER: This guide is provided for general informational purposes only and does not constitute legal advice; call recording rules vary by jurisdiction and context, so you should obtain advice from qualified counsel before relying on it for compliance decisions.

Recording phone calls is standard practice for quality assurance, training, and building AI-powered customer experiences. But in Australia, the rules aren't simple.

Understanding consent requirements across federal and state legislation is critical, especially for businesses expanding from North America into APAC where non-compliance can lead to criminal penalties, including up to 5 years imprisonment in New South Wales.

This guide walks through Australia's telephone recording laws, explains what businesses need to know, and shows how the right infrastructure can make compliance easier.

Note: This guide is general information, not legal advice.

Federal framework: the Telecommunications (Interception and Access) Act

Key definitions (useful for compliance)

• Notification: telling callers recording will occur
• Consent: agreement to recording (explicit or implied the Telecommunications (Interception and Access) Act 1979) prohibits the interception of communications passing through telecommunications systems while they’re in transit. This law primarily targets third parties who tap into or record calls they're not part of, such as unauthorized wiretapping.

The TIA Act criminalizes interception itself, meaning violations can result in serious criminal charges, not just civil liability. For businesses, this establishes a baseline: no one outside the conversation can intercept a call without lawful authority.

However, the TIA Act doesn’t fully govern whether participants can record their own conversations. That’s mainly determined by state and territory listening device / surveillance legislation, which varies across Australia.

Federal and state laws can operate concurrently, so businesses should design their workflows around a conservative, nationally safe approach.

For businesses, this creates a practical baseline: notify callers that recording is taking place (notification is not the same thing as consent, but it’s a key part of a compliant workflow). The standard practice is an automated announcement at the beginning of each call, such as "This call is being recorded for quality and training purposes."

State and territory consent requirements

Recording laws vary across Australia, and the rules depend on which state or territory law applies to the call. Some jurisdictions are closer to an “all‑party consent” model for private conversations, while others generally allow a participant to record.

Practical rule for national businesses: If you record calls that may involve people in multiple states/territories, the safest approach is to notify all parties and obtain consent before recording.

Quick comparison (high-level)

Queensland and Victoria are often treated as more permissive for participant recording, but businesses still need to be careful about what happens after the recording (access, disclosure, and retention).

New South Wales is one of the most restrictive jurisdictions: recording without consent can expose individuals and corporations to significant criminal penalties.

Business call recording: what’s required

Businesses that record calls may need to comply with:

• Telecommunications laws (including federal interception rules), and
• The Privacy Act 1988 and Australian Privacy Principles (APPs) if they’re an APP entity (for example, many medium/large businesses and regulated operators).

Notification and consent

Before recording begins, a conservative, business-safe approach is to:

1. Provide clear notice that the call will be recorded
2. Explain the purpose (e.g., quality assurance, training, compliance)
3. Offer an alternative where feasible (e.g., a non-recorded line, a call-back option, or another channel)

In practice, some businesses treat continued participation after a clear announcement as implied consent, but it’s not a reliable compliance strategy across all jurisdictions. If you operate nationally, it’s safer to capture explicit consent (or provide a clear opt-out path) before

Data handling and storage

Call recordings often contain personal information, which means privacy and security controls matter. Businesses should:

• Store recordings securely with access restricted to authorized personnel
• Limit retention to what’s reasonably necessary for the stated purpose
• Delete or de-identify recordings when they’re no longer needed (subject to legal retention requirements)
• Control access and disclosure, especially when recordings are used for AI training, analytics, or audits

Even if you’re not an APP entity under the Privacy Act, these safeguards are still a strong baseline and are often expected contractually or by regulators in regulated sectors

Penalties for non-compliance

Recording conversations without proper consent isn't just a policy violation, it's a criminal offense. Penalties vary by jurisdiction but can be severe:

• NSW: Up to 5 years imprisonment and/or fines up to 100 penalty units for individuals (500 penalty units for corporations)
• Victoria: Up to 2 years imprisonment and/or 240 penalty units for individuals (1,200 penalty units for corporations)
• South Australia: Up to 3 years imprisonment and/or $15,000 in fines (higher corporate penalties may apply)
• Queensland: Up to 2 years imprisonment and/or 40 penalty units

Beyond criminal liability, businesses face reputational damage and potential civil claims.

Even if a recording was obtained unlawfully, Australian courts may still admit it as evidence in limited circumstances. However, relying on discretionary admission is risky and fact-specific. However, relying on this discretionary power is risky. Courts weigh the desirability of admitting evidence against the undesirability of condoning unlawful conduct.

Configuring compliant call recording with Telnyx

Telnyx provides the infrastructure to support compliant call recording workflows without patching together multiple vendors. Here's how:

NOTE: Telnyx provides tools and platform capabilities, but customers are responsible for configuring and operating their workflows.

Programmable consent flows

With Telnyx Voice API and SIP Trunking, you can program precise consent announcements that trigger automatically at the start of each call. Use Text-to-Speech to deliver notifications in natural-sounding voices, or pre-record custom messages that align with your brand.

For AI-powered systems, Telnyx Voice AI Agents can handle consent collection dynamically, confirming opt-in, logging the response, and routing calls accordingly.

Call transcripts, diarization, and metadata

Many modern call-recording and speech workflows can generate transcripts and (where supported) speaker labeling (diarization) to help with search, QA, and compliance reviews.

In practice, diarization quality depends on audio conditions (overlap, background noise, number of speakers), so it’s best described as a tool to improve reviewability rather than a guarantee that every speaker will always be identified perfectly.

You can also attach and track structured metadata (for example, consent status, call reason, or disposition) to make recordings easier to search, filter, and audit.

Data locality and security

Telnyx operates a private, carrier-grade network with regional deployments across APAC, including Australia. This can support:

• Low-latency performance for real-time voice AI (depending on routing and architecture)
• Regional deployment and data-locality strategies for customers with residency requirements
• Secure storage and access controls as part of a broader compliance program

For healthcare providers, financial services firms, and other regulated industries, this infrastructure supports compliance with both telecommunications law and sector-specific privacy requirements.

Best practices for Australian businesses

To minimize legal risk and build trust with customers, follow these guidelines:

1. Adopt the strictest standard: Assume all-party consent is required, even if some jurisdictions permit one-party recording.
2. Document your policies: Maintain a clear privacy policy that explains what you record, why, and how long you retain it.
3. Train your team: Ensure employees understand when recording is permitted and how to handle opt-out requests.
4. Audit regularly: Review call recordings and metadata to confirm compliance with retention schedules and access controls.
5. Use the right tools: Invest in infrastructure that makes compliance straightforward—consent prompts, diarization, secure storage, and metadata tagging should be built-in features, not afterthoughts.

For contact centers expanding into Australia, these practices aren't optional. Missteps can lead to regulatory action, fines, and erosion of customer trust.

The future of voice AI and compliance

As Voice AI systems become more sophisticated, compliance requirements will intensify. Regulators are increasingly focused on how businesses collect, process, and store voice data, especially when AI is involved.

That scrutiny increasingly includes areas like security controls, data retention, and cross-border processing/disclosures in addition to basic consent and notice requirements.

Telnyx's full-stack approach addresses this by giving you control over the entire voice pipeline, from PSTN connectivity to inference to storage. You're not relying on third-party integrations or hoping different vendors play nicely together. Everything runs on a single platform, which simplifies auditing, reduces latency, and ensures consistent compliance.

Whether you're building AI-driven customer service agents for healthcare, automating booking confirmations in travel, or enabling secure transactions in finance, Telnyx provides the infrastructure to scale confidently without compromising on compliance.

Ready to build compliant voice experiences?

Understanding Australia's telephone recording laws is the first step. Implementing them correctly requires infrastructure designed for compliance, performance, and scale.

Telnyx unifies global communications with low-latency AI, giving you the control to build secure, compliant voice solutions. Explore our Voice AI Agents, Voice API, and SIP Trunking to see how we make compliance straightforward or contact our team to discuss your specific requirements.