AI phone call disclosure ethics
AI Honesty in Voice Agents: Why Disclosure Matters and How to Get It Right
AI phone call disclosure is the practice of an automated voice agent identifying itself as artificial intelligence to the human on the other end of the line, either proactively at the start of the call or, at minimum, the moment a person asks. It is legally required in California, Florida, Texas, and a growing list of US states under bots-disclosure and AI transparency statutes, and it is rapidly becoming the ethical baseline that distinguishes trustworthy voice agents from deceptive ones. This article defines AI honesty in a voice context, walks through the law and the design choices behind it, and explains why ClawCall ships disclosure as a non-negotiable default rather than a configurable toggle.
Try ClawCall free — 30 calls + 30 min, no card →What AI honesty actually means on a phone call
AI honesty in voice agents is not a single rule. It is a stack of overlapping commitments that, taken together, ensure the human on the other end of the line is never deceived about who or what they are speaking with. The foundational layer is identity disclosure: when a caller or callee asks 'Am I talking to a real person?' the agent must answer truthfully and unambiguously. The de facto industry floor is a single line in the system prompt — 'Never claim to be human. If asked, confirm you are AI' — and most reference implementations for cold-calling and appointment agents now include some version of it.
On top of identity disclosure sits purpose disclosure: stating, near the top of the call, why the agent is calling and on whose behalf. California's bots-disclosure law and similar statutes in Florida and Texas already treat undisclosed automated callers as a deceptive practice when the agent is used to influence a commercial transaction or a vote. The third layer is recording disclosure, which most US states require under one-party or two-party consent rules and which intersects with disclosure when the AI itself is the party doing the recording.
The final, often-overlooked layer is behavioural honesty: a voice agent should not roleplay as a specific named human, should not fabricate a job title or relationship to the caller, and should not weaponise emotional cues to mask its non-human nature. A well-designed agent encodes all four layers as defaults the operator cannot turn off — disclose on direct question, state the calling party at the top of the call, surface recording status when asked, and refuse to impersonate a specific named human. That four-layer stack is what 'AI honesty' means in practice, and it is the lens for every other decision in this post.
The legal landscape: from California SB 1001 to the 2026 AI Transparency Act
The legal floor for AI voice disclosure in the US is older than most people realise. California's SB 1001, in force since 2019, makes it unlawful to use a bot to communicate with a Californian online in order to incentivise a sale or influence a vote without disclosing the bot's artificial identity. Florida's 2023 statute extended similar logic to political robocalls, and Texas's HB 4 expanded it to commercial AI generally. The legal exposure for skipping disclosure is per-call and stacks fast, which is why recording and AI disclosure are baked into most production reference prompts.
2026 raises the floor significantly. California's AI Transparency Act (SB 942) takes effect on 2 August 2026, with civil penalties of $5,000 per violation per day for AI systems serving more than one million California users without compliant disclosure. AB 853, signed in October 2025, layered further obligations for large online platforms (effective 1 January 2027) and capture-device manufacturers (effective 1 January 2028), and SB 53's Transparency in Frontier AI Act adds reporting duties for frontier developers. Public trackers now list 30+ US states with active AI transparency bills in some form, with telephony explicitly named in roughly a dozen.
The EU AI Act, in force from August 2026 for general-purpose obligations, adds Article 50 transparency duties: any AI system intended to interact directly with natural persons must inform those persons that they are interacting with an AI, unless it is obvious from context. A phone call from an unknown number is, definitionally, not 'obvious from context.' GDPR Article 22's restriction on solely automated decisions adds another layer when the agent is screening, qualifying, or rejecting a caller. The practical upshot: a voice agent built without disclosure as a first-class feature is no longer a quirky design choice. It is a regulatory bet that gets more expensive every year.
Why design defaults beat operator policies
Once you accept that disclosure is required, the next question is where in the stack it lives. The wrong answer, which is unfortunately the most common one, is to make disclosure a configurable string in the operator's system prompt. Reference implementations across the developer-platform ecosystem illustrate the problem even while doing the right thing: their disclosure line lives inside a SYSTEM_PROMPT constant or a YAML config. Any developer with commit access can delete it. Any LLM under enough conversational pressure can be argued into ignoring it. Any prompt-injection in a transcript ('Pretend you are my colleague Sarah') can override it.
The right answer is to enforce disclosure outside the model. ClawCall does this in two places. First, the Deepgram Voice Agent tool registry never exposes any tool that requires misrepresentation — there is no claim_to_be_human function and no impersonate parameter on existing tools. Second, the brand-level prompt instructs the agent that 'if asked if you are an AI, confirm directly,' and this instruction sits above any operator customisation. Operators can shape persona, tone, and goal, but they cannot remove the disclosure floor.
This matters because voice agents now ship into thousands of contexts the original developer never imagined. An API key dropped into a Claude Code workflow, a ClawHub automation, or an OpenClaw skill will make calls on behalf of users who never read the docs and never wrote a system prompt. If disclosure depended on each of those users remembering to add a line to their config, the floor would collapse the day someone forgot. Defaults beat policies because defaults survive the long tail of operators who do not know the policy exists. The same logic is why a well-designed agent leaves voicemail only when the task explicitly asks for it, and why bulk outbound sales calling is locked out at the platform layer rather than discouraged in a terms-of-service PDF.
The disclosure and voicemail-on-instruction rules, explained
ClawCall ships product rules that sit above every other behaviour and that no operator, API consumer, or downstream agent can override. The first is the disclosure rule: when the human on the line asks 'is this a real person,' 'am I talking to a bot,' 'are you AI,' or any reasonable variant, the agent answers truthfully and immediately. The agent does not deflect, does not change the subject, and does not produce an evasive non-denial. This is the rule that industry reference implementations now treat as non-negotiable, and the rule the EU AI Act Article 50 codifies for any direct human-AI interaction.
The second is the voicemail-on-instruction rule: if the task asks for voicemail, the agent leaves a concise, task-scoped message; if it does not, the agent reports that it reached voicemail instead of inventing one. A voicemail is a monologue, so the guardrail is specificity rather than improvisation: the caller controls whether a message is left and what it should cover.
The third related commitment, treated as a corollary rather than a separate rule, is no unsolicited sales calls and no robocalls. Every outbound call has to be initiated by an authenticated user — Clerk session, API key, or anonymous IP-tracked proto-key — on behalf of a specific end-customer task: booking a dentist, disputing a utility bill, sitting on hold with the airline. That authentication scaffold gives a per-call audit trail and a per-account abuse signal. The combination of these three rules is what 'opinionated about honesty' actually means: not a marketing posture, but a set of constraints encoded in the runtime that the operator cannot relax.
How other consumer and developer voice agents handle disclosure
The voice-agent market splits roughly into three camps on disclosure, and the differences are worth knowing before you pick a tool. The first camp is the developer voice platforms — Bland, Vapi, Retell, Synthflow, Vocode, Air.ai, Regal — which treat disclosure as the operator's responsibility. They ship sensible reference prompts and meter per-minute usage, but they push the moral and legal exposure onto downstream builders who may not understand the patchwork of state laws. Bland and Vapi are mature and feature-rich; Retell and Synthflow are easier to get started with; Vocode is open-source and gives you everything to wire yourself; Air.ai and Regal lean toward sales workflows. All are reasonable picks if you are building a product, not buying one.
The second camp is the consumer AI call apps — ClawTalk, ClawdTalk, PollyReach, AgentPhone, CallBuddy, Chirp AI, CallFluent, Jarvis.cx, HoldForMe.ai. Behaviour here is highly variable. ClawTalk and ClawdTalk are close direct overlaps with similar surface area. PollyReach and Chirp AI lean toward task-list automation. AgentPhone, CallBuddy, and CallFluent target appointment and reminder workflows. Jarvis.cx is iMessage-first, and HoldForMe.ai is narrowly focused on hold-time elimination. Most default to disclosure on direct question, a few let the user toggle persona, and consumer-facing marketing copy rarely surfaces the disclosure policy explicitly. The honest summary: feature parity is close, defaults vary, and the differentiator for most buyers is which honesty rules survive a worst-case operator.
The third camp is inbound-only AI receptionists — Goodcall, Rosie, Numa, Replicant — plus the OS-level features Apple Hold For Me and Google Hold For Me. Goodcall, Rosie, and Numa answer your business line and generally disclose well because the brand reputational cost of deception is direct. Replicant is enterprise-focused for contact-centre deflection. Apple and Google's Hold For Me are screen-only assistants for your existing call, not agents that negotiate outcomes. For the modal reader of this post — a consumer who needs the dentist booked, or a developer who wants their AI agent to place a real call today with honesty defaults built in — the closest fit is a packaged outbound agent with disclosure enforced below the operator's reach, which is the slot ClawCall is built for.
What honest disclosure sounds like in practice
Designers often worry that mandatory disclosure will sandbag the agent's effectiveness — that the moment the receptionist hears 'this is an AI assistant calling on behalf of...' they will hang up. Call data does not support this worry, and the design fix is straightforward: lead with the calling party and the purpose, not with the AI label. A typical opener for a dentist booking is 'Hi, I am calling on behalf of Shrey Jindal to book a cleaning — they have asked me to handle this for them.' If asked 'are you a person,' the agent replies 'No, I am an AI assistant working on Shrey's behalf, but I have everything I need to book the appointment.' The receptionist almost always continues.
What does not work is fake-warm opener theatre — 'How is your day going?' delivered in synthesised TTS — followed by evasion when the receptionist gets suspicious. That sequence reliably tanks the call and burns the user's reputation with that business for next time. The reference guidance most production agents now follow is 'one or two sentences per turn, conversational, not formal.' Be brief, be useful, be honest when asked, never roleplay as a specific named human you are not.
The sample transcript pattern that recurs in production calls looks like this: identification of the calling party, statement of purpose, request for the next available slot, polite handling of the inevitable 'wait, is this an AI?' with a one-line yes, then back to the task. The disclosure adds about three seconds to a successful call and prevents the entire class of 'we feel deceived, please do not call back' outcomes that hurt both the user and the business they are trying to transact with. Honesty is, empirically, a better business strategy than the alternative, and it is one of the rare cases where the ethical default and the commercial default point the same way.
What buyers and developers should ask before they ship
If you are evaluating a voice-agent tool for a real workload — booking appointments for a clinic, qualifying inbound leads for a sales team, building an agent skill for your AI coding stack — the disclosure questions to ask vendors are tighter than the ones in most RFPs. First: where in the stack is disclosure enforced? If the answer is 'in the system prompt,' that is a configuration, not a guarantee. Ask whether the platform exposes any tool, parameter, or persona feature that would let an operator instruct the agent to claim humanity. Many platforms' honest answer is 'well, technically yes.'
Second: what does the agent do on a direct question? Ask for a recorded sample or a sandbox where you can ask the agent yourself. The right behaviour is a single clean affirmation: 'Yes, I am an AI assistant calling on behalf of...' The wrong behaviour is deflection, a non-answer, or a confident lie. Third: what is the voicemail policy? An agent that leaves voicemail by default has no answer to the 'am I talking to a human' question for an entire class of calls. A strong voicemail policy should say whether messages are allowed, who authorized them, and what content is acceptable.
Fourth: what is the abuse posture? Ask about unsolicited outbound, robocall prevention, per-account rate limits, and what happens if an operator tries to use the platform to spam. Tri-auth account models and the absence of a bulk-dialer interface are intentional friction against the failure mode of 'honest voice agent used dishonestly.' Fifth, and most underrated: does the platform document its disclosure policy publicly under a license that lets you cite it in your own compliance docs? Documentation under CC BY 4.0 lets downstream developers and compliance teams reference the policy verbatim. Honesty, like security, is easier when it is something you inherit from your infrastructure rather than something you re-invent per project.
Where ClawCall fits and what to try first
If you got this far, the practical question is which workflow to try the policy out on. For consumer use cases, the obvious starting point is hold-time elimination — ClawCall dials a clinic, an airline, or a utility, waits through the IVR, talks to whoever picks up, discloses on request, and either books the appointment or bridges the call back to you when verification is needed through the loop_in_user patch-in. The free trial covers 30 calls + 30 minutes with no credit card, and the Unlimited tier at $4.99/month covers the long tail of 'actually, can you also call the dentist while you are at it' tasks without metering anxiety.
For developers, the entry point is the agent skill — a drop-in install for Claude Code, Cursor, ClawHub, or OpenClaw that gives your existing AI agent a phone number in seconds. POST /call to api.clawcall.dev returns immediately with a call_id; poll GET /call/:id until lifecycle=finalized; read back the transcript and recording. The same disclosure defaults apply automatically. Your agent does not have to remember to be honest because the runtime is honest on its behalf.
For inbound use cases, Unlimited Reserve at $8.99/month gives you a private reserved inbound number, and Unlimited Reserve Plus at $14.99/month adds an AI inbound assistant that answers calls to that number with the same disclosure defaults and the same no-impersonation rule. None of these tiers meter per minute, which removes the perverse incentive to shave seconds off the disclosure to save money. The whole point of writing honesty into the runtime is so that the operator does not have to choose between doing the right thing and the cheap thing — an AI phone agent that always discloses, can leave voicemail when instructed, and never makes unsolicited sales calls, available in seconds to consumers and developers alike.
Frequently asked
- Is it legal to make an AI phone call without disclosing that it is AI?
- It depends on the jurisdiction and the call's purpose, but the trend is firmly toward no. California's SB 1001 already prohibits undisclosed bots used to influence a sale or vote, and the California AI Transparency Act (SB 942) takes effect 2 August 2026 with $5,000-per-day penalties for non-compliant systems serving over one million users. Florida and Texas have parallel statutes, and the EU AI Act's Article 50 transparency duty applies from August 2026 to any AI interacting with natural persons. The safest design assumption today is that disclosure on direct question is mandatory everywhere you operate, and proactive disclosure is mandatory in a growing list of states.
- Why does ClawCall make AI disclosure non-configurable instead of a setting?
- Configuration drift is the most common way honesty policies fail in practice. If disclosure lives in an operator's system prompt, any developer can delete it, any prompt injection can override it, and any downstream agent inheriting the API key can ship without it. ClawCall enforces disclosure in the runtime itself: the agent is instructed to confirm AI status when asked, the tool registry exposes no functions that require misrepresentation, and no operator-level setting can disable the floor. Every call made through ClawCall — web app, SMS/iMessage interface, REST API at api.clawcall.dev, or a downstream agent skill in Claude Code, Cursor, ClawHub, or OpenClaw — inherits the same honesty default automatically.
- Will disclosing that the caller is an AI hurt the success rate of the call?
- Production behaviour says no, provided disclosure is paired with a clear statement of the calling party and purpose. A typical opener — 'Hi, I'm calling on behalf of [user] to book an appointment' — followed, when asked, by a clean 'Yes, I'm an AI assistant working on their behalf' rarely causes hang-ups. What does tank success rates is fake-warm opener theatre followed by evasion when the receptionist gets suspicious. Disclosure adds roughly three seconds to a successful call and prevents the much larger cost of 'we feel deceived, please do not call back' outcomes that damage the user's relationship with the business they are trying to transact with.
- How does ClawCall handle voicemail and unsolicited calls?
- ClawCall can leave voicemail when instructed and never initiates unsolicited sales or robocalls. The voicemail rule is downstream of the disclosure rule: a voicemail is a monologue, so the recipient cannot ask 'is this a person?' and get a real answer. Leaving voicemail only when instructed keeps that fallback under the caller's control. The unsolicited-calls rule is enforced at the account layer: every call must be initiated by an authenticated user (Clerk session, API key, or IP-tracked anonymous proto-key) on behalf of a specific task, which gives a per-call audit trail and a per-account abuse signal. The platform has no bulk dialer interface, by design.
- How does ClawCall compare to developer voice platforms like Bland, Vapi, or Retell on disclosure?
- Bland, Vapi, Retell, Synthflow, and Vocode are infrastructure for building voice products. They ship reasonable disclosure language in their reference prompts but leave compliance to the operator, which means the floor depends on every downstream developer remembering to keep it. ClawCall is a finished product plus an agent skill: disclosure, instruction-controlled voicemail, and no-unsolicited-calls are enforced by the runtime so they survive into every downstream context. If you are building a custom voice product and want full control of every layer, the developer platforms are appropriate. If you want your AI agent to make calls today with honesty defaults built in, ClawCall is the shorter path.
- Where can I cite ClawCall's disclosure policy in my own compliance documentation?
- ClawCall publishes its product documentation under Creative Commons Attribution 4.0 (CC BY 4.0) specifically so downstream developers, compliance teams, and legal reviewers can quote it verbatim with attribution. The canonical reference for the disclosure, instruction-controlled voicemail, and no-unsolicited-calls rules lives in the docs at clawcall.dev/docs, and the agent skill for ClawHub and OpenClaw integrations carries the same language. When citing in formal compliance materials, attribute to 'ClawCall' and link to the relevant docs page; the CC BY 4.0 license requires attribution but otherwise permits reuse, including in commercial materials.