Every time you talk to an AI assistant, browse a website with a chat widget, or upload a photo, your personal data becomes fuel for someone else's machine learning pipeline. The question courts and regulators are now wrestling with is deceptively simple: did you consent to that?
In 2025 and early 2026, that question exploded into a full-blown legal crisis. From billion-dollar settlements to state attorneys general issuing joint warnings, the PII-AI battlefield has become the most consequential front in tech law.
Here's where things stand.
The Big Settlements: When the Bill Comes Due
Clearview AI: $51.8 Million for 3 Billion Stolen Faces
The case that put AI data scraping on the legal map reached its conclusion in 2025. Clearview AI scraped roughly 3 billion images from public social media profiles โ names, faces, metadata โ and used them to build a facial recognition tool sold to law enforcement and private companies.
Under Illinois' Biometric Information Privacy Act (BIPA), users sued. The result: a $51.8 million settlement approved by a federal court in Illinois, one of the largest biometric privacy awards in history.
The lesson was clear: even data that's "public" on the internet isn't necessarily fair game for commercial AI training. BIPA's strict consent requirements โ notice before collection, written release for data sharing โ created a legal framework that no amount of "but it was publicly available" arguments could overcome.
Apple Siri: $95 Million for Recording Conversations Nobody Agreed To
For six years, Apple's Siri recorded private conversations and shared them with third-party contractors for "quality grading." A class action lawsuit covering Siri-enabled devices sold between 2014 and 2024 resulted in a $95 million settlement, approved in August 2025 with payouts beginning in January 2026.
Each claimant received up to $20 per device. The case underscored a critical principle: voice data is personal data, and using it for AI improvement without explicit consent violates both consumer trust and the law.
Anthropic's $1.5 Billion Copyright-PII Nexus
While primarily a copyright case, Anthropic's $1.5 billion settlement over training data raised a related concern: when AI companies ingest massive copyrighted corpora โ articles, books, forum posts โ they're also ingesting personal information embedded in those works. Names, locations, personal stories, health details published in news articles. The legal boundary between copyright infringement and PII misuse is blurring, and this case proved it.
The Wiretapping Laws Come for AI
One of the most consequential legal developments in 2025 was the application of electronic communications wiretapping laws to AI chatbots.
Taylor v. ConverseNow Technologies: AI Phone Assistants as Wiretaps
In Taylor v. ConverseNow Technologies, a federal court allowed a class action to proceed against a company that built AI phone assistants for restaurants. The plaintiff argued that when a customer called a restaurant and an AI system handled the conversation, the data was intercepted by a "third party" โ the AI provider โ for its own commercial purposes (system improvement, training), not just to serve the customer.
The court agreed that this was plausible under the California Invasion of Privacy Act (CIPA), distinguishing between data used to benefit the consumer (routing the call correctly) and data used for the provider's own AI improvement.
This distinction โ service provision vs. model training โ is becoming the fault line of AI privacy law. If an AI system processes your conversation and also learns from it, courts are increasingly asking: did you consent to both uses?
The ByteDance Counterpoint
Not all courts are reaching the same conclusion. In Rodriguez v. ByteDance, claims under CIPA and federal wiretapping statutes against TikTok's parent company were dismissed, with the court finding that the user consent language in TikTok's terms of service was broad enough to cover AI training on user data.
The takeaway: consent language in terms of service matters enormously, and the specific framing of what users agree to can be the difference between a dismissed case and a class action that survives to discovery.
State Attorneys General: The Bipartisan AI Privacy Coalition
In August 2025, a bipartisan coalition of state attorneys general issued a joint warning to leading AI developers, demanding accountability for how AI systems handle consumer data โ with particular emphasis on risks to children.
This wasn't a Democrat-vs-Republican issue. AGs across the political spectrum agreed that AI companies' access to and use of personal data, especially minors' data, warranted government action.
Key areas of focus:
- AI chatbots interacting with children โ the AGs demanded stronger safeguards, particularly compliance with COPPA
- Therapeutic claims โ Texas launched an investigation into AI companies marketing chatbots as mental health tools
- Opaque data disclosures โ AGs challenged vague privacy policies that don't clearly explain how AI systems use personal data
The FTC also distributed more than $15 million in connection with allegations that an AI developer stored, used, and sold consumer information without their knowledge โ a concrete enforcement action showing that the agency is willing to go beyond warnings.
The EU AI Act: A Different Regulatory Model
While the U.S. relies heavily on litigation and enforcement actions, the European Union took a fundamentally different approach. The EU AI Act, which began enforcement in 2025, created a tiered regulatory framework:
- Unacceptable risk AI โ banned outright (social scoring, real-time biometric surveillance in public spaces)
- High-risk AI โ mandatory risk assessments, data governance requirements, human oversight obligations
- Limited risk AI โ transparency requirements (chatbots must disclose they're AI)
- Minimal risk AI โ no specific requirements
Critically, the AI Act interacts with the GDPR. Personal data used in AI training is still subject to GDPR's data minimization, purpose limitation, and consent requirements. The combination of both frameworks means that European companies deploying AI face dual compliance obligations โ the AI Act's technical requirements and GDPR's privacy principles.
Early enforcement actions in 2025 and 2026 have focused on transparency failures โ AI companies that failed to adequately disclose how their systems process personal data. Fines under the AI Act can reach โฌ35 million or 7% of global revenue, whichever is higher.
The Creative Legal Theories: Where Things Are Going Next
Plaintiffs' attorneys are getting creative. Some notable theories tested in 2025:
"Cognitive Labor" Claims. One plaintiff alleged that an AI company unlawfully exploited the "cognitive labor" users generated through interactions โ essentially arguing that conversations with AI create intellectual property that the company shouldn't use for training without compensation. The court dismissed it, but the theory will return in refined form.
Health Insurance AI Denials. Cigna, UnitedHealth, and other insurers faced lawsuits for allegedly using AI to systematically deny claims, with PII-enabling the algorithmic decision-making that led to wrongful denials. The PII angle: personal health data fed into AI systems without meaningful disclosure of how it would affect coverage decisions.
AI Hiring Bias. Civil rights groups sued Intuit and HireVue, alleging their AI hiring tools disadvantaged applicants with speech differences, in violation of the ADA. The PII dimension: biometric and behavioral data collected during AI-evaluated interviews used for purposes candidates didn't fully understand or consent to.
What This Means for Developers
If you're building with AI, here are the emerging rules of the road:
1. Consent must be specific, not bundled. Generic "we may use your data to improve our services" language is increasingly insufficient. Courts and regulators want users to understand how their data is used โ including for AI training.
2. Service provision and model training are legally distinct. Using someone's data to provide a service they requested is one thing. Using that same data to train a model that benefits you commercially is another. The ConverseNow case shows courts are willing to treat them differently.
3. Children's data is the tripwire. COPPA, state AG actions, and the EU AI Act all focus extra scrutiny on AI systems that interact with minors. If your AI chatbot might reach kids, you need documented safeguards.
4. Biometric data is the highest-risk category. Clearview and Apple Siri show that face, voice, and other biometric data trigger the most aggressive enforcement. If your AI processes biometrics, BIPA-style compliance isn't optional.
5. The EU model is influencing the U.S. Even without federal AI legislation, the EU AI Act is creating a de facto global standard. U.S. companies operating internationally โ which is most of them โ need to comply regardless of what Congress does or doesn't pass.
The Uncomfortable Reality
Here's the tension at the heart of the PII-AI debate: the data that makes AI useful is often the same data that privacy law protects.
A health AI is useful because it has access to personal health records. A hiring AI is useful because it can evaluate behavioral patterns. A facial recognition AI is useful because it has billions of face images. The utility and the privacy risk are inseparable.
The legal system is not going to resolve this tension cleanly. It's going to produce a patchwork of enforcement actions, settlements, consent requirements, and regulatory frameworks that developers will need to navigate case by case.
What's already clear: the era of "scrape everything, figure out the legal issues later" is over. The bills are coming due โ $51.8 million at a time.