Illinois Eavesdropping Act

When most people think about digital privacy litigation, California comes to mind first. The state’s Invasion of Privacy Act has generated hundreds of lawsuits against companies that intercept chat communications, deploy session replay software, and harvest data without meaningful consent. What fewer people recognize is that Illinois has its own powerful wiretapping statute and it remains significantly underutilized as a vehicle for consumer privacy protection. 

Understanding the The Illinois Eavesdropping Act

The Illinois Eavesdropping Act prohibits the intentional use of any device to hear, transmit, or record any oral, telephone, or electronic communication without the consent of all parties to that communication. Illinois is an all-party consent state, which means every participant in a conversation must agree to its recording or interception—not just the company doing the collecting.

The statute was substantially amended following a 2014 Illinois Supreme Court ruling that struck down portions of the prior version on First Amendment grounds. The revised law narrowed its scope in some respects while preserving robust protections for private electronic communications. Critically, it applies to electronic communications—a term broad enough to encompass the kinds of digital data collection practices that have become standard across the technology, retail, and healthcare industries.

How It Compares to California’s Wiretap Law

California’s Invasion of Privacy Act and the Illinois Eavesdropping Act share the same foundational architecture: both require all-party consent, both apply to electronic communications, and both authorize private civil claims. The practical difference has been one of litigation volume rather than legal strength.

California courts have spent years developing case law around CIPA’s application to live chat tools, session replay software, and third-party analytics vendors. That body of precedent has made CIPA claims somewhat easier to pursue because the legal arguments are well-developed. Illinois plaintiffs have access to the same underlying legal theories, a potential opportunity for individuals whose data has been collected without proper consent.

Examples of Conduct That May Violate the Illinois Eavesdropping Act

Understanding what conduct the statute covers is essential for identifying potential claims. Several categories of common corporate data practices may expose companies to liability under Illinois law.

• Live chat interception. When a consumer visits a website and types a message into a live chat window, that communication may pass through one or more third-party vendor platforms before reaching the company’s customer service team. If an Illinois resident’s chat message is routed through a third-party system that captures and stores it—without that person’s knowledge or affirmative consent—the interception may fall within the Act’s prohibitions.
• Session replay and keystroke logging. Software tools that record a user’s keystrokes, mouse movements, and form entries in real time are widely deployed across commercial websites. An Illinois resident who types personal health information, financial data, or contact details into a web form may have that data captured by a session replay vendor before hitting submit. If the company failed to disclose this practice and obtain meaningful consent, the recording may constitute an unlawful interception under the Act.
• Undisclosed call recording. Many businesses record customer service calls as a matter of routine. Under Illinois law, simply playing a recorded disclaimer at the start of a call—without giving the caller a genuine opportunity to consent or disconnect—may not satisfy the all-party consent requirement. Companies that record calls involving Illinois residents while relying on inadequate consent mechanisms are potentially liable.
• Chatbot and AI conversation capture. Automated chat systems and AI-powered customer assistants often store conversation transcripts for training and optimization purposes. When this data collection is not clearly disclosed, Illinois residents interacting with these systems may have claims based on the unconsented recording of their electronic communications.

How Illinois Plaintiffs Can File Claims

A plaintiff pursuing a claim under the Illinois Eavesdropping Act must establish several core elements: that an electronic communication occurred, that it was intercepted or recorded, that the defendant used a device to accomplish the interception, and that the plaintiff did not consent to the recording. The consent element is particularly important—and often the most contested.

Claims may be brought individually or as class actions. Given that data collection practices tend to be uniform across a company’s entire user base, class certification is often more realistic. Successful plaintiffs may recover actual damages, punitive damages, and litigation costs—making these cases financially viable even when individual harm is difficult to quantify precisely.

Why Hire The Lyon Firm for Data Privacy Violation Cases

The Lyon Firm represents individuals and classes of consumers in data privacy litigation across Illinois, California, and nationwide. The firm brings focused experience in wiretapping claims, electronic surveillance cases, and consumer privacy litigation—understanding both the technical realities of how data collection operates and the legal framework for holding companies accountable when they cross the line.

Whether you are an Illinois resident whose communications were intercepted without consent, or a consumer in any state facing unlawful data collection practices, The Lyon Firm has the knowledge and resources to evaluate your claim and pursue it. Contact The Lyon Firm today for a free case evaluation.