Compliance

A personal safety tool earns trust by being legible. Here is exactly how Soteria handles consent, evidence, data, and AI.

The United States has a patchwork of recording consent laws. Soteria detects your jurisdiction by GPS and adapts its operating mode to match the local rule, then gives you control over how strict the adaptation should be.

All-party consent states (recording requires the consent of every party):

  • California
  • Connecticut
  • Delaware
  • Florida
  • Illinois
  • Maryland
  • Massachusetts
  • Michigan
  • Montana
  • Nevada
  • New Hampshire
  • Oregon
  • Pennsylvania
  • Washington

In each of these states, Soteria defaults to Silent Alert mode: GPS tracking and emergency email alerts only, no audio recording. Where a state's law differs by recording type or scenario, Soteria errs on the side of the stricter rule.

In every other state, one-party consent is the default. The person doing the recording is the only party whose consent is required. Soteria's Full Recording mode is available there by default.

Three user modes

Auto-silent

In an all-party consent state, Soteria automatically switches to Silent Alert mode: GPS tracking and emergency email alerts only, no audio recording. The default for users who do not change their preference.

Notify

Soteria detects the jurisdiction and prompts you before activating recording. You decide in the moment, with the legal context surfaced.

Override

For users who have made an informed decision (for example, recording for personal evidence with awareness of the legal exposure), Soteria allows manual override. The override is logged in the audit trail.

Jurisdiction detection is based on GPS at the moment of activation. If GPS is unavailable, Soteria defaults to the strictest applicable rule.

Soteria errs on the side of stricter consent requirements to protect you. State recording laws change; this list is current as of May 2026. Consult a licensed attorney for legal advice in your specific situation.

Evidence Integrity

Recordings are only useful as evidence if they can be trusted. Soteria builds a court-admissible, tamper-evident chain on every session.

  • Per-segment SHA-256 hashing. Each audio segment is hashed at the moment of capture, not after the fact. The hash covers the actual audio bytes, not just metadata.
  • Chained hashes (blockchain-style). Each segment's hash includes the previous segment's hash, so any modification anywhere in the recording breaks the chain.
  • Device fingerprinting. Each session captures a device fingerprint for chain of custody. Evidence is bound to the specific device that produced it.
  • Access logging. Every access of the evidence is logged: view, export, share, copy. The audit log is part of the evidence package.
  • WORM (write-once-read-many) storage policy. Recordings cannot be modified after capture. The system rejects writes to existing segments.
  • Background re-hash verification. A nightly background job re-hashes stored recordings to detect any tampering, and surfaces alerts if the chain breaks.
  • Tamper-evident JSON export. Audio, transcript, GPS track, timestamps, hashes, device fingerprint, and access log are bundled into a single signed package.
  • Timestamps on every event. Activation, segment boundaries, alert dispatch, contact acknowledgement, deactivation.
  • GPS tags on every segment, not just the session start.

The evidence chain is self-authenticating under Federal Rules of Evidence 902(13) and 902(14) — the same evidence standard used by law enforcement digital forensics. This means the evidence can be admitted in federal court without requiring a forensic expert to testify to its authenticity. Many state evidence codes follow the same model.

Data Handling

  • FERPA-aware Campus tier: when Soteria is licensed by a university, student session data is treated as an education record. Institutional access is limited to the dashboards and aggregate metrics defined in the deployment agreement.
  • GDPR alignment: right to access, deletion, portability, and correction are exposed in the application's settings. No dark patterns, no support-ticket gating.
  • Right to deletion within 30 days: on account deletion, every associated record (sessions, transcripts, hashes, contacts, preferences, audit log entries) is permanently removed within 30 days of the request.
  • On-device by default: session data does not leave your device unless you opt in to encrypted cloud backup.

AI Provenance

Soteria's transcription is powered by the Web Speech API built into your browser (Chrome and Edge today; Safari and Firefox as their support matures). This is browser-native speech recognition. Your audio is processed by your browser, not sent to an external AI service.

We do not use third-party AI vendors to process user audio. We do not train models on user data. We do not retain transcripts beyond your chosen retention period.

Audit Trails

Every action that affects your safety posture or your data is logged:

  • Session start, end, and every segment boundary
  • Every email alert dispatched and every emergency contact acknowledgement
  • Every preference change (consent mode, retention period, contact list, escalation rules)
  • Every account action (sign-in, sign-out, deletion request, export request, override events)
  • Every evidence access (view, export, share, copy)

Audit logs are visible to you in the application and are included in your portability export.

Compliance Questions?

If you are evaluating Soteria for a campus, organization, or jurisdiction with a specific compliance requirement we have not addressed here, reach out.

Email admin@lonia.ai