New WebSocket privacy feature for compliance-oriented environments

Voximplant has added a WebSocket privacy option that redacts message payloads from logs across all WebSocket-based services – Voice AI connectors and external speech system –  and speech control modules. Rather than trying to detect sensitive content inside a transcript, the feature removes the payload entirely before it reaches our log pipeline. This is the recommended default for HIPAA, PCI DSS, GDPR, and CCPA environments where any transcript, LLM, or speech interaction could carry regulated or sensitive customer data.

Voximplant's connectors and modules pass all information through unmodified by default. This keeps development simple and in alignment with the vendor’s API. However, this can mean sensitive information can land in logs if it's present in a conversation or passed to a LLM as is common in Voice AI use cases. The privacy option closes that gap without changing what your scenario code receives at runtime. 

See our Security and Privacy overview for the broader compliance picture.

Highlights

• Blanket redaction of WebSocket message payloads in Voximplant logs — this permanently redacts all WebSocket information from internal logs and developer-exposed logs to ensure maximal data protection
• Available across 17 services (Voice AI connectors, external Speech to Text (STT), external Text to Speech (TTS), Voice Activity Detection (VAD), and end-of-turn detection
• Enabled per API client with a single `privacy: true` flag
• Your VoxEngine scenario still receives the full payload in real time — only the log view is affected
• You can still choose to transmit this information to your logging systems

“In voice AI, compliance risk often comes from where data ends up—not just where it’s processed. Voximplant’s privacy mode minimizes that risk by keeping transcripts out of logs entirely without interfering with our realtime functionality.”
– Mike Depinet, Software Engineer, Ultravox.

How it works

When privacy: true is set on a WebSocket client, Voximplant replaces the text field of every WebSocket.Message event with ****** in the log stream before persistence. Your scenario continues to receive the original message content at runtime, so transcripts, agent logic, and downstream handling work unchanged.

Example

Here is a typical Voice AI log without privacy enabled:

2026-04-20 13:14:13.239 {"name":"Ultravox.Events.WebSocketMediaStarted","id":"bmE-lEy4S5aFCiKwtx_1ngeNGorpUUe5s3klZAXe-y8","client":{},"encoding":"PCM16"}
2026-04-20 13:14:13.250 Sent event to JS onPhoneEvent with params [{id = Krhr-pCMRYmukqALv31kwdCphfK7OEBGtnG-6qz7TZQ ; name = WebSocket.Message ; text = {"customEvent":"Transcript","payload":{"type":"transcript","role":"agent","medium":"voice","text":"","delta":"Thank","final":false,"ordinal":2}} ; } ;  ]
2026-04-20 13:14:13.253 Sent event to JS onPhoneEvent with params [{id = Krhr-pCMRYmukqALv31kwdCphfK7OEBGtnG-6qz7TZQ ; name = WebSocket.Message ; text = {"customEvent":"Transcript","payload":{"type":"transcript","role":"user","medium":"voice","text":" My account number is 987-654-321.","final":true,"ordinal":1}} ; } ;  ]

With privacy enabled, the same interaction produces:

2026-04-20 13:13:23.382 {"name":"Ultravox.Events.WebSocketMediaStarted","id":"T3Tvn-udS26HKo3HrEkipb327jT8LkRYrLho3kORttQ","client":{},"encoding":"PCM16"}
2026-04-20 13:13:23.436 Sent event to JS onPhoneEvent with params [{id = fADbxESYR2O__xFD55j4c4ZNV860VkZmu2Hevoj9Ro8 ; name = WebSocket.Message ; text = ****** ; } ;  ]
2026-04-20 13:13:23.471 Sent event to JS onPhoneEvent with params [{id = fADbxESYR2O__xFD55j4c4ZNV860VkZmu2Hevoj9Ro8 ; name = WebSocket.Message ; text = ****** ; } ;  ]

 

Developer notes

Set privacy: true as part of the client or parameters object when creating a WebSocket-based service. For example, using the Ultravox Voice AI connector:

```
voiceAIClient = await Ultravox.createWebSocketAPIClient({
   endpoint: Ultravox.HTTPEndpoint.CREATE_CALL,
   authorizations: {"X-API-Key": VoxEngine.getSecretValue("ULTRAVOX_API_KEY")},
   body: AGENT_CONFIG,
   privacy: true, // 
   onWebSocketClose: handleClose,
   });
```

See the links at the end of this below for specifics on each API interface.

Trace is not private

Trace overrides privacy. Setting trace: true on the same client disables redaction. Trace exists only for debugging with Voximplant support and should never be enabled with sensitive customer data. Do not enable trace unless asked by the Voximplant team.

Pricing and availability

The WebSocket privacy option is generally available today across all 17 WebSocket-based services at no additional cost. It is opt-in per client, so you can enable it selectively for flows that carry regulated data and leave it off elsewhere.

References

Universal Media over WebSockets module

• WebSocketParameters

Voice AI connectors

• Cartesia – AgentsClientParameters
• Deepgram – VoiceAgentClientParameters
• ElevenLabs – AgentsClientParameters
• Gemini – LiveApiClientParameters
• Grok – VoiceAgentApiClientParameters
• OpenAI – RealtimeApiClientParameters (beta)
• OpenAI – ChatCompletionsApiClientParameters
• OpenAI – RealtimeApiClientParameters
• OpenAI – ResponsesApiClientParameters
• Ultravox – WebSocketApiClientParameters

Speech control

• Pipecat – TurnDetectorParameters
• Silero – VadParameters

Realtime Text to Speech (TTS)

• Cartesia – RealtimeTTSPlayerParameters
• ElevenLabs – RealtimeTTSPlayerParameters
• Inworld – RealtimeTTSPlayerParameters