AI Recruiting Tools Are Being Sued — and Buyers Are Still Buying

The EEOC settled its first case against an AI hiring tool in 2023 for $365,000. Workday is currently the defendant in a federal class action over algorithmic age and race discrimination. New York City's Local Law 144 now requires an independent bias audit for any automated employment decision tool used to screen city residents. Illinois HB3773 went into effect at the start of 2026. Colorado's SB205 follows in 2027.

None of that has slowed adoption.

What Lawsuits Are Actually in Motion Right Now?

Three matter, and they tell different stories.

1. EEOC v. iTutor (settled 2023, $365,000). The first time the federal agency successfully brought an action against an AI hiring tool for age discrimination. The remedy was monetary and the precedent was procedural: the EEOC has the authority and the appetite.
2. Mobley v. Workday (active, federal class action). The plaintiff alleges Workday's screening AI rejected applicants based on protected characteristics. Workday's defence has been that it is a software vendor, not an employer, and therefore not liable under Title VII. The court has so far rejected that defence.
3. NYC Local Law 144 enforcement actions (ongoing). The city has authority to fine companies that use automated employment decision tools without a documented bias audit. Enforcement is uneven but the surface area is real.

The pattern is established. The EEOC will keep filing. The class actions will keep moving. The state laws will keep passing.

What Are Buyers Doing About It?

Buying more of these tools. The HR technology category is growing faster than the legal risk is dampening it, and the vendors are responding by adding a bias-audit certification page to their marketing site that does not, on close reading, commit the vendor to anything operational.

"Independently audited for fairness" on a vendor's homepage is usually a one-time audit of a model snapshot that has since been retrained, by an auditor the vendor chose and paid. It is not a guarantee. It is a signal of intent.

Why Has the Risk Failed to Cool Demand?

Five reasons, none of them irrational from the buyer's perspective, all of them concerning when stacked together.

1. Volume. Recruiters cannot read every applicant manually at the volumes the tools now handle. The alternative is not "no AI." It is "less efficient AI from a smaller vendor with worse audits."
2. Cost. An AI-screened pipeline costs less per hire than a human-only pipeline. The math is too clear to argue with at the budget level.
3. Vendor risk allocation. Buyers assume the vendor's contract indemnifies them. Most contracts do not. The buyer is the employer of record and remains liable.
4. Audit theatre. A vendor-provided bias certification feels like compliance to a busy HR director. It is not compliance. It is a marketing artefact.
5. Slow regulators. The laws are new. The enforcement is sparse. A buyer who has not been sued can rationally bet they will not be the first.

What Should Procurement Actually Ask?

Three questions, asked in the contract negotiation, separate the serious vendors from the vendors who will collapse the buyer into the next class action.

1. Will you contractually indemnify us against discrimination claims arising from your tool's screening decisions, with no usage caveats? Most vendors will say no. Some will negotiate a capped indemnity. The vendors that refuse to discuss it at all are the ones to walk away from.
2. Will you provide the underlying model's audit data on request, including the demographic breakdown of accepted and rejected candidates over the contract period? This is the data the EEOC will subpoena if you become the defendant. The vendor that cannot produce it is leaving you exposed.
3. Will you commit to a re-audit every twelve months by an auditor of our choosing, at your cost? The bias-audit certification was 18 months ago. The model has been retrained since. The certification is not current. Demand it be current.

What Does the State Law Patchwork Look Like?

The federal law is Title VII, which applies regardless of whether the screening was done by a human or a machine. The state laws are stacking on top of it.

1. New York City Local Law 144 (2023). Bias audit required for any automated employment decision tool used on city residents. Audit must be posted publicly. Candidates must be notified.
2. Illinois HB3773 (2026). Restricts use of AI in employment decisions and requires disclosure to applicants.
3. Colorado SB205 (effective 2027). Imposes risk management obligations on developers and deployers of high-risk AI systems, including employment screening.
4. California (multiple bills pending). Various proposals around algorithmic discrimination in employment have advanced but not all passed.

The patchwork matters because a national employer has to comply with the strictest law in any state where it hires. The vendor cannot solve this for you. The vendor's product is the same product everywhere it is sold. Compliance is the buyer's problem and the buyer's contract has to acknowledge it.

The legal exposure is not theoretical. The vendor's defence in Mobley v. Workday was that it is software, not an employer. The court rejected that. The buyer is the employer of record under every theory of liability that matters.

What Categories Have the Most Exposure?

1. Resume-screening tools. The classic surface. The tool ranks candidates against a job description and the ranking is treated as deterministic. The bias mode is well documented. Greenhouse and similar platforms have built more conservative ranking layers in response. Vendors with newer screening algorithms have not.
2. Video-interview analysis. The category that drew the EEOC's earliest attention. Models that infer "fit" from facial expression, tone, or vocabulary. Several vendors have quietly retired their video analysis features. Others still ship them.
3. Automated outreach and sourcing. Tools that surface candidates from public profiles and decide who to contact. The bias enters at the surfacing step. Buyers rarely audit it because the decision feels upstream of the screening they think they are auditing.
4. Skill-assessment scoring. Coding tests, writing assessments, simulation exercises scored by AI. The bias mode is subtler and the audit surface is smaller. Several active investigations in this segment have not yet produced public filings.

What Should an HR Leader Do This Quarter?

1. Inventory every tool in your hiring stack that uses AI to rank, score, screen, or filter candidates. The inventory will be longer than expected.
2. For each tool, request the most recent bias audit. If the audit is more than twelve months old or was paid for by the vendor, treat it as not having an audit.
3. Add an indemnification clause to your next renewal. Make it specific to discrimination claims. The vendor's pushback will tell you what you need to know.
4. Track the demographic outcomes of your hiring pipeline at the stage level, not just at the offer stage. The drop-off where the AI sits should not be the stage where your demographics narrow disproportionately.
5. If you operate in NYC, Illinois, or Colorado, make sure the published bias audit and the candidate disclosure language match the state requirement word for word. The fines are small. The discovery exposure in a follow-on lawsuit is not.

Why Will This Be Bigger in Two Years?

Three forces are compounding. The class actions are moving through discovery and producing public evidence that other plaintiffs will reuse. The state laws are accumulating, and at some point a federal preemption attempt will produce either harmonised federal rules or a sharper patchwork. And the AI tools themselves are getting more autonomous, which means the screening step that used to be one filter in a longer pipeline is becoming the pipeline.

The buyer who treats "the vendor will handle compliance" as a complete answer in 2026 is the buyer who will be named in a class action in 2027. The vendor is not the employer. The employer is the employer.

What Does a Good Vendor Look Like Right Now?

1. Publishes a recent bias audit, by a named third-party auditor, with the methodology in detail.
2. Will sign a discrimination indemnification clause, even at a capped level.
3. Provides per-cohort demographic outcome data on request, at the buyer's reporting cadence.
4. Commits to a re-audit at the buyer's request, at the vendor's cost, with the buyer's auditor.
5. Has a public model card that names the features the screening model uses and the protected characteristics it explicitly does not.

Roughly zero current vendors meet all five. The vendor that meets three is the vendor to start with. The vendor that meets fewer than two is the vendor whose contract is about to be the contract your legal team wishes you had read more carefully.

What Is the One-Sentence Takeaway?

Algorithmic hiring tools are a regulated category in slow motion, and the buyer who treats the vendor's bias-audit certification as compliance is the buyer who finds out, in a deposition, that compliance was their problem all along.