Debra’s company hosted a lead generation webinar that included a guest speaker. The speaker asked for a copy of the contact list generated from the webinar, since he helped generate the leads. Debra wants to know if there are legal implications to sharing the leads — and either way, what are best practices and guidelines in this area.
Standard disclaimer here: I am not a lawyer and my understanding of the legal implications of any business process is to be discounted, disregarded, disputed, and disparaged.
Your self-study resources include:
* Full text of the CAN-SPAM Act of 2003 (21 pages)
* FTC Summary of the CAN-SPAM Act for businesses (1 page)
* ConsumerPrivacyGuide.org
My read on the subject seems to indicate that there is no breach of the CAN-SPAM law inherent in the process of sharing the leads with your partner. Of course both of you have to adhere to the basic tenets of the Act. That means things like allowing recipients to opt out of further communications from you, not mailing to people who have opted out in the past, and not using deceptive subject lines to fool people into reading your email. So far, so good.
But there is an interesting subtlety in the rules that might pertain here… According to the shorter FTC summary for businesses, “You cannot help another entity send email to that address
This means you have to pre-screen all collected leads against your opt-out list before forwarding them. Don’t just send over the full registration list!
The other legal question is whether you are violating privacy laws by sharing the information your leads provide you with. I was surprised to see on the Consumer Privacy Guide web site that “there is no national law protecting the privacy of your information” – although some federal and state laws offer specific protections that vary depending on your location and type of data collected. For instance, school records, financial information, health data, and so on have privacy laws.
But if your company has a posted privacy statement on the web site or in statements mailed to customers (as many companies do), you have to comply with your own policies. If you say you don’t share information, you can’t break the rules just because the webinar is “a special case.”
So much for the legalities. How about best practices? A fundamental step in your earliest planning for a lead generation event that involves a guest speaker is to reach an explicit agreement on lead sharing. If you have a policy statement that prohibits sharing information collected on your web site, you have to tell the partner up front that you can’t and won’t share the registration list.
If the partner wants a shot at those people, he needs to create an opt-in opportunity for them to specifically request contact. I often do this on a post-event feedback form. Add new fields for contact information and a checkbox that very clearly asks whether the respondent would like contact or communications from the guest speaker’s company. Now you can share just those opt-ins in good conscience. If anybody complains about email they receive, you have an electronic record of their request for it.
If you have no conflicts with your company’s privacy policy or with legal opt-out requirements, you may choose to share your registration leads with your partner. In this case, it is conscientious and polite to put a statement on your registration form stating that information will be shared by both parties and may be used to contact the registrant.
Transparency and honesty in your dealings with new contacts is the right way to do business. If they are coming to a public, free event and are asked to provide all their contact information, they know what’s up. Don’t try to dance around it and pretend you aren’t going to use the information. If you aren’t going to use it, don’t ask for it!
Feel free to add your comments or additional pointers on privacy laws. We can all stand to learn more about this important topic.
From Ken Molay