Protecting Attendee Information

Sometimes, privacy concerns must outweigh marketing needs

While managing the registration for an upcoming conference, the most powerful marketing tool is flowing directly into the registration database attendees’ e-mail addresses. 
    Every one of your exhibitors, suppliers and sponsors (not to mention others with less savory intent) would love to get their hands on that rich information. Yet, considering all of the current e-mail privacy issues, your obligation is to protect the personal data of your attendees.
How do you balance this privacy with the needs of those companies or organizations that, aside from providing the bulk of your revenue and helping you afford the special touches that make your meetings memorable,  are willing to pay good money for the e-mail addresses of your attendees? It’s not easy.

Putting up the wall
First you need to remove any access to attendee e-mail information from your registration site and general website or, at the very least, be sure to move those lists behind a secure firewall with a log-in and verification required for access. 
    When you move the addresses or directories behind the firewall, ask for more than just an e-mail address as a log-in; require a user name and a password. 
    I’ve spoken with many organizations in the past year about how to make access to their online registration and members-only sections as easy as possible but too easy means too open, and you have an obligation to protect this information. So your members will have to remember a log-in ID and a password, but if you explain that this also helps protect their information from falling into the wrong hands, they will understand. 
    To further protect your organization and information, add an opt-in check-box asking permission to use attendee e-mail addresses on all applications or registration forms you send out. Have users check the box to indicate they approve of your providing their information to partners or affiliated suppliers, but make sure you have some verbiage clearly stating that by leaving the box checked they are providing you with permission to use their information. This way your organization will be covered legally in the event someone isn’t happy about the distribution of their personal data.

Block spam-blockers
This might seem like much ado about nothing, but it is quite simple for a spammer to hijack a list of e-mail addresses, spoof (meaning “falsely assume the identity of”) your organization and spam the list. Not only will your attendees or members be upset that you let their addresses be hijacked, but all communications from your URL or your e-mail server might be blocked by the spam filters that most organizations now are deploying to protect their servers from unwanted clutter and viruses. Indeed, if your URL or server is blocked, your organization loses access to its own marketing list.
    This practice spreads virally: Once your URL is listed by an organization in a spam-blocking tool, it gets communicated to other spam-blockers. Soon, more of your e-mails are being returned or blocked than are getting through.

Take the hard line
Just as we have had to adjust our purchasing habits to protect our personal credit, we also need to adjust how we handle access to the contact information for our attendees and members. Some organizations have taken this to the point of including clauses in employment agreements that provide for immediate dismissal if, through an individual’s efforts or actions, contact information about attendees or members is disclosed.