Is my client an inadvertent spammer?
October 22, 2014 3:23 PM Subscribe
Can an employer give out an employee's personal email address to a benefit provider?
One of my clients is a benefit provider and I am concerned they may be in dangerous territory, spam-wise. They regularly communicate with client employers. They now want to begin issuing benefit communications directly to employees, with the employer permission. About 75% of these employers give my client permission to do this via employee work e-mail addresses, no problem. But about 25% of the employers don't have work emails for all employees and have been supplying my client with private email addresses for these employees -- gmail, hotmail and the like.
My question is this: could e-mailing to these private addresses be considered spam? The employer may have permission to send email to the employee's personal account, but can they extend that permission to an authorized third party?
My thinking is nope; My client's account service team says yes, we would be under the employer's aegis and the employees opted in to the employer. But would that hold up under Can SPAM Act? I am looking for something more than just opinions to bring to my client: documentation or a link or at the very least, experience-based opinions. Have any of you run into a similar situation?
One of my clients is a benefit provider and I am concerned they may be in dangerous territory, spam-wise. They regularly communicate with client employers. They now want to begin issuing benefit communications directly to employees, with the employer permission. About 75% of these employers give my client permission to do this via employee work e-mail addresses, no problem. But about 25% of the employers don't have work emails for all employees and have been supplying my client with private email addresses for these employees -- gmail, hotmail and the like.
My question is this: could e-mailing to these private addresses be considered spam? The employer may have permission to send email to the employee's personal account, but can they extend that permission to an authorized third party?
My thinking is nope; My client's account service team says yes, we would be under the employer's aegis and the employees opted in to the employer. But would that hold up under Can SPAM Act? I am looking for something more than just opinions to bring to my client: documentation or a link or at the very least, experience-based opinions. Have any of you run into a similar situation?
Response by poster: ftm, it is promoting service availability but there is no money involved. The benefit is 100% paid for by the employer.
posted by madamjujujive at 3:33 PM on October 22, 2014
posted by madamjujujive at 3:33 PM on October 22, 2014
Best answer: Take a look at this FTC guide - it specifically says:
The primary purpose of an email is transactional or relationship if it consists only of content that . . . provides information about an employment relationship or employee benefits . . .
I'm not sure if that helps, but the guide is fairly informative.
posted by insectosaurus at 3:45 PM on October 22, 2014
The primary purpose of an email is transactional or relationship if it consists only of content that . . . provides information about an employment relationship or employee benefits . . .
I'm not sure if that helps, but the guide is fairly informative.
posted by insectosaurus at 3:45 PM on October 22, 2014
At my work (100k+ employee) email address I've gotten shady, spam looking emails from "benefits" that hr sold us out to. Im annoyed at those, but I'd be pissed if they got sent to my private email account. You can't control what shady 3rd parties do with email lists (like resell it).
I'm sure the employer can give out the personal email addresses, but unless its for a core benefit (healthcare, 401k, etc) benefit, they shouldn't. Plus any incoming benefit email should be viewed as highly targeted phishing, so its a bad idea.
posted by TheAdamist at 5:41 PM on October 22, 2014
I'm sure the employer can give out the personal email addresses, but unless its for a core benefit (healthcare, 401k, etc) benefit, they shouldn't. Plus any incoming benefit email should be viewed as highly targeted phishing, so its a bad idea.
posted by TheAdamist at 5:41 PM on October 22, 2014
Response by poster: Thank you for your comments, folks; insectosaurus, that was most helpful.
posted by madamjujujive at 6:25 PM on October 29, 2014
posted by madamjujujive at 6:25 PM on October 29, 2014
This thread is closed to new comments.
posted by ftm at 3:28 PM on October 22, 2014