More and more companies have been considering engaging in marketing campaigns that involve “address book scraping,” in which a user is asked to import his contacts (i.e., the e-mail addresses he has stored in his e-mail account address book) into his social networking Web site or other online service so that a message can be sent to those contacts inviting them to join the social network or to participate in a joint offering of the company and its partner. In some cases, the user is asked to provide the username and password for his e-mail account so that the import can be done transparently.
There are a number of things to look out for in connection with these campaigns:
• Transparency. Some of these programs have not made it clear enough to users that when they import their contacts, messages will be sent to those contacts. In some cases, this explanation has been buried within terms and conditions that are not actually read by the user. In one case, social network reunion.com suffered bad publicity in connection with this sort of campaign.
• Unsolicited, Deceptive E-mail. The recipients of marketing e-mails may also object to being targeted through these means. In a suit against reunion.com, a recipient of a marketing e-mail that was sent using an e-mail address that was taken from a user’s address book alleged that the e-mail she received was deceptive because it purported to be from her friend when, she alleged, it was really from the social network service, and sent without her friend’s informed consent. (Although the plaintiff’s initial pleadings have been dismissed on federal pre-emption grounds, the plaintiff has been given leave to amend her pleadings.)
• Deceptive Sales Tactics. In a similar case, another social networking service, classmates.com, was recently sued in a class action alleging that the service deceptively enticed users to pay for a “Gold Membership” with the promise that the users’ friends were trying to connect with them.
What should you look out for when assessing this type of campaign?
• Make sure that the user will be conspicuously informed that his address book contacts will be uploaded into his social networking account and that messages may be sent to those contacts
• Be wary of programs that solicit users to provide the username and password for their e-mail accounts – a heightened standard of consent may be warranted
• Make sure that the user provides informed consent for messages to be sent to the e-mail addresses in his address book
• Make sure that the e-mail messages that are sent comply with the Federal CAN-SPAM Act and are not fraudulent or deceptive
Your agreement with your partner should establish these points, and should provide a strong indemnification in the event that the program goes awry. Of course, even an indemnification provision would not shield your company from the negative publicity that would result from a poorly administered campaign.