Information Today, Inc. Corporate Site KMWorld CRM Media Streaming Media Faulkner Speech Technology Unisphere/DBTA
Other ITI Websites
American Library Directory Boardwalk Empire Database Trends and Applications DestinationCRM EContentMag Faulkner Information Services Fulltext Sources Online InfoToday Europe KMWorld Library Resource Literary Market Place Plexus Publishing Smart Customer Service Speech Technology Streaming Media Streaming Media Europe Streaming Media Producer Unisphere Research

For commercial reprints or PDFs contact Lauri Weiss-Rimler (

Magazines > Marketing Library Services > March 2021

Back Index Forward
MLS - Marketing Library Services
Vol. 35 No. 2 — Mar/Apr 2021
Yes, Itís Legal to Email Patrons
by George H.Pike

Resources for Librarians

Wikipedia: Privacy Laws of the United States

Federal Trade Commission’s CAN-SPAM Act: A Compliance Guide for Business

Text of the CAN-SPAM Act (Title 15 of the U.S. Code, Sections 7701–7713)

Illinois Library Records Confidentiality Act (Chapter 75 of the Illinois Compiled Statutes, Part 70)

ALA’s State Privacy Laws Regarding Library Records (list of links to state laws)

ALA’s Privacy and Confidentiality Q&A

There are a number of email best-practice “guides” available, but many of them come from marketing or email software companies, so they have some bias or they’re less applicable to library practices. However, the sites below seemed particularly helpful, and I referenced them in preparing this article. —G.P.

CoSchedule’s 20 Email Marketing Best Practices That Will Improve Results

HubSpot’s 17 Email Marketing Best Practices That Actually Drive Results

OptinMonster’s Email Marketing Made Simple: A Step by Step Guide [+ Examples]

I recently bought a pair of shoes at a local chain retailer. When I checked out, I was asked if I wanted to join the store’s loyalty program and get a discount and notifications of future discounts. I’m a pretty frugal person who always likes a good discount, so I said yes, provided my email address, and bought my shoes. By the time I got home, I had received an email urging me to take advantage of a different discount and buy more shoes. I know there are some (many?) who buy more shoes than I do, but 20 minutes later?

Libraries and shoe stores operate in different market niches but share a similar need for marketing. They both have an inventory they want to make available to a customer base of regular and occasional users and an interest in reaching out to non-customers. If anything, libraries have a stronger motive for marketing because, beyond their inventory of books and resources for lending, they have equally valuable services to promote. These include the skills and knowledge of reference librarians, new resources, and events aimed at a variety of patron groups.

While this article should not be considered legal advice, I am a law librarian who directs a university law school’s Legal Resource Center. I’m also a legal researcher and writer and have been a law school instructor for more than 30 years. I’m confident in my overview of the legal issues surrounding privacy law and using patrons’ email addresses for marketing communication.

Keeping Your Emails Legal

Email can be a valuable—or annoying—marketing tool for anyone promoting a product or service. However, some librarians have been reluctant to interact with their patrons via email. There is uncertainty: Is it legal? Will it be considered spam? What can be put into an email? And the key question might be, will email marketing communication benefit both the library and the patron?

When people think about email spam, their first reaction is that it violates recipients’ right of privacy. Privacy laws in the U.S. are a combination of common law (law that has evolved over time and history through the decisions of judges) and statutory law (laws that are enacted by Congress and the state legislatures).

Common law privacy rights have evolved since the late 1800s and are largely driven by an attempt to prevent intrusions into one’s “solitude” and to preclude the public disclosure of private facts. However, as the law has developed, a key distinction has focused on information that one person discloses to another. To the extent that one person shares information with another, that information loses most or all of its privacy protection. Even when the information is disclosed as part of a business or similar transaction, such as signing up for Amazon deals, retail loyalty programs, or library cards, people are considered to have “shared” that information, and so it loses much of its privacy protection.

However, the federal and state legislatures have stepped in to address privacy in various circumstances. Two areas of interest to libraries are the CAN-SPAM Act, passed by Congress in 2003, and various state laws covering the confidentiality of library records (for example, the Illinois Library Records Confidentiality Act).

The CAN-SPAM Act was passed in response to complaints about unsolicited email, particularly unsolicited adult-oriented email. The act is not an outright ban on unsolicited email, but it requires unsolicited commercial email to provide specific information and to avoid using false or deceptive information. As long as the email is clear, is not misleading, is identified as an advertisement or promotion, provides an accurate business address, and has an opt-out provision, it will generally comply with CAN-SPAM.

Library records confidentiality laws arose in the 1960s and 1970s in response to stories of federal and state law enforcement agencies wanting to obtain checkout records of activists, protesters, and alleged communists. Using the Illinois Library Records Confidentiality Act as an example, these laws generally require that “the registration and circulation records of a library are confidential information.” The law goes on to say, “No person shall publish or make any information ... available to the public.”

Many librarians have been concerned that a patron’s email address is considered part of the registration record and is confidential. Most states would say that yes, it is part of the registration record and is covered by the state law. However, in sending an email about library activities or services, you are neither “publishing” the email address nor making it “available to the public.” The one-on-one nature of the email interaction would not be considered publishing in that the email address is only disclosed to the patron who provided it.

It is fair to say, however, that library confidentiality laws limit certain actions like selling or marketing an email list to a third party such as a database vendor or service that might want to communicate directly with the patron. This occasionally happens in the law library where I work, when vendors ask us to provide student email addresses to them. In our case, this not only violates library confidentiality laws, but also the Family Educational Rights and Privacy Act (FERPA).

Follow Best Practices

While neither common law nor statutory law prohibits the use of email to market library services to patrons, each creates some level of regulation and best practices that librarians should consider. ALA provides a Privacy and Confidentiality Q&A webpage on privacy best practices. In its discussion on the use of “circulation or registration information,” it suggests that notice should be given and that people be asked to “opt-in” to having libraries use their email addresses. This goes further than the CAN-SPAM Act, which only requires that an “opt-out” be provided.

There are other recommended practices about using email for marketing and other communications. Some track the requirements of CAN-SPAM and other laws, while some are simply good business recommendations. Chief among them is, DON’T SPAM!!! with all caps and exclamation points.

Also consider doing a review of the email before sending it. Perhaps review it by sending it to yourself or a colleague, so you can see it as the real recipients will see it (including on mobile devices). Be sure to include your physical library address and an “unsubscribe” button in your email as required by CAN-SPAM.

The email marketing community also offers best practices, including the following:

  • Carefully schedule and time your email blasts to make sure they deliver value.
  • Avoid sending emails too frequently.
  • Write clear subject lines.
  • Identify a specific person or department as the sender to help personalize the email. (My suggestion would be to set up a specific email address for the sender or department to use that’s different from the person or department’s regular work email.)
  • Keep the text simple.
  • Keep the focus on the library.

Gathering Email Addresses

If you want to gather more email addresses, you’re not limited to doing it on library card registration forms. Any form your library uses (print or electronic) should have a field for the patron to share an email address. Suggested practices also include having a “subscribe” or similar link on the library website and as part of your blog and social media posts.

To ensure that the patron is certain about their interest, use a “double opt-in” method. A double opt-in is when a person provides an email address, then receives an email with a link he or she must click to confirm that the email address is correct and that they do, in fact, want to receive your messages. However, selling or marketing email lists to third parties may violate state library confidentiality laws. Buying email marketing lists should be avoided for similar reasons.

Use Common Courtesy

Developing and implementing an email communication plan is a common, widespread, necessary, and legal part of library marketing. Staying legal requires little more than adhering to the common courtesies and expectations that are already part of the lifeblood of libraries. Focus on the patrons and treat them with respect and courtesy.

George H. PikeGeorge H. Pike is senior lecturer of law and director of the Pritzker Legal Research Center at the Northwestern University Pritzker School of Law in Chicago. He holds a J.D. degree from the University of Idaho College of Law and an M.L.S. from the University of Washington Graduate School of Information Science. A former practicing attorney in Idaho, Pike has been an academic law librarian for more than 30 years. As an instructor, he has taught basic and advanced legal research, copyright law, intellectual property law, and information privacy law. For the last 20 years, he has written the Legal Issues column in Information Today, as well as book chapters, legal and librarianship articles, and legislative testimony, and he’s spoken at law and library conferences and workshops around the country. His email address is

       Back to top