Under the CCPA, can a conference organizer transfer personal information of attendees to sponsors?

Bryan Cave Leighton Paisner


Conference and event organizers often provide lists of conference attendees to third parties that sponsor (or exhibit at) the conference.  While nothing within the CCPA prohibits such information from being shared, the transfer of information may, or may not, be considered a “sale” depending upon the following factors:

  1. Did the sponsor or exhibitor provide consideration for the data? The CCPA defines “sale” to include the disclosure of personal information by one business to another “for monetary or other valuable consideration.”1  To the extent that the motivation of a business to sponsor a conference is not related to the receipt of personal information (e.g., brand recognition, speaking opportunities, etc.) they may be able to argue that the receipt of personal information was ancillary to their sponsorship and because such information was not the object of the consideration provided, consideration was not tendered for it.
  2. Did the sponsor or exhibitor obtain the consent of the attendees to have their information shared? The CCPA exempts from the definition of “sale” situations in which a consumer “directs the business to intentionally disclose personal information or uses the business to intentionally interact with a third party . . . .”2  As a result, if a conference organizer asks for, and obtains the consent or authorization of conference attendees to share their information with sponsors or exhibitors there would be a strong argument that the information was not sold. 

For more information and resources about the CCPA visit http://www.CCPA-info.com. 

This article is part of a multi-part series published by BCLP to help companies understand and implement the General Data Protection Regulation, the California Consumer Privacy Act and other privacy statutes.  You can find more information on the CCPA in BCLP’s California Consumer Privacy Act Practical Guide, and more information about the GDPR in the American Bar Association’s The EU GDPR: Answers to the Most Frequently Asked Questions.

1. Cal. Civ. Code § 1798.140(t)(1).

2. Cal. Civ. Code § 1798.140(t)(2)(A).

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Bryan Cave Leighton Paisner | Attorney Advertising

Written by:

Bryan Cave Leighton Paisner

Bryan Cave Leighton Paisner on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.