You know those big email disclaimers people send? They sit below their signature and usually look something like this:
The information we just sent you is confidential and only meant for the recipient, if we sent it to you in error then we assume no responsibility for violating privacy laws and you have to delete it. Also, this email was sent by an employee and we take no responsibility for anything our employees say or do. Even though we are professionals, this email is not advice and we assume no responsibility for instructions we give. This also isn’t a contract so even if we agree to do something here in writing, it doesn’t count. Finally, we probably just sent you a virus that’s going to obliterate your organization, we take no responsibility for that.
Okay, so as you can see I’m being a tad hyperbolic (gotta’ stay on brand 😉), but they all tend to be a big block of text saying “blah, blah, blah, not our fault.”
Now, here is my disclaimer: I’m not a lawyer, and my studies were in criminal law when I received my Bachelors in Justice Studies and Masters in Criminal Justice, not civil or contract law. With that out of the way, I am a Data Protection Officer who reviews reports from court cases and investigations, and what I can tell you is that contracts are never entirely unilateral… both parties have to agree to the terms. Similarly, you can’t really do “ex post facto,” which is simply to apply something binding after the fact.
The problem with disclaimers
Herein lies the rub: the recipient is not entering into a contract just by receiving an email and you can’t tell them the ramifications after you already did it via a disclaimer. Furthermore, if your actions indicate a particular intent, you can’t void that intent via a disclaimer. In short: you can’t punch somebody in the nose then hand them a note that says “you assume all responsibility as a result of my fist having just met your face.”
So how do you protect your church? If you can’t just slap down a disclaimer, then what should you actually focus on doing?
The real solution to the liability problem
The solution is actually having policies and training for staff that covers:
- Confidentiality
- Cybersecurity
- Communications
Policies and training are always looked at as mitigating factors when liability comes into play. They certainly get listed as mitigating factors during data breach investigations and court cases and I’ve seen fines entirely waved at organizations with good policies and training. Policies and training come together to show that you aren’t just saying things at the bottom of an email, but that you are actively taking steps to prevent harm.
The people involved in policy and training will usually be IT, HR, a Data Protection Officer, and legal counsel. Shameless plug: we provide policy and training packages to our clients to help them reduce their risks and meet compliance obligations. 😎
Replacing the disclaimer
The space below your signature is actually prime real-estate. When people skim an email they will often stop and read any P.S. or P.S.S messages below the signature. That makes it an ideal spot for moving people toward discipleship actions like signing up for a small group. It’s also a great spot for advertising upcoming events or initiatives. Or, it’s a spot where you can simply summarize the email in a way that entices people to head back up and read it thoroughly.