Over twenty major retailers have been sued in class action lawsuits in California for allegedly violating the Song-Beverly Credit Card Act. The claimed offense involves requesting and recording their customers’ zip codes at the point of sale. The issue is whether a zip code constitutes “personal identification information” as that term is defined under the Song-Beverly Act. Recently, for the first time in California, Superior Court Judge Ronald Prager agreed with the defendant retailer that a zip code is not “personal identification information,” and held that requesting and recording zip code information in connection with a credit card transaction is not a violation of the Song-Beverly Act. Pineda v. Williams-Sonoma Stores, Inc. (Oct. 3, 2008) No. 37-2008-00086061.
Song-Beverly provides that no corporation “that accepts credit cards for the transaction of business shall. . . . [r]equest, or require as a condition to accepting the credit card as payment in full or in part for goods or services, the cardholder to provide personal identification information,” which the corporation then records. Cal. Civ. Code § 1747.08(a). The Code further provides: “For purposes of this section ‘personal identification information,’ means information concerning the cardholder, other than information set forth on the credit card, and including, but not limited to, the cardholder’s address and telephone number.” Cal. Civ. Code § 1747.08(b).
Judge Prager analyzed the Song-Beverly Act and reasoned that a zip code is not “personal identification information” for the following reason:
- Language of the statute does not include zip codes:
- Zip codes are not unique to the cardholder or his or her household;
- Zip codes are unlike addresses and phone numbers; and
- Accepting plaintiff’s interpretation that information which is not personal to the cardholder, but leads to information which is, would require the court to read language into the Act which is not present.
- Legislative history does not include scenario alleged:
- The purpose of Song-Beverly, as articulated in Florez v. Linens ‘N Things, Inc., (2003) 108 Cal.App.4th 447, was two-fold: (a) to protect very specific and personal information about a consumer’s spending habits that was being made available to anyone willing to pay for it with increased use of computer technology; and (b) to prevent acts of violence and harassment committed by store clerks;
- The Legislative history does not address the scenario of requesting information, which might lead to the discovery of “personal identification information” through reverse data searches, as the plaintiff alleged; and
- There was no allegation that any violence or harassment of consumers occurred.
- Absurd result if zip codes were included within the meaning of "personal identification information":
- Such an interpretation would improperly broaden the scope of the Song-Beverly Act to include information not specific to an individual, like an area code, city, state, etc.; and
- Such an interpretation would prohibit retailers’ common practice of requesting zip codes to protect consumers against the unauthorized and fraudulent use of credit cards.
The issue is currently pending in the Fourth District of the California Court of Appeal on a writ in Party City Corp. v. Superior Court, No. D053530, but Judge Prager’s decision provides a clear explication of the statute and why he held that requesting and recording zip codes does not violate the Song-Beverly Act.