In Pineda v. Williams-Sonoma Stores Inc., 2011 Cal. LEXIS 1355 (February 10, 2011), the California Supreme Court addressed the issue of whether a person’s zip code constitutes “personal identification information” under the Song-Beverly Credit Card Act of 1971, Cal. Civ. Code §§ 1747 et seq. (Credit Card Act).

The Court held that it did, and that its holding operated retrospectively, triggering numerous lawsuits since the Court’s decision a week ago.

The Credit Card Act was enacted to protect consumers from unfair business practices during credit card transactions. Relevant to the Court’s decision is section 1747.08 of the Credit Card Act, which prohibits businesses from requiring consumers to provide "personal identification information" during credit card transactions and then recording that information. Cal. Civ. Code, § 1747.08(a)(2).

Pineda brought an action against Williams-Sonoma, asserting violations of the Credit Card Act, unfair competition laws and invasion of privacy, based on the fact that the retailer asked Pineda for her zip code during a credit card transaction, recorded that information, and then used that information to obtain her undisclosed address from a database in order to market its products and sell her private information to other businesses.

Williams-Sonoma argued that a zip code does not constitute "personal identification information" under section 1747.08.

The trial court agreed and the Court of Appeal affirmed, relying on Party City Corp. v. Superior Court (2008) 169 Cal.App.4th 497, which held that a zip code, without more, is not “personal identification information” as defined in the Credit Card Act.

The California Supreme Court disagreed and held that:

personal identification information, as that term is used in section 1747.08, includes a cardholder’s ZIP code.”

In reaching its decision, the Court first noted that section 1747.08, subdivision (b) defines “personal identification information” as

information concerning the cardholder, other than information set forth on the credit card, and including, but not limited to, the cardholder's address and telephone number."

Further subdivision (a) precludes the person who accepts a credit card for business transactions from requesting or requiring

as a condition to accepting the credit card as payment in full or in part for goods or services, the cardholder to provide personal identification information, which the person, firm, partnership, association, or corporation accepting the credit card writes, causes to be written, or otherwise records upon the credit card transaction form or otherwise.”

The Court expressly rejected the lower court’s reasoning that because a zip code pertains to a group of individuals who live within that zip code, and thus not specific to the individual consumer, it is not “personal identification.” The Court reasoned the Legislature intended to include components of the address, such as the zip code.

The Court also emphasized that a zip code, as well as other information that might pertain to individuals other than the cardholder, such as the name of the street where the individual lives, constitutes information that is unnecessary to the sales transaction but that can be used with other information, such as the cardholder's name, to locate the complete address and use it for other business purposes – conduct which is expressly prohibited by the Credit Card Act.

The Court enunciated several reasons for adopting a broader reading of the term “personal identification information.” A broader interpretation:

  1. is consistent with the general rule that “courts should liberally construe remedial statutes in favor of their protective purpose.”
  2. is consistent with section 1747.08, subdivision (d), which permits businesses to "requir[e] the cardholder, as a condition to accepting the credit card . . . to provide reasonable forms of positive identification, which may include a driver's license or a California state identification card, ... provided that none of the information contained thereon is written or recorded."
  3. was consistent with the Legislative intent of the Credit Card Act, which was “intended to provide robust consumer protections by prohibiting retailers from soliciting and recording information about the cardholder that is unnecessary to the credit card transaction.”

In its concluding sentences, the Court rejected the argument that the statutory penalties that could be imposed under the Credit Card Act rendered the Court’s decision a violation of due process. The Court noted that the amount of the statutory penalty rested within the sound discretion of the trial court and that the Act expressly sets maximum penalties for each violation; thus actual penalties imposed could be negligible.

The Court also rejected the argument that the statute was unconstitutionally vague and thus required prospective application. To the contrary, the Court found that Section 1747.08 provided “adequate notice of proscribed conduct” and that there was no “basis to depart from the assumption of retrospective operation.”

Not surprisingly, since the Court’s decision on February 10, 2011, a flurry of class action lawsuits have already been filed in California and more litigation is expected to follow.