The Secure Times

An online forum of the ABA Section of Antitrust Law's Privacy and Information Security Committee

California Amends Song-Beverly Act

Leave a comment

California recently amended its Song-Beverly Act (“Act”) to include a specific exception from its prohibition on collecting personal information during a credit card transaction. This exception allows collection of personal information (such as a zip code) by businesses in certain pay at the pump scenarios.   This law was filed with the Secretary of State on October 9, 2011, and went into effect immediately. This amendment was enacted as a result of the California Supreme Court’s decision in Pineda v. Williams Sonoma in February of this year. Our coverage of this decision can be found here.

Litigation continues in California in the aftermath of the Pineda decision. In August, the Superior Court of California, County of San Francisco, held that the prohibition on collecting and recording personal information under the Act did not apply to online transactions in Gonor v. Craigslist, concurring with an earlier federal court decision from 2009 (See Saulic v. Symantec Corp.)

Litigation has also been filed in other states that have laws similar to the Act. In Massachusetts, suit was filed against Michael’s stores in May. The plaintiff alleged that she made a purchase at a Michael’s store with her credit card, and provider her zip code during the sales transaction. She asserted that Michael’s then combined her zip code with other information to obtain her home address and sent her marketing materials. Plaintiff argues that this practice violates Mass. Gen Laws ch. 93 s. 105.

Similarly in New Jersey, suits have been filed in state and federal court regarding the collection of zip code at the point of sale. Plaintiffs argue that this practice violates NJSA 56:11-17. In September, a state court judge allowed a suit to move forward against Harmon Stores.  However, a federal judge came to the opposite conclusion about a week later and dismissed a class action based on this law.   For businesses that collect zip codes or personal information during credit card transactions, this issue will continue to be one to watch.

Author: Heather Enlow-Novitsky

VP, Assistant General Counsel, Bank of America Merchant Services

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s