Header graphic for print
Inside Privacy Updates on Developments in Global Privacy & Data Security from Covington & Burling LLP

Song-Beverly Act Returns to California Supreme Court

Posted in Litigation, United States

Nearly two years ago, the California Supreme Court held that requesting a customer’s ZIP code in connection with a credit card transaction violated the Song-Beverly Credit Card Act of 1971, a statute that prohibits businesses from recording a customer’s “personal identification information” (“PII”) as a condition of accepting a credit card payment.  On Wednesday, the Supreme Court will again be presented with an issue involving the interpretation Song-Beverly:  whether the statute applies to online transactions. 

In Pineda v. Williams Sonoma Stores–decided in early 2011–the Supreme Court held that ZIP codes were PII, and that the defendant had violated Song-Beverly by requesting the plaintiff’s ZIP code during a credit card transaction.  As we’ve previously noted, Pineda launched a wave of putative class action litigation against more than 100 retailers. 

The vast majority of these suits have arisen out of in-person transactions, and several lower courts have dismissed suits alleging violations of the statute in connection with online transactions.  Earlier this year, however, a state trial court refused to dismiss Song-Beverly complaints against Apple, Ticketmaster, and eHarmony, alleging that those companies violated the statute by requesting PII in connection with online credit card transactions.  Apple has now challenged this ruling in the Supreme Court, arguing (among other things) that Song-Beverly should not be read to apply to online transactions because collection of certain PII in the online context is necessary to prevent fraud.  Although Apple’s arguments are strong, the Pineda decision shows that the Supreme Court has a broad view of Song-Beverly’s applicability.  For this reason, we’ll be watching the case closely.