Tag Archives: Credit Card

Senators Call for Hearing on Data Security in Wake of Target Data Breach

A number of investigations and inquiries, including a call for a hearing in Congress on December 30, 2013, have been sparked by the announcement by Target Corp. that a massive security breach of approximately 40 million of its customers’ credit and debit card accounts used at brick-and-mortar Target stores occurred between November 27 and extending through … Continue Reading

Bed Bath & Beyond Sued Over Zip Code Data

As we previously blogged, in a case concerning retail chain Michaels Stores, the Supreme Judicial Court of Massachusetts (SJC) recently issued a broad ruling regarding the circumstances in which consumers may sue for collection of zip code information during credit card transactions under Massachusetts law.  Two separate putative class actions now have been filed under … Continue Reading

Massachusetts Supreme Judicial Court Issues Broad Ruling on Point-of-Sale Data Collection

In a recent decision, the Supreme Judicial Court of Massachusetts (“SJC”) broadly interpreted a statute that governs the personal information that may be collected by a merchant during a credit card transaction.  The decision, Tyler v. Michaels Stores, Inc., SJC-1145 (Mass. March 11, 2013), was issued in response to three questions that had been certified … Continue Reading

Song-Beverly Act Returns to California Supreme Court

Nearly two years ago, the California Supreme Court held that requesting a customer’s ZIP code in connection with a credit card transaction violated the Song-Beverly Credit Card Act of 1971, a statute that prohibits businesses from recording a customer’s “personal identification information” (“PII”) as a condition of accepting a credit card payment.  On Wednesday, the … Continue Reading

PCI Council Issues Guidance for Mobile Payment Acceptance

Yesterday, the Payment Card Industry Council issued guidance for merchants using smartphones or tablets to accept payments from customers.  The guidance follows up on the PCI Council Chairman’s pledge in February, as reported in this blog, to make mobile payments a top priority.  Payment card readers that can be attached to a smartphone or tablet have become … Continue Reading

Pineda One Year Later

Just under a year has passed since the California Supreme Court ruled that asking for a customer’s ZIP code during a credit card transaction violates California’s Song-Beverly Credit Card Act.  According to media reports, the court’s decision in Pineda v. Williams-Sonoma Stores, Inc. has spurred more than 200 suits against California retailers.  A roundup of … Continue Reading

Senator Rockefeller Requests Information Regarding Visa and Mastercard Data Collection Practices and Proposals

On October 27, 2011, Senator John D. Rockefeller, chairman of the Senate Commerce, Science, and Transportation Committee, sent letters to Visa and Mastercard requesting information regarding the companies’ data collection and aggregation practices and proposals.  An October 25, 2011, Wall Street Journal article outlined various initiatives from the two companies pertaining to online behavioral advertising.  Senator … Continue Reading

Verizon Report Concludes that Industry’s Compliance with PCI Standards Remains Low

In a report released on September 28, 2011, Verizon concluded that only 21 percent of organizations subject to the payment card industry’s data security standards (PCI-DSS) were fully compliant with PCI-DSS.  Verizon’s prior report found that 22 percent of organizations were fully compliant with PCI-DSS.  The PCI-DSS consist of 12 requirements relating to an organization’s information … Continue Reading

PCI Point-to-Point Encryption Standards May Simplify Compliance

Earlier this month, the Payment Card Industry Council (“PCI”) unveiled the first set of point-to-point encryption (“P2PE”) standards designed for providers of P2PE hardware-based encryption and decryption solutions.  P2PE providers develop for merchants point-of-sale hardware such as payment card readers and electronic cash registers that completely encrypt payment card data from the point the card … Continue Reading

California Supreme Court: Retailers May Not Request ZIP Codes During Credit Card Transactions

In a decision with implications for all California retailers, the California Supreme Court ruled [PDF] yesterday that a customer may not be asked to provide his or her ZIP code during an in-person credit card transaction.  At issue in Pineda v. Williams-Sonoma Stores, Inc. was the scope of California’s Song-Beverly Credit Card Act of 1971, Cal. Civ. Code … Continue Reading
LexBlog