Media Mentions

Credit Card Privacy Class Action Lawsuits Back With a Vengeance

February 23, 2011

Does your company accept credit cards for payment? If so, watch out. You might be the next defendant in the wave of credit card privacy class action lawsuits triggered by the California Supreme Court’s decision this month in Pineda v. Williams-Sonoma Stores, Inc.

In the 12 days since the Pineda decision was handed down, over two dozen new class action lawsuits have been filed against retailers that accept credit card payments.

What’s going on? Overruling lower court decisions, Pineda held that a retailer may violate California Civil Code § 1747.08 if, in connection with a credit card transaction, it requests or requires the customer to provide his or her zip code - even if the retailer does not ask for any further, individually-identifying information.

Under prior law, it was clear that a retailer risked violating Section 1747.08 if it requested individual-specific personal information - such as an address or telephone number. Dozens of class action lawsuits were filed on that basis five or six years ago. But prior to Pineda, the law appeared to allow retailers to request zip code information, without more, because a zip code alone does not identify a specific individual. Many retailers relied - to their detriment - on that apparent safe harbor.

Section 1747.08 provides penalties of up to $1,000 per violation, so it is no surprise that plaintiffs’ attorneys have begun scouring malls, restaurants, and other retail outlets for possible violations. Don’t be next. There are specific steps companies can take to reduce their risk of liability - but the time to act is now, before your company becomes the next target.