Retailers with Sales in CA at Risk of Penalties Following State Court Decision

A recent decision by the California Supreme Court has placed retailers and other businesses that obtain and record personally identifiable customer information during point-of-sale transactions in the state at risk of significant penalties.

Retailers with transactions in California are being named in class-action lawsuits following a February 2011 California Supreme Court decision, Pineda v. Williams Sonoma Stores, Inc. The decision found that the state’s Song-Beverly Credit Card Act of 1971 prohibits retailers and other businesses engaged in credit card transactions from collecting and recording customer information such as zip codes or any other personally identifiable information not provided by the credit card itself during point-of-sale transactions.

The statute authorizes penalties of up to $1,000 for each transaction that violates the statute. While coverage will depend upon the claimant’s allegations, the loss is likely not covered by a business’ general liability insurance policy.

A retailer may be headquartered anywhere in the country, but only the transactions conducted in the state of California are subject to the statute and its penalties.

Retailers with California transactions, consider the following tips:

• Do not ask for customer zip codes, even if only for marketing or security purposes. Asking for this information is risky.
• If retailers use zip codes for security measures, instead ask to see customers’ driver’s license or other forms of identification, but don’t record the information.
• If a retailer has been recording zip code information, even if only for marketing purposes, seek legal counsel.

Source: The Hartford