Interesting opinion from the Supreme Court of California that a zip code may constitute “personal identification information.” From Pineda v. Williams-Sonoma Stores:
The Song-Beverly Credit Card Act of 1971 (Credit Card Act) (Civ. Code, § 1747 et seq.) is “designed to promote consumer protection.” (Florez v. Linens ’N Things, Inc. (2003) 108 Cal.App.4th 447, 450 (Florez).) One of its provisions, section 1747.08, prohibits businesses from requesting that cardholders provide “personal identification information” during credit card transactions, and then recording that information. (Civ. Code, § 1747.08, subd. (a)(2).)
Plaintiff sued defendant retailer, asserting a violation of the Credit Card Act. Plaintiff alleges that while she was paying for a purchase with her credit card in one of defendant‟s stores, the cashier asked plaintiff for her ZIP code. Believing it necessary to complete the transaction, plaintiff provided the requested information and the cashier recorded it. Plaintiff further alleges that defendant subsequently used her name and ZIP code to locate her home address.
We are now asked to resolve whether section 1747.08 is violated when a business requests and records a customer‟s ZIP code during a credit card transaction. In light of the statute‟s plain language, protective purpose, and legislative history, we conclude a ZIP code constitutes “personal identification information” as that phrase is used in section 1747.08. Thus, requesting and recording a cardholders ZIP code, without more, violates the Credit Card Act. We therefore reverse the contrary judgment of the Court of Appeal and remand for further proceedings consistent with our decision.
h/t, Chris Hoofnagle