Did California’s High Court “Eviscerate” the Credit Card Privacy Act for Online Retailers?

Wednesday, February 06, 2013

Dissenters in the California Supreme Court’s 4-3 decision Monday on credit card privacy characterized the ruling as permission for retailers to “collect unlimited personal information concerning their credit-card-using customers and sell that information.”

Apple Inc vs. The Superior Court of Los Angeles County and David Krescent did not extend protections that consumers enjoy in brick and mortar businesses to online patrons because of what the majority perceived as a risk of fraud. The court ruled that because online retailers can’t check a consumer’s identification face-to-face, they need safeguards against fraud that unquestionably impinge on consumer privacy.

State law forbids retailers from asking for personal identification information like phone numbers or addresses, although exceptions in the law have been made for purchases at automated gas pumps. That exception was cited by the majority as evidence that the law makes a distinction between the needs of traditional and online retailers.

Dissenters said if Legislators intended for the protection to be that broad, they would have written that distinction into the law. Richard Holder of the Consumer Federation of California told the Los Angeles Times that the ruling was “a gift to online businesses that have demonstrated a callous disregard for customer privacy.”

The lawsuit arose from a complaint by David Krescent, who resented having to give Apple his address and phone number every time he bought and downloaded audio and video files from iTunes. His lawyers argued that Apple was violating the Song-Beverly Credit Car Act of 1971, which is similar to the federal Truth in Lending Act in providing what Justice Joyce Kennard called the “robust” consumer protection at the heart of the law.

Kennard said the high court ruling now “eviscerates those protections by rejecting the plain meaning of the statute,” and relegates the law to the “dust heap.”

Justice Goodwin Liu, who wrote the majority opinion, found the dissenters’ “ominous” comments “eye-catching,” but had trouble fitting the “square peg” of unanticipated online commerce with the “round hole” of existing legislation. She suggested the Legislature revisit the issue.

Justice Marvin Baxter wasn’t buying into the expansive legal theory of square pegs and round holes in his dissent. He said the plain language of the statute was clear and easily conformed to the modern world. Baxter said the majority mistakenly assumed that the law protecting consumers from privacy invasions and risk of fraud automatically extended to retailers.

He said their reliance on “speculation” and “debatable factual assumptions” to carve out an expansive exception for online retailers was wrong and he, too, thought the Legislature was the proper body to address the issue. But unlike the majority, he didn’t think it was the high court’s place to go first.

–Ken Broder

 

To Learn More:

California High Court OK Apple Actions Under Dusty Privacy Law (by Maria Dinzeo, Courthouse News Service)

California High Court Backs Online Retailers in Privacy Battle (by Maura Dolan, Los Angeles Times)

Retailers Can Demand Personal Data for Downloads (by Bob Egelko, San Francisco Chronicle)

Apple Inc. v. Superior Court of California (California Supreme Court) (pdf)

Leave a comment