Copyright 2009. All rights reserved.
In a decision of first impression, United States District Judge Alicemarie Stotler has ruled that California Civil Code Section 1747.08 - prohibiting retailers accepting credit cards from requesting or requiring a consumer to provide personal identifying information - does not apply to online transactions.
The ruling comes as part of the denial of class certification in a putative, hemisphere-wide class action against Symantec Corporation and its internet reseller, Digital River, Inc. Don Saulic v. Symantec Corporation and Digital River, Inc., SA CV 07-610 AHS (PLAx). Robins, Kaplan, Miller & Ciresi L.L.P. represents Digital River in the matter.
Part of California's Song-Beverly Credit Card Act, Civil Code Section 1747.08 prohibits retailers from requesting or requiring a customer to provide "personal identifying information" as a condition of accepting a credit card as payment. The Act also prohibits retailers from using credit card forms with preprinted spaces specifically designated for filling in the customer's personal identifying information. Plaintiff claimed that the Act was violated by requiring him and the other putative class members to input their names, addresses, telephone numbers and e-mail addresses into the defendants' website prior to accepting credit cards for payment.
In moving for class certification Plaintiff argued that consumer credit card transactions are covered by the Act regardless of whether they occur in a brick-and-mortar store or over the internet through some form of e-commerce.
However, on January 5, 2009, the Court disagreed with plaintiff's assertions, and denied the Motion for Class Certification finding that Section 1747.08 does not apply to transactions conducted over the internet. The Court noted that the express language of the statute does not mention the internet, that the legislative history does not suggest the Act was intended to apply to internet transactions, and that the public's interests in preventing fraud and protecting consumers' private information compel the conclusion that the statute does not apply to internet transactions. According to the Court, "The purpose of the Act appears to be to protect consumer privacy in the course of a retail transaction, and ... the Act was specifically passed with a brick-and-mortar merchant environment in mind." The Court refused to extend the Act's application beyond that context. The Court concluded that internet transactions are fundamentally different and raise unique fraud and security concerns that are absent from traditional brick-and-mortar retail transactions. The Court concluded that "[i]n keeping with the precedents finding that refund transactions are outside the category of transactions covered by the Act because of the unique fraud concerns created by those transactions, the Court also finds online transactions are not encompassed within the Act."
The articles on our Website include some of the publications and papers authored by our attorneys, both before and after they joined our firm. The content of these articles should not be taken as legal advice.