Go to navigation Go to content
Phone: 949-752-7474
Allen, Flatt, Ballidis & Leslie, Inc.

Should the Song-Beverly Act Apply to Online Commerce?

In 1971, the Song-Beverly Credit Card Act was passed in California in an attempt to protect consumer privacy, explains a California personal injury lawyer. Among its provisions, the Song-Beverly Act prohibited retailers from recording a customer’s personal identifying information as part of a credit card transaction.  Personal identification information is defined as any information concerning the cardholder other than the information found on the credit card. This information includes the customer’s address and his or her telephone number. 




Despite this 1971 mandate, retailers today routinely ask for personal information about cardholders. In 2011, the practice of one retailer led to legal action. The case was called Pineda v. Williams Sonoma Stores. William Sonoma had been asking for customer zip codes when a customer used a credit card and the court held that this was a violation of the act. 




According to the court in Pineda, personal identification information should be broadly interpreted in order to fulfill the privacy protection goals inherent in the act. As such, the stores were breaking the law in collecting zip codes, especially as the information was not necessary to verify credit card purchases. 




Following the verdict in Pineda, The Los Angeles Daily News reports that dozens of class action lawsuits were filed against retailers. These lawsuits also extended to online retailers including Apple, eHarmony and Ticketmaster. Apple, for example, requires users to provide not just their credit card information but also their addresses and telephone numbers in order to create an iTunes account and download from iTunes. 




A trial judge agreed with the plaintiffs that Apple and the other online retailers named in the class actions should be subject to the act’s rules. As a result, Apple, Ticketmaster, and eHarmony all petitioned the California Supreme Court to review the lower court’s ruling. Wal-Mart and eBay also submitted amicus curiae briefs. 




The controversy over whether Song-Beverly should apply to online commerce centers around whether online retailers need to ask for personal information to verify that a user is authorized to actually use the credit card. 



Advocates of the act contend that the information is collected not just for purposes of verifying credit card information but also for marketing reasons. When the act was updated in 1991, they argue, credit card payments over the telephone were common. Despite this, there was no exception made for these retailers, who also would not have had the ability to check ID face-to-face.  




Those arguing that the act should not apply to online commerce can liken ecommerce to gas station transactions. Gas station owners are allowed to require zip codes to use credit cards at gas pumps because this information is necessary to detect fraud. The act was amended by the California Legislature in 2011 to recognize the rights of gas station owners to collect information since their legitimate need to prevent fraud outweighed the risk of recording customer zip codes.  




The consumption of gas and the consumption of an online song can be viewed as similar, because both are “immediate” and don’t require shipment or delivery as most telephone orders did.  Ecommerce retailers, it can thus be argued, also need to collect information to prevent fraud. 




Attorneys for Apple also point to Section 1747.08 of the Song-Beverly Act, which allows retailers to require “reasonable forms” of positive identification. This section attempts to establish a balance between privacy and fraud protection. Online retailers have no way of preventing fraud other than collecting personal information. 




At the root of this problem, of course, is that the act was passed at a time when Internet commerce could not possibly have been anticipated. The law will need to evolve with the changing times and, as with gas stations, it is likely that it will give some measure of protection to online retailers to allow them to verify identities and prevent fraud. 




Additional articles on legal issues concerning online privacy are available to the public free of charge through our office’s Preferred Friends and Clients Program.




If you would like to request one of these free resources, or to discuss a specific legal matter with a California personal injury lawyer, feel free to call 866-981-5596. 

Live Chat