[caption id="attachment_32448" align="alignright" width="281" caption="Katherine Philippakis and Brett Greenberg"][/caption]

Retailers throughout the state, including wineries, are rethinking their point of sale protocols after the California Supreme Court’s decision this past February in Pineda v. Williams-Sonoma Stores, Inc. that ZIP codes constitute personal identification information for purposes of the Song-Beverly Credit Card Act.

Since 1971, the Song-Beverly Credit Card Act has prohibited retailers from

requiring consumers to provide personal identification information as a condition to completing a credit card transaction and

then recording that information.

Due to concern that consumers would perceive any request for personal identification as being a condition to credit card use, the Legislature passed an amendment in 1991 extending the prohibition to those situations where retailers request and record personal identification information during a credit card transaction. Courts have interpreted the amendment as prohibiting any request for personal identification information immediately prior to a credit card transaction. The statutory prohibitions have the broad remedial purpose of safeguarding consumer privacy by preventing retailers from exploiting the credit card process to use consumer information without permission.

Notwithstanding these prohibitions, a common practice developed among retailers whereby cashiers would request customers’ ZIP codes at the time of payment. Motivations for this practice were varied. Some retailers would input the customer’s name and ZIP code into a reverse search database to obtain a full address, and then use the address for its own marketing lists or sell the information to third parties, allowing retailers to do the very thing the Song-Beverly Credit Card Act was designed to prevent. Others had more innocuous purposes, such as gathering generalized information about the location of their customers in order to determine where to open new stores.  Regardless of the motivation, retailers assumed that the collection of ZIP codes was not prohibited on the theory that a ZIP code itself is not personal identification information under the statutory definition. A 2008 appellate court decision, Party City Corp. v. Superior Court, endorsed such a theory.

On Feb. 10, 2011, however, the California Supreme Court in William-Sonoma Stores effectively put an end to the collection of customer ZIP codes by retailers during credit card transactions.  Reversing the decision of the appellate court and disapproving of Party City, the Court held that a ZIP code, even though not expressly enumerated in the statutory definition, is personal identification information, and that simply requesting and recording a cardholder’s ZIP code during a credit card transaction may constitute a violation of the Song-Beverly Credit Card Act. While the Court primarily relied on technical statutory interpretation arguments in reaching its decision, the fact that Williams-Sonoma Stores Inc. conducted reverse searches to obtain other personal identification information for marketing and sales purposes was not lost on the Court.

Nevertheless, the Court declined to distinguish between legitimate and illegitimate collection of ZIP codes. The Gap Inc. had filed an amicus brief with the Court justifying its temporary collection of ZIP codes as a tool for determining where to open new stores.  The ZIP codes were apparently not used to obtain other personal identification information, and their collection seemed to pose little threat to consumer privacy. By defining ZIP codes themselves as personal identification information, however, the court appeared to draw adopt a bright line rule rather than introducing the elements of retailer’s intent and end use of the ZIP code into the analysis.

In the wake of Williams-Sonoma Stores, retailers are scrambling to assess their exposure for past practices and refine their current practices to limit exposure in the future. The decision applies retrospectively, meaning that retailers may face civil penalties of up to a $250 maximum for the first violation and a $1,000 for each subsequent violation even if the violations occurred prior to Feb. 10.  Williams-Stores Stores Inc. and other retailers had argued, to no avail, that the penalties resulting from retrospective application could result in the confiscation of entire businesses, especially given the transaction volume of some large retailers and the pooling of plaintiffs in large class action suits.

The issue of damages, however, remains very much unsettled, as it was remanded to the trial court, where its determination rests within the trial court’s sound discretion. The Williams-Sonoma Stores Court practically invited the trial court to award nominal damages by stating that the award could “span between a penny (and even the proverbial peppercorn . . . ) and the maximum amounts authorized by statutes.” Until there is more guidance on the issue of damages, retailers may take some comfort from the one-year statute of limitations, as it will narrow the period for which damages would accrue in large class actions. Depending on the circumstances, certain retailers also may consider asserting the bona fide error defense provided in the Song-Beverly Credit Card Act, although it should be noted that errors of law alone typically do not support a bona fide error defense.

The Williams-Sonoma Stores decision is not expected to have a significant impact on the point of sale protocols of smaller retailers such as wineries.  There are a number of statutory exemptions within that Song-Beverly Credit Card Act that expressly permit the collection of personal identification under certain limited circumstances, such as where a credit card is used as a deposit to secure payment, where personal identification information is used for shipping, or where collection of such information is required by law or contract. These exemptions would continue to apply so that, for example, retailers could take ZIP Code and other personal information when processing an order to be shipped to a customer.

To the extent wineries want to build customer lists or solicit members for wine clubs, they should have the sign up sheets be in an area of the tasting room separate from the point of sale areas (i.e.,, not at bars or cash registers), or they should instruct employees completing sales not to solicit any personal identification information until after the credit card transaction is clearly completed. In either case, wineries should post signs near the point of sale areas that retailers may not request personal identification information (including ZIP codes) as a prerequisite to complete a credit card transaction and that responding to any request for such information is purely voluntary.

To summarize, then, these are the practical steps that wineries and other retailers can take to protect themselves in light of the new ruling:

Place sign-up sheets for mailing lists and customer clubs in a location away from the point of sale area;

Don’t solicit any personal information from customers until after their transaction is clearly completed;

Post tasteful signs near point of sale areas that it is the customer’s choice whether to provide personal information and that retailers may not request and record personal information as a prerequisite to a credit card transaction.

Finally, wineries should note that the new ZIP code ruling does not conflict with their duty to ensure that their customers are of legal drinking age; if the winery needs to ask a customer for identification to prove that the person is over the age of 21 (which is the case for all customers who appear to be less than 30), this is not a violation of the Song-Beverly Credit Card Act because the winery is not recording that information for future use.

Similarly, all retailers may ask customers to provide positive identification (such as a driver’s license) to prove their identity before using a credit card, so long as that information is not recorded.


Katherine Philippakis (kp@fbm.com) is a partner and chair of the wine industry practice at Farella Braun + Martel LLP (www.fbm.com), a San Francisco-based law firm with a wine industry-focused St. Helena office. Brett Greenberg (bgreenberg@fbm.com) is an associate in the firm’s real estate / land use and wine industry practices.