As reported in BNA’s Privacy & Security Law Report, on May 4, 2012, the United States District Court for the Southern District of California granted plaintiffs’ motion for class certification in an action against IKEA U.S. West, Inc. (“IKEA”) under the Song-Beverly Credit Card Act of 1971 (the “Song-Beverly Act”). The suit alleges that IKEA violated the Song-Beverly Act by requesting that cardholders provide their ZIP codes during credit card transactions, and then recording that information in an electronic database. The Court found that the class definition was not overbroad and that IKEA’s practice of requesting ZIP codes demonstrated common questions of law best resolved through a class action.
Plaintiffs’ original motion sought class certification for all persons from whom IKEA has requested a ZIP code in conjunction with a credit card transaction in California since February 16, 2010. The class definition was later revised in a reply brief to exclude individuals whose ZIP codes were requested for a special purpose related to the transaction (such as shipping, delivery, service or installation of products), or individuals who made IKEA purchases using business credit cards.
IKEA contended that the proposed class definition was overbroad because it would include individuals who voluntarily provided their ZIP codes to IKEA in other contexts, such as when they signed up for the IKEA Family reward program, completed in-store promotional forms, or requested direct mailings. The Court found that the Song-Beverly Act does not include an exception that would allow a retailer to ask for personal identification information as a condition of a credit card transaction from customers who previously (or subsequently) provided any personal information to the retailer. According to the Court, such an exception would undermine one of the Song-Beverly Act’s goals of preventing store clerks from obtaining consumers’ personal identification information.