BILL ANALYSIS ��
SENATE JUDICIARY COMMITTEE
Senator Noreen Evans, Chair
2013-2014 Regular Session
SB 383 (Jackson)
As Amended April 1, 2013
Hearing Date: May 7, 2013
Fiscal: No
Urgency: No
TH
SUBJECT
Credit Cards: Downloadable products: Personal information
DESCRIPTION
Existing law prohibits a person or entity that accepts credit
cards for the transaction of business from requesting, or
requiring as a condition of accepting the credit card, that a
cardholder provide his or her personal identification
information, except under certain circumstances.
Notwithstanding these prohibitions, existing law authorizes a
person or entity that accepts credit cards to require the
cardholder to provide reasonable forms of identification, which
may include a driver's license or a California state
identification card, as a condition of accepting the credit
card, provided that personal identification information is not
written or recorded in the process.
This bill would authorize a person or entity that accepts credit
cards as part of an online transaction involving an
electronically downloadable product to require a cardholder, as
a condition of accepting a credit card as payment for goods or
services, to provide the billing ZIP Code and the numerical
portion of the street address associated with the credit card,
to be used solely for the prevention of fraud, theft, or
identity theft. This bill would additionally require the person
or entity to dispose of the ZIP Code and street address number
information in a secure manner after it is no longer needed for
the prevention of fraud, theft, or identity theft. This bill
would also prohibit the person or entity from aggregating the
ZIP Code and street address number information with any other
personal identification information, or from sharing the ZIP
(more)
�
SB 383 (Jackson)
Page 2 of ?
Code and street address number information with any third party.
BACKGROUND
The Song Beverly Credit Card Act (Civ. Code Sec. 1747 et. seq.)
broadly prohibits businesses and others from requesting or
requiring a credit card holder to provide personal
identification information during a credit card transaction,
except in certain limited situations. Enacted in 1971, the act
regulates the issuance of credit cards to consumers in the State
of California, and specifies the rights and obligations of
retailers and cardholders in their use. The act articulates
"fair business practices for the protection of . . . consumers,"
and "made major changes in the law dealing with credit card
practices by prescribing procedures for billing, billing errors,
dissemination of false credit information, issuance and
unauthorized use of credit cards." (Pineda v. Williams-Sonoma
Stores, Inc. (2011) 51 Cal.4th 524, 538-39 [internal citations
and quotation marks omitted].)
The Legislature amended the Song Beverly Credit Card Act in
1990, "seeking to address the misuse of personal identification
information for, inter alia, marketing purposes" by retailers.
(Pineda, 51 Cal.4th at 534.) "[F]inding that there would be no
legitimate need to obtain such information from credit card
customers if it was not necessary to the completion of the
credit card transaction" (Id. at 534.), the Legislature amended
the statute to protect from disclosure "information concerning
the cardholder, other than information set forth on the credit
card, . . . including, but not limited to, the cardholder's
address and telephone number." (See Civ. Code Sec. 1747.08(b).)
These new amendments prohibited merchants from "[r]equest[ing],
or requir[ing] as a condition to accepting the credit card as
payment in full or in part for goods or services, the cardholder
to provide personal identification information" to be recorded
by the merchant. (See Civ. Code Sec. 1747.08(a).) Courts
interpreting these amendments have viewed them as strengthening
the act's existing protections and furthering the act's
"overriding purpose," which is to "protect the personal privacy
of consumers who pay for transactions with credit cards."
(Pineda, 51 Cal.4th at 534.)
In Pineda v. Williams-Sonoma Stores, Inc., the California
Supreme Court issued its first major opinion construing the
scope of the act. Williams-Sonoma, a chain retailer of home
furnishings and cookware, was accused by a patron of violating
�
SB 383 (Jackson)
Page 3 of ?
the act by, among other things, collecting the ZIP Code
information of credit card customers at the point of sale in its
retail stores, using customized computer software to discern a
customer's address by matching information in a database to the
information collected at the point of sale, and then marketing
its products to its credit card customers using the previously
undisclosed address or selling the information it had compiled
to other businesses. The patron brought a lawsuit under the
act, seeking classwide relief for credit card customers based on
Williams-Sonoma's alleged violation of its provisions concerning
the collection of personal identification information. (See
Pineda, 51 Cal.4th 524.) Siding with the patron, the Supreme
Court held that personal identification information protected
under the act included, among other things, a credit card user's
ZIP Code. Construing the statute broadly, the Supreme Court
held that the act provided "robust consumer protections by
prohibiting retailers from soliciting and recording information
about the cardholder that is unnecessary to the credit card
transaction," and stated that, as a remedial statute, it ought
to be liberally construed "in favor of [its] protective
purpose," which is to address "the misuse of personal
identification information for, inter alia, marketing purposes."
(Id. at 536-37.)
The Supreme Court revisited the Song Beverly Credit Card Act
earlier this year in Apple Inc. v. Superior Court (2013) 56
Cal.4th 128. Despite its broad holding two years before in the
Pineda case, the Court's decision in Apple presented a very
narrow reading of the act's privacy related provisions. The
Apple case involved a putative class action claim brought by a
consumer of Apple Computer's iTunes music and video download
service. The consumer claimed that Apple had violated the act
by requiring iTunes consumers to provide their telephone number
and address in order to complete online purchases paid for with
a credit card. The Court rejected the consumer's claim, and
held that the act did not apply to online transactions involving
downloadable products. (See id. at 133 ["Upon careful
consideration of the statute's text, structure, and purpose, we
hold that section 1747.08 does not apply to online purchases in
which the product is downloaded electronically."].) Citing the
legislative history of the 1990 amendments, the Court explained,
"[w]hile it is clear that the Legislature enacted the [act] to
protect consumer privacy, it is also clear that the Legislature
did not intend to achieve privacy protection without regard to
exposing consumers and retailers to undue risk of fraud."
(Apple Inc., 56 Cal.4th 128, 139.)
�
SB 383 (Jackson)
Page 4 of ?
The Court interpreted the act's legislative history as
"show[ing] that the Legislature enacted the statute's privacy
related prohibitions only after carefully considering and
rejecting the possibility that the collection of personal
identification information by brick-and-mortar retailers could
serve a legitimate purpose such as fraud prevention." (Apple
Inc., 56 Cal.4th at 139.) With the competing interests of
consumer privacy and fraud prevention in mind, the Court found
that:
The safeguards against fraud that are provided in [the act]
are not available to the online retailer selling an
electronically downloadable product. Unlike a
brick-and-mortar retailer, an online retailer cannot
visually inspect the credit card, the signature on the back
of the card, or the customer's photo identification. Thus,
section 1747.08(d) [concerning a retailer's ability to
request to see reasonable forms of positive
identification]-the key antifraud mechanism in the
statutory scheme-has no practical application to online
transactions involving electronically downloadable
products. We cannot conclude that if the Legislature in
1990 had been prescient enough to anticipate online
transactions involving electronically downloadable
products, it would have intended [the act's] prohibitions
to apply to such transactions despite the unavailability of
section 1747.08(d)'s [fraud prevention] safeguards. (Id.
at 140-41.)
The Supreme Court limited its holding in Apple to the particular
facts in that case, stating "[w]e have no occasion here to
decide whether [the prohibitions in the act] appl[y] to online
transactions that do not involve electronically downloadable
products or to any other transactions that do not involve
in-person, face-to-face interaction between the customer and
retailer." (Apple Inc., 56 Cal.4th at 143.) Nonetheless, the
majority opinion expressly invited the Legislature to amend the
law and apply it to online transactions of downloadable products
if it so desired. (See id. at 133 ["The Legislature may believe
these measures are inadequate and, if so, may enact additional
protections. Or the Legislature may believe that existing laws,
together with market forces reflecting consumer preferences, are
sufficient. It is not our role to opine on this important
policy issue."].)
�
SB 383 (Jackson)
Page 5 of ?
This bill would amend the Song Beverly Credit Card Act to apply
its consumer privacy protection provisions to all online credit
card transactions that involve a downloadable product, without
reference to the method, platform, or technology used to process
or to complete the transaction. In order to address the need to
prevent credit card fraud, this bill would authorize a person or
entity that accepts credit cards in an online transaction to
require a cardholder to provide the billing ZIP Code and street
address number associated with the credit card solely for the
prevention of fraud, theft, or identity theft. The bill would
require the person or entity collecting this information to
destroy or dispose of it in a secure manner after it is no
longer needed for the prevention of fraud, theft, or identity
theft. The bill would also prohibit the person or entity from
aggregating the ZIP Code and street address number information
with any other personal identification information, or from
sharing the ZIP Code and street address number information with
any other person or entity.
CHANGES TO EXISTING LAW
Existing law provides that, among other rights, all people have
an inalienable right to pursue and obtain privacy. (Cal.
Const., art. I, Sec. 1.) This privacy provision in the
California Constitution "creates a legal and enforceable right
of privacy for every Californian." (White v. Davis (1975) 13
Cal.3d 757, 775.)
Existing law , the California Online Privacy Protection Act (Bus.
and Prof. Code Sec. 22575 et. seq.), requires an operator of a
commercial Web site or online service that collects personally
identifiable information about individual consumers residing in
California who use or visit its commercial Web site or online
service to conspicuously post its privacy policy on its Web
site, or in the case of an operator of an online service, make
that policy available to consumers in accordance with state law.
(Bus. and Prof. Code Sec. 22575(a).)
Existing law , the Song Beverly Credit Card Act (Civ. Code Sec.
1747 et. seq.) prohibits persons and entities that accept credit
cards for the transaction of business from doing any of the
following:
(1)Requesting or requiring the cardholder, as a condition of
accepting the credit card as payment for goods or services,
to write any personal identification information on the
�
SB 383 (Jackson)
Page 6 of ?
credit card transaction form.
(2)Requesting or requiring the cardholder, as a condition of
accepting the credit card as payment for goods or services,
to provide personal identification information, which the
person or entity accepting the credit card writes, causes
to be written, or otherwise records upon the credit card
transaction form.
(3)Utilizing, in any credit card transaction, a credit card
form that contains preprinted spaces specifically
designated for filling in any personal identification
information of the cardholder. (Civ. Code Sec.
1747.08(a).)
Existing law defines "personal identification information" to
mean information concerning the cardholder, other than
information set forth on the credit card, and including, but not
limited to, the cardholder's address and telephone number.
(Civ. Code Sec. 1747.08(b).)
Existing law provides that the above-described restrictions on
the collection of the personal identification information of a
credit card holder do not apply in the following instances:
(1)If the credit card is being used as a deposit to secure
payment in the event of default, loss, damage, or other
similar occurrence.
(2)Cash advance transactions.
(3)If the person, firm, partnership, association, or
corporation accepting the credit card is contractually
obligated to provide personal identification information in
order to complete the credit card transaction or is
obligated to collect and record the personal identification
information by federal law, state law, or regulation.
(4)If the person, firm, partnership, association, or
corporation accepting the credit card in a sales
transaction at a retail motor fuel dispenser or retail
motor fuel payment island automated cashier uses the ZIP
Code information solely for prevention of fraud, theft, or
identity theft.
(5)If the personal identification information is required for
a special purpose incidental but related to the individual
credit card transaction, including, but not limited to,
information relating to shipping, delivery, servicing, or
installation of the purchased merchandise, or for special
orders. (Civ. Code Sec. 1747.08(c).)
�
SB 383 (Jackson)
Page 7 of ?
Existing law does not prohibit any person or entity from
requiring the cardholder, as a condition of accepting the credit
card as payment in full or in part for goods or services, to
provide reasonable forms of positive identification, which may
include a driver's license or a California state identification
card, or where one of these is not available, another form of
photo identification, provided that none of the information
contained thereon is written or recorded on the credit card
transaction form or otherwise. (Civ. Code Sec. 1747.08(d).)
Existing law imposes a civil penalty not to exceed two hundred
fifty dollars ($250) for the first violation of this section,
and one thousand dollars ($1,000) for each subsequent violation.
(Civ. Code Sec. 1747.08(e).)
This bill would permit a person or entity to require a
cardholder, as a condition of accepting a credit card as payment
in full or in part in an online transaction involving an
electronically downloadable product, to provide the billing ZIP
Code number and numerical portion of the street address
associated with the credit card, if used solely for the
prevention of fraud, theft, or identity theft.
This bill would require the person or entity accepting the
credit card to destroy or dispose of the ZIP Code and street
address number information in a secure manner after it is no
longer needed for the prevention of fraud, theft, or identity
theft.
This bill would prohibit the person or entity from aggregating
the ZIP Code and street address number with any other personal
identification information and would also prohibit the person or
entity from sharing the ZIP Code and street address number
information with any other person, firm, partnership,
association, or corporation.
This bill would codify the intent of the Legislature to apply
the Song Beverly Credit Card Act to all credit card transactions
without reference to the method, platform, or technology used to
process or complete the transaction.
This bill would find and declare the intent of the Legislature
to apply the provisions of the Song Beverly Credit Card Act to
all credit card transactions, including online transactions
involving a downloadable product.
�
SB 383 (Jackson)
Page 8 of ?
This bill would define "online transaction involving an
electronically downloadable product" to mean a credit card
transaction for a product, service, subscription, or any other
consideration, in which the product, service, subscription, or
consideration is provided by means of a download to the
cardholder's computer, telephone, or other electronic device.
COMMENT
1. Stated need for the bill
The author writes:
The bill seeks to remedy the deficiency in law created by
the Apple [decision], which eliminated credit card privacy
for downloadable product purchases based on the rationale
of fraud prevention, but the court did not restrict the
collection of personally identifiable information for cases
involving fraud prevention, and it did not limit the use of
information collected to fraud prevention. As a result,
online merchants in these transactions may now collect
personally identifiable information without limit, for any
reason or for no reason at all, and may use the information
for any purpose. SB 383 follows the rationale of the Apple
ruling, and balances it with Song Beverly's overarching
principle of protecting cardholders from unwarranted
privacy invasions by creating a limited exception that
allows merchants impacted by Apple to gather only that
information that is needed for fraud prevention, and limits
the use of the information for fraud prevention purposes
only.
Businesses should be entitled to collect only information
concerning a credit card holder that is required for
completion of the cardholder-initiated transaction, for
other legal or compliance purposes.
Without this legislation, online merchants are free to use
information about cardholders to build customer profiles,
and use this information for marketing, or for sale to
third parties who may use this information for any purpose.
[A] [c]onsumer's choice in downloadable product purchases
may reveal intimate details about a consumer['s] interests,
among these a consumer's medical interests, sexual
orientation, investments, financial status, dating
interests, political views and other forms of confidential
�
SB 383 (Jackson)
Page 9 of ?
information.
2. Balancing right to privacy against need to combat credit card
fraud
California has long held that preserving individual privacy is a
matter of utmost importance in public policy. Section 1,
article I of the California Constitution declares that "[a]ll
people are by nature free and independent and have inalienable
rights," and "[a]mong these are . . . pursuing and obtaining . .
. privacy." The right to privacy in online commerce is no less
important. Over thirty years ago, the Legislature recognized
that "[t]he right to privacy is being threatened by the
indiscriminate collection, maintenance, and dissemination of
personal information and the lack of effective laws and legal
remedies," and that "[t]he increasing use of computers and other
sophisticated information technology has greatly magnified the
potential risk to individual privacy that can occur from the
maintenance of personal information." (Civ. Code Sec. 1798.1
[Legislative declarations and findings concerning the
Information Practices Act of 1977].) "In order to protect the
privacy of individuals," the Legislature has declared it
"necessary that the maintenance and dissemination of personal
information be subject to strict limits." (Id.) This bill
furthers the fundamental public policy interest of protecting
the privacy of California's consumers by extending the
prohibitions of the Song Beverly Credit Card Act to merchants
engaged in online commerce.
Statutes like Song Beverly were enacted with the express intent
of limiting the collection of personal identifying information
and giving California consumers more control over how their
information is shared in the marketplace. As the Consumer
Federation of California -- the sponsor of this bill -- points
out, allowing the unfettered gathering of consumer information
during the course of a credit card transaction "gives . . .
merchants an open door to collecting personal data that is not
required for any transactional or security purpose." They
state:
Many merchants are eager to aggregate every bit of data on
consumers . . . Gathering data, and linking it to a credit
card holder's zip code, address or email address makes it
possible for a merchant . . . to construct a comprehensive
dossier on a consumer, which may include information
regarding a consumer's . . . medical conditions, sexual
�
SB 383 (Jackson)
Page 10 of ?
orientation, financial and investment activities, political
or religious views, as well as shopping and purchasing
activities.
By prohibiting the collection of data not germane to a credit
card transaction, Song Beverly protects California consumers
from unwanted invasions of their privacy, from unwelcome
marketing, and from having their personal information sold to
strangers without their permission. This bill extends Song
Beverly's existing privacy protections into the realm of online
commerce.
Consumer privacy protections are particularly crucial in the
digital age, where the collection and retention of personal
identification information by companies in large databases has
made it possible for individuals to unlawfully obtain millions
of records during a single breach of a company's computer
system. One of the most egregious breaches involving credit
card information in history occurred in 2007, when TJX Companies
Inc., the owner of a number of retail brands including T.J.Maxx,
Marshalls and Bob's Stores, disclosed that "45.6 million credit
and debit card numbers were stolen from one of its systems over
a period of more than 18 months by an unknown number of
intruders." (Jaikumar Vijayan, TJX data breach: At 45.6M card
numbers, it's the biggest ever
[as of May 2,
2013].) In addition to the stolen credit card numbers, the
individuals responsible for this particular breach also stole
"personal data provided in connection with the return of
merchandise without receipts by about 451,000 individuals."
(Id.)
The Supreme Court's ruling in Apple clarifies that the existing
provisions of Song Beverly do not prohibit online retailers
selling downloadable products from amassing similarly large
databases of personal identification information collected in
the course of a credit card transaction. While the Apple
court's decision might seem limited in scope, the Court noted
how large this affected market actually is when it stated that
"[t]oday, retail e-commerce sales in the United States approach
$200 billion a year, and it has been estimated that iTunes alone
will generate as much as $13 billion in revenue for Apple in
2013 through the sale of apps, music, movies, and e-books."
(Apple Inc. v. Superior Court, 56 Cal.4th at 150 [internal
citations omitted].) If online retailers were indiscriminately
�
SB 383 (Jackson)
Page 11 of ?
allowed to gather personal identifying information as part of
credit card transactions involving downloadable products,
similarly large databases could be assembled, the breach of
which could compromise the personal information of countless
Californians.
However, just as breaches of computer databases containing
personal information place consumers at risk, so does online
fraud and identity theft. According to statistics compiled by
the Internet Crime Complaint Center, which is a partnership
between the Federal Bureau of Investigation and the National
White Collar Crime Center, in 2010 California residents
submitted almost 35,000 complaints of internet fraud. (See
California IC3 2010 Internet Crime Report <
http://www.ic3.gov/media/annualreport
/2010/California%202010%20Report.pdf> [as of May 2, 2013].) Of
these complaints, which represent just a fraction of the total
number of instances of internet fraud that occurred in the state
in 2010, "[t]he top dollar loss complaint involved identity
theft and totaled $249,120.00 while the reported loss throughout
the state exceeded $46,300,000.00." (Id.)
The potential impact to California businesses from online credit
card fraud is equally staggering. The latest data from FICO, a
company that uses mathematics to predict consumer behavior and
identify and minimize the impact of fraud, suggests that
nationwide 20 states saw an increase in credit card fraud in
2012. (See FICO Labs: California, Florida and Northeast Were
Hotspots for ATM Fraud in 2012 < http:// www.fico.com
/en/Company/News/Pages/03-19-2013-Hotspots-for-ATM-Fraud-in-2012.
aspx> [as of May 2, 2013].) Globally, losses from credit card
fraud amount to $7.6 billion, and "fraud in the United States
accounted for 47 percent of global fraud losses [in 2010] -- up
from about 46.5 percent in 2009 and 44 percent in the middle of
the last decade." (See Ross Kerber, U.S. Banks Losing Ground in
Combating Credit, Debit Card Fraud: Report <
http://www.huffingtonpost.com/2011/10/04/credit-debit-card-fraud-
more-common-banks-lose-ground-hackers_n_994690.html> [as of May
2, 2013].)
SB 383 would strike a balance between the need to safeguard
consumer privacy while also protecting retailers and consumers
against fraud in online transactions. Just as existing
provisions of Song Beverly restrict a business from collecting
unnecessary personal information from consumers making in-person
purchases with a credit card while allowing access to the
�
SB 383 (Jackson)
Page 12 of ?
information in order to combat fraud, this bill would restrict
online retailers selling downloadable products from collecting
unnecessary personal information in the digital marketplace, but
would still leave them with the tools necessary to detect and
prevent online fraud, theft, and identity theft.
3. Business practices and technical requirements
Staff notes that merchants have contacted the author's office
and expressed technical concerns that the provisions in this
bill might interfere with standard industry procedures and
technical requirements concerning the processing of credit card
transactions. They suggest that it is not uncommon for a
merchant to contract with a third party for the processing of
credit card transactions and identity verification. Limitations
imposed in this bill on sharing personal identification
information gathered as part of an online credit card
transaction may operate to preclude the processing of certain
transactions using third parties that would otherwise be lawful
if the transaction were processed in an identical fashion solely
by the first party merchant or entity who accepts the credit
card as payment. The author should continue to work with
industry to ensure that this bill does not unintentionally
restrict the ability of merchants to process credit card
transactions through the use of third parties.
4. Scope of online commerce affected
As stated in the findings and declarations section of this bill,
it is the intent of the author to "apply the provisions of the
Song-Beverly Credit Card Act of 1971 to all credit card
transactions, including online transactions involving a
downloadable product." (See SB 383, pg. 3, lines 9-12).
However, the operative provisions of the bill appear to only
reach a subclass of online transactions that involve a
downloadable product. (See SB 383, pg. 7, lines 33-34 [". . .
may require a cardholder, as a condition to accepting a credit
card as payment in full or in part in an online transaction
involving an electronically downloadable product . . ."].) The
author should work with the bill sponsor to clarify the intended
scope of online commerce affected by this bill.
�
SB 383 (Jackson)
Page 13 of ?
Support : American Civil Liberties Union of California;
California Alliance for Retired Americans; California Conference
Board of the Amalgamated Transit Union; California Conference of
Machinists; CALPIRG; California Teamsters Public Affairs
Council; Consumer Action; Electronic Frontier Foundation;
Engineers and Scientists of California; International Longshore
and Warehouse Union; PrivacyActivism; Privacy Rights
Clearinghouse; Professionals and Technical Engineers; United
Food and Commercial Workers Western States Council; Utility
Workers Union of America; UNITE-HERE
Opposition : None Known
HISTORY
Source : Consumer Federation of California
Related Pending Legislation : AB 844 (Dickinson, 2013) would
expand existing privacy protections concerning credit card
transactions, including provisions of the Song Beverly Credit
Card Act, to transactions involving a debit card. This bill
would also permit the operator of a commercial Internet Web site
or online service that collects personal identifiable
information to require a credit cardholder or debit cardholder
to provide the cardholder's ZIP Code to complete an
Internet-based credit card or debit card transaction, subject to
certain restrictions, if used solely for the prevention of
fraud, theft, or identity theft. This bill was passed out of
the Assembly Banking and Finance Committee on April 22, 2013, by
a vote of 8-3, and was passed out of the Assembly Judiciary
Committee on April 30, 2013, by a vote of 7-3. The amendments
and renumbering of Civil Code Sections 1747.02 and 1747.08
called for in AB 844 may conflict with similar provisions in
this bill (SB 383).
Prior Legislation :
AB 1219 (Perea, Chapter 690, Statutes of 2011) created an
exception to existing law's prohibition against the collection
of ZIP Codes during credit card sales transactions by
specifically permitting the collection of ZIP Code information
when a person or entity accepting a credit card in a sales
transaction at a retail motor fuel dispenser or retail motor
fuel payment island automated cashier uses the ZIP Code
information solely for prevention of fraud, theft, or identity
theft.
�
SB 383 (Jackson)
Page 14 of ?
AB 521 (Koretz, Chapter 294, Statutes of 2001) extended
provisions of the Song Beverly Credit Card Act to the issuance
of student credit cards, defined as a credit card that is
provided to a student at a public or private college or
university solely based on his or her enrollment in the
university, or is provided to a student who would not otherwise
qualify for that credit card on the basis of his or her income.
AB 2021 (Fuentes, 2008) would have permitted, subject to certain
limitations, a merchant to request or require personal
information in connection with the use of a credit card for
transactions conducted via the Internet, telephone, or e-mail
for which the cardholder is not physically present, and the
personal identification information is required for, and is used
only for, fraud detection or prevention in connection with the
transaction. This bill died in the Senate Judiciary Committee.
AB 3013 (Pavley, 2004) would have prohibited a credit card
issuer from printing more than the last 8 digits of the credit
card account number on each billing statement provided to a
cardholder in this state, or printing a cardholder's account
number on an endorsed cardholder's payment check. This bill
died in the Assembly Banking and Finance Committee.
AB 1477 (Areias, Chapter 1089, Statutes of 1991) prohibited a
merchant which accepts credit cards from requesting or requiring
personal identification information for purposes of notation as
a condition of acceptance of the card. The bill clarified that
the merchant may require reasonable forms of identification,
including a driver's license, provided that no information
contained thereon is recorded on the credit card transaction
form or otherwise.
AB 2920 (Areias, Chapter 999, Statutes of 1990) prohibited
persons who accept credit cards in business transactions from
requiring, as a condition of accepting a credit card, that the
cardholder write or provide personal identification information
for notation on the credit card transaction form or otherwise,
subject to certain limitations. The bill made violators subject
to a civil penalty of up to $250 for a first violation and
$1,000 for subsequent violations.
**************
�
SB 383 (Jackson)
Page 15 of ?