In Party City Corp. v. The Superior Court of San Diego County, the California Court of Appeal in the Fourth Appellate District held that zip codes are not “personal identification information” under California’s Song-Beverly Credit Card Act of 1971, California Civil Code Sec. 1747.08. Information “concerning the cardholder” is protected pursuant to the purposes of the Act, in order to prevent customer identification that goes beyond what the consumer has consented to disclose.
In this class action case, the plaintiff claimed that Party City’s request for a zip code in connection with a credit card purchase violated the Act. The trial court agreed, granting the plaintiff summary judgment. The Court of Appeal overturned the trial court concluding that summary judgment should be entered for Party City.
The Court of Appeal found that zip codes are not personal identification information based on the plain language of the Act. The Court of Appeal also examined postal regulations to understand what zip codes encompass. The Court of Appeal determined that zip codes are not “personal” identification information about a particular cardholder.
“A zip code is not an address, but only a portion of it, and knowing a stand-alone zip code has not been shown to be potentially more helpful in locating a specific person than knowing his or her state or county of residence. A zip code is not an individualized set of identification criteria, such as telephone numbers would be, but rather zip codes provide identification of a relatively large group, on the present record.”
Timothy P. Tobin (UPDATE: Apparently he is no longer an attorney at Proskauer) of the Privacy Law Blog of Proskauer Rose LLP pointed out this case.