A California appeals court recently held that a class action lawsuit against Pottery Barn, Inc. alleging unauthorized collection of personal information can proceed to trial.  A class of consumers alleged that Pottery Barn, Inc. violated the California Song-Beverly Credit Card Act (the “Act”) by requesting that shoppers provide their e-mail address when purchasing products with a credit card. 

The Act prohibits businesses from requesting or requiring credit card customers to provide personal information when purchases are made.  Pottery Barn, Inc., in response, alleged that the federal CAN-SPAM Act preempted the Act because the CAN-SPAM Act expressly preempts state anti-spam laws.  Pottery Barn, Inc. also alleged that e-mail addresses are not personal information within the scope of the Act.

The California Court of Appeal for the Fourth District found that the CAN-SPAM Act could not be interpreted to preempt the Act because Congress had expressly limited the preemption provision to only apply to state laws that specifically regulate electronic mail.  This Act, the court found, does not expressly regulate Internet activity or the use of e-mail, and the Act’s regulation of e-mail use is only incidental to the law’s true purpose of protecting consumer privacy.  The court also declined to find that e-mail addresses are “personal information” as defined in the Act.

For more information on the impact of the Song-Beverly Credit Card Act on information collection practices, please contact:

Anthony V. Lupo
lupo.anthony@arentfox.com
202.857.6353

Matthew R. Mills
mills.matthew@arentfox.com
202.715.8582