The District Court for the District of Massachusetts has ruled that zip codes are personal information within the meaning of Mass Gen. Laws, ch. 93 § 105(a). Tyler v. Michaels Stores, Inc., Civ. No. 11-10920-WGY (D. Mass. Jan. 6, 2012).
This is another privacy law case where plaintiffs (rightfully) seek to prevent merchants from unjustly enriching themselves on customers’ personal information. In this case, MA has enacted a state law (cited above) expressly prohibiting merchants from collecting more personal information than they need to process a credit card transaction. Here the plaintiff made several credit card purchases at defendant’s store and provided his zip code under the mistaken impression — allegedly created by defendant — that his zip code was necessary to process the transaction.
Evidently, the defendant did not in fact need plaintiff’s zip code for the transaction, but instead used the zip code to find the plaintiff’s personal address (read: private information) via certain commercially available databases and proceed to mail plaintiff unwanted marketing solicitations. Plaintiff sued.
While the court did find that a Zip code is, indeed, personal identification information within the meaning of the MA law, unfortunately for plaintiff the case could not stand because plaintiff was not able to allege sufficient damages arising out of the unwanted marketing solicitations.
Takeaway: Based on what we have seen of recent privacy law cases around the country, the “no damages” defense may not last very long. Courts are increasingly beginning to “find” at least the possibility of damage stemming from improper use of private info.
Enter your email to get started.