Many merchants will ask for your ZIP code, phone number and even driver’s license when making purchases with a credit card; but, in most cases, you are not legally required to comply.
In fact, the merchant may be violating credit card merchant agreements and in some instances, state law by even asking.
Consumers should never give more information beyond what is necessary to complete a transaction such as an address for shipping.
More importantly under no circumstance should you ever give your social security number to a merchant unless you are opening an instant credit account or requesting an extension of your current credit line.
There are no hard and fast rules on what a merchant may ask a customer and how the information collected by a merchant can be used. There are currently no federal laws to govern merchants; however, there are state laws. Individual stores have policies as well as the major credit card companies.
Under Visa and Mastercard policies a merchant cannot require personal information to make the sale if the back of the card is signed. If the card is unsigned, merchants can request some form of identifying information.
The American Express policy only requires merchants to check the signature on the back of the card. Discover is the only major credit card that does not prohibit merchants from asking for additional identification.
Merchants have gone beyond requesting identifying information when making purchases with credit cards. For several years, merchants have requested all sorts of information but that may be coming to an end soon.
On February 10, 2011, the California Supreme Court ruled stores could not ask customers for their ZIP codes during check out as it is personally identifiable information. The ruling resulted from a case; Pineda v. William-Sonoma Stores, Inc. Pineda complied with William-Sonoma when asked for her ZIP code at checkout.
William-Sonoma then took the ZIP code along with her credit card number and searched databases until they found Pineda’s home address. Once armed with Pineda’s home address Williams-Sonoma sent her store catalogs and sold her private information to additional retailers. The justices ruled unanimously that such requests violate state law.
”The decision bolsters and further protects the privacy rights of consumers,” said Pineda’s attorney, Gene J. Stonebarger. Merchants typically use ZIP codes to determine where their customers live and for other marketing purposes. But beyond that, the information could lead to credit card fraud and identity theft said Gene J. Stonebarger.
“Customers are deceived into providing their information under the false pretense that it's required to complete the credit card transaction,” Stonebarger said. “Individuals don't understand the scope of the information that they're revealing. Most people don't appreciate that their ZIP Codes combined with their names can be used to obtain very personal information about them.” Merchants now face a $1,000 fine per violation if they ask a customer for their ZIP code during a credit card transaction.
One exception for the ZIP code requirement is paying for gas at the pump. You will be asked to enter a ZIP code for security reasons because there is no person to check your signature. Gas stations generally do not retain ZIP code information once the transaction is complete.
As mentioned above, there are no federal laws to govern merchants requesting additional information. The laws are enacted on a state-by-state basis so the impact of Pineda v. Williams Sonoma for consumers in other states is yet to be determined. However, a flurry of class-action lawsuits have been filed in California against major retailers such as Walmart, Bed Bath & Beyond and Crate & Barrel.
Father and son legal team, Edwin and Eric Schreiber filed the lawsuits against Bed Bath & Beyond and Crate & Barrel because they felt customers were subjected to invasion of privacy when the stores required ZIP codes. “A lot of the people we talked to felt very uncomfortable giving the ZIP Code but felt they had to,” Eric Schreiber said. “They felt they were in the middle of a transaction and weren't going to tell the sales clerk no.”
Paul Stephens, director for policy and advocacy for Privacy Rights Clearinghouse, says “There's no upside to giving out information not essential to the transaction, even if you think doing so is necessary to combat fraud.
It's important for consumers to realize that you're generally not liable for fraudulent charges on the card”…”Your maximum liability under federal law for unauthorized use of your credit card is $50 and as long as you report it quickly, your liability is zero.”
In the final analysis, it is up to the consumer to guard their personal information against potential identity theft. Merchants may ask for information such as email or home address and even telephone number within the limitations of state law or their credit card merchant agreement but you can always refuse. If a consumer does not wish to disclose such information they may have no option but to walk away from the transaction unless the store is willing to make an exception.
