Ct.App. 4/1 D054355 San Diego County Super. Ct. No.37-2008-00086061-CU-BT-CTL
The opinion of the court was delivered by: Moreno, J.
The Song-Beverly Credit Card Act of 1971 (Credit Card Act) (Civ. Code, § 1747 et seq.) is "designed to promote consumer protection." (Florez v. Linens 'N Things, Inc. (2003) 108 Cal.App.4th 447, 450 (Florez).) One of its provisions, section 1747.08, prohibits businesses from requesting that cardholders provide "personal identification information" during credit card transactions, and then recording that information. (Civ. Code, § 1747.08, subd. (a)(2).)*fn1
Plaintiff sued defendant retailer, asserting a violation of the Credit Card Act. Plaintiff alleges that while she was paying for a purchase with her credit card in one of defendant's stores, the cashier asked plaintiff for her ZIP code. Believing it necessary to complete the transaction, plaintiff provided the requested information and the cashier recorded it. Plaintiff further alleges that defendant subsequently used her name and ZIP code to locate her home address.*fn2
We are now asked to resolve whether section 1747.08 is violated when a business requests and records a customer's ZIP code during a credit card transaction. In light of the statute's plain language, protective purpose, and legislative history, we conclude a ZIP code constitutes "personal identification information" as that phrase is used in section 1747.08. Thus, requesting and recording a cardholder's ZIP code, without more, violates the Credit Card Act. We therefore reverse the contrary judgment of the Court of Appeal and remand for further proceedings consistent with our decision.
FACTS AND PROCEDURAL HISTORY
Because we are reviewing the sustaining of a demurrer, we assume as true all facts alleged in the complaint. (Sheehan v. San Francisco 49ers, Ltd. (2009) 45 Cal.4th 992, 996.)
In June 2008, plaintiff Jessica Pineda filed a complaint against defendant Williams-Sonoma Stores, Inc.*fn3 The complaint alleged the following:
Plaintiff visited one of defendant's California stores and selected an item for purchase. She then went to the cashier to pay for the item with her credit card. The cashier asked plaintiff for her ZIP code and, believing she was required to provide the requested information to complete the transaction, plaintiff provided it. The cashier entered plaintiff's ZIP code into the electronic cash register and then completed the transaction. At the end of the transaction, defendant had plaintiff's credit card number, name, and ZIP code recorded in its database.
Defendant subsequently used customized computer software to perform reverse searches from databases that contain millions of names, e-mail addresses, telephone numbers, and street addresses, and that are indexed in a manner resembling a reverse telephone book. The software matched plaintiff's name and ZIP code with plaintiff's previously undisclosed address, giving defendant the information, which it now maintains in its own database. Defendant uses its database to market products to customers and may also sell the information it has compiled to other businesses.
Plaintiff filed the matter as a putative class action, alleging defendant had violated section 1747.08 and the unfair competition law (UCL) (Bus. & Prof. Code, § 17200 et seq.). She also asserted an invasion of privacy claim. Defendant demurred, arguing a ZIP code is not "personal identification information" as that phrase is used in section 1747.08, that plaintiff lacked standing to bring her UCL claim, and that the invasion of privacy claim failed for, among other reasons, failure to allege all necessary elements. Plaintiff conceded the demurrer as to the UCL claim, and the trial court subsequently sustained the demurrer as to the remaining causes of action without leave to amend. As for the Credit Card Act claim, the trial court agreed with defendant and concluded a ZIP code does not constitute "personal identification information" as that term is defined in section 1747.08.
The Court of Appeal affirmed in all respects. With respect to the Credit Card Act claim, the Court of Appeal relied upon Party City Corp. v. Superior Court (2008) 169 Cal.App.4th 497 (Party City), which similarly concluded a ZIP code, without more, does not constitute personal identification information.*fn4
Plaintiff sought our review regarding both her Credit Card Act claim and her invasion of privacy cause of action. We granted review, but only of plaintiff's Credit Card Act claim.*fn5
We independently review questions of statutory construction. (Imperial Merchant Services, Inc. v. Hunt (2009) 47 Cal.4th 381, 387.) In doing so, we look first to the words of a statute, "because they generally provide the most reliable indicator of legislative intent." (Hsu v. Abbara (1995) 9 Cal.4th 863, 871.) We give the words their usual and ordinary meaning (Lungren v. Deukmejian (1988) 45 Cal.3d 727, 735), while construing them in light of the statute as a whole and the statute's purpose (Walker v. Superior Court (1998) 47 Cal.3d 112, 124). "In other words, ' "we do not construe statutes in isolation, but rather read every statute 'with reference to the entire scheme of law of which it is part so that the whole may be harmonized and retain effectiveness.' " ' " (Smith v. Superior Court (2006) 39 Cal.4th 77, 83.) We are also mindful of "the general rule that civil statutes for the protection of the public are, generally, broadly construed in favor of that protective purpose." (People ex rel. Lungren v. Superior Court (1996) 14 Cal.4th 294, 313 (Lungren); see Florez, supra, 108 Cal.App.4th at p. 450 [liberally construing former § 1747.8, now § 1747.08].) "If there is no ambiguity in the language, we presume the Legislature meant what it said and the plain meaning of the statute governs." (People v. Snook ...