Ask The Expert: California Supreme Court Takes Stand to Protect Consumers and Online Retailers

By Stefanie Warren and Cordon T. Baesel

On February 4, 2013, in Apple Inc. v. Superior Court, the California Supreme Court issued yet another proclamation regarding what businesses can and cannot do when it comes to collecting a consumer's personal information.  And this time, the retailer won!

Our story begins in June of 2011 when the plaintiff filed a class action lawsuit against Apple for violations of the Song-Beverly Credit Card Act.  The Act generally regulates the conduct of businesses in their interactions with consumers.  Here, the plaintiff alleged he had purchased media downloads (and who has not?) from iTunes.  In so doing, Apple required the plaintiff to provide his telephone number and address in order to complete the online credit card purchase.  The plaintiff cried foul claiming that the collection of his personal information was not necessary for his credit card purchase and therefore illegal.

Apple immediately moved to dismiss the plaintiff's claims arguing that the Act does not apply to online transactions.  The trial court denied the motion but agreed to allow Apple to take an appeal.  Recognizing that Apple had raised unique arguments about the scope of the Act, the California Supreme Court took the case.

Upon consideration of the history of the Act as well as other related laws, the Court determined that the Act does not apply to online purchases in which the product is downloaded electronically.

The Court based its decision on several key points.  First, the Act makes no reference to any online transactions or the internet.  The Act is silent on this point because it was enacted in 1990, long before the proliferation of today's online marketplace.  Second, the Court reasoned that while the Act is designed to protect consumer privacy, the Act is not meant to be so broadly applied as to protect information without regard to exposing those same consumers to fraud.  Indeed, the Court found that the Act was not intended to preclude online retailers selling electronically downloadable products no means to protect against credit card fraud.  The Court also noted that the Legislature is perfectly able to, and has, taken steps to regulate online privacy.  The California Online Privacy Protection Act of 2003 provides for a mandatory disclosure about privacy policies on certain types of commercial Web sites and online services.

In sum, the Court found that the Act requires a balancing of privacy interests against a retailers' right to protect itself and consumers from fraud.  As to online transactions involving electronically downloadable products, the scale is tipped in favor of fraud protection.

For more information contact Stefanie Warren, Esq. or Cordon T. Baesel, Esq. of the Action Sports Industry Group at McKenna Long & Aldridge  (

Please note this article has been prepared for informational purposes only and is not to be considered legal advice. You are advised to speak directly with counsel regarding the matters discussed above.