The Complex Litigator

View Original

E-mail is "personal identification information," and CAN-SPAM does not pre-empt the Song-Beverly prohibition on requests for such information

Technology, which is forward looking, and law, which is backwards...looking, frequently bang heads.  In Powers v. Pottery Barn, Inc. (September 21, 2009), the Court of Appeal (Fourth Appellate District, Division One) examined whether the federal law "Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003" (tit. 15, U.S.C, § 7701 et seq.) (CAN-SPAM) pre-empted provisions of the Song-Beverly Credit Card Act of 1971 in a lawsuit challenging a merchant's practice of requesting consumer e-mail addresses at the time the consumer makes a credit card purchase.  The Court easily found that, because CAN-SPAM does not pre-empt state laws that "are not specific to electronic mail," it did not pre-empt the Song-Beverly prohibition on collecting personal identification information.  Slip op., at 2.

Regarding the purpose of Song-Beverly, the Court said:

Song-Beverly was enacted in 1971. "The act 'imposes fair business practices for the protection of the consumers. "Such a law is remedial in nature and in the public interest [and] is to be liberally construed to the end of fostering its objectives." ' [Citations.]" (Florez v. Linens 'N Things, Inc. (2003) 108 Cal.App.4th 447, 450.)

Slip op., at 4.  And the Court explained pre-emption by CAN-SPAM, and the limits on that pre-emption:

Congress expressly provided that CAN-SPAM pre-empts state anti-SPAM laws: "This chapter supersedes any statute, regulation, or rule of a State or political subdivision of a State that expressly regulates the use of electronic mail to send commercial messages, except to the extent that any such statute, regulation, or rule prohibits falsity or deception in any portion of a commercial electronic mail message or information attached thereto." (Tit. 15, U.S.C., § 7707(b)(1).) Importantly, Congress also expressly limited the pre-emptive impact of CAN-SPAM: "This chapter shall not be construed to preempt the applicability of—(A) State laws that are not specific to electronic mail, including State trespass, contract, or tort law; or (B) other State laws to the extent that those laws relate to acts of fraud or computer crime." (Tit. 15, U.S.C., § 7707 (b)(2).)

Slip op., at 7.  Applying both, the Court concluded that Song-Beverly was not pre-empted:

CAN-SPAM cannot be interpreted as pre-empting application of Song-Beverly to Pottery Barn's collection of e-mail from its credit card customers.  Song-Beverly does not expressly regulate any Internet activity, let alone use of "electronic mail to send commercial messages." (See Tit. 15, U.S.C § 7701(b)(1).) Rather, as we have discussed, Song-Beverly only governs the information businesses may collect in the course of transacting business with credit card users. Thus Song-Beverly does not fall within the scope of CAN-SPAM's express pre-emption provisions. Importantly, CAN-SPAM does not permit us to find any implied pre-emption here. CAN-SPAM not only has a carefully limited express pre-emption provision, but it also expressly excludes pre-emption of any state laws, such as Song-Beverly, which "are not specific to electronic mail."

Slip op., at 8.  So there you have it.  Collecting an e-mail address has now been recognized as collecting personal identification information, at least under Song-Beverly.

NOTE:  Sections V and VI of the opinion are not published.  However, the Court's Opinion inadvertently left out the Section V heading.  I believe that it should appear after the first two sentences of page 12, but that's just a best guess until they correct the opinion.