Financial Privacy

Subscribe to Financial Privacy via RSS

On August 10, 2010, the U.S. Court of Appeals for the Seventh Circuit upheld an earlier ruling by the Northern District of Illinois Eastern Division that email order confirmations are not “electronically printed” receipts under the Fair and Accurate Credit Transactions Act (“FACTA”) amendments to the Fair Credit Reporting Act. Shlahtichman v.1-800 Contacts Inc., Case No. 09-4073 (7th Cir.; Aug. 10, 2010). The court affirmed the dismissal of Shlahtichman’s complaint against 1-800 Contacts Inc. that involved an electronic order confirmation containing Shlahtichman’s credit card expiration date.

On March 22, 2010, Washington Governor Christine Gregoire signed H.B. 1149 into law, making her state the second behind Minnesota to hold businesses and governmental entities responsible to financial institutions for certain costs arising from payment card information breaches. As of July 1, entities that process more than 6 million credit or debit card transactions annually who fail to reasonably safeguard card information can be required to reimburse financial institutions for the costs related to the re-issuance of cards as well as attorneys fees and costs in the event that a security breach involving payment card information is a proximate result.

On February 3, 2010, the U.S. District Court for the Western District of Pennsylvania preliminarily approved a class action settlement between Aramark Sports, LLC and a class of approximately 5,000 customers who made credit or debit card purchases from stores at PNC Park in Pittsburgh, Pennsylvania. If approved, the proposed settlement would resolve allegations made by the plaintiffs that Aramark violated the Fair and Accurate Credit Transactions Act’s (“FACTA”) truncation requirements by electronically printing receipts that contained (a) more than the last 5 digits of the plaintiffs’ credit or debit card numbers and/or (b) the expiration date of such cards.