Susan Catherine POWERS, Plaintiff and Appellant, v. POTTERY BARN, INC., Defendant and Respondent.
In this consumer class action case the trial court found plaintiff's claims against a retailer for violation of provisions of the Song-Beverly Credit Card Act of 1971 (Song-Beverly) were pre-empted by provisions of a federal statute, the Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003 (tit. 15, U.S.C, § 7701 et seq.) (CAN-SPAM). Accordingly, the trial court sustained the retailer's demurrer without leave to amend. We reverse.
The disputed provisions of Song-Beverly were added by the Legislature in 1990 and limit the information that may be requested of a consumer when the consumer uses a credit card to transact business. In particular, Song-Beverly prohibits businesses from requesting or requiring credit card customers to provide “personal identification information,” such as their addresses and telephone numbers. In contrast, CAN-SPAM imposes disclosure and “opt-out” requirements on the senders of commercial electronic mail (e-mail) and restricts the manner in which such e-mail may be sent. In addition, by its terms CAN-SPAM pre-empts any state law that “specifically regulates the use of electronic mail to send commercial messages.” However, CAN-SPAM does not pre-empt state laws that “are not specific to electronic mail.” Because Song-Beverly's regulation of what may be asked of credit card customers is not a regulation of what can be sent in commercial e-mails and is not in any manner specific to e-mail, we conclude Song-Beverly is not pre-empted by CAN-SPAM.
On March 12, 2008, plaintiff and appellant Susan Catherine Powers filed a class action complaint against defendant and respondent Pottery Barn, Inc. (Pottery Barn). Powers alleged she visited a Pottery Barn store, selected an item to buy and, when she used her credit card to buy it, was asked to provide an e-mail address. Powers gave the sales clerk her e-mail address and saw the clerk enter the address into the store's electronic cash register. More generally, Powers alleged Pottery Barn made a practice of asking for personal identification information within the meaning of Song-Beverly and that this conduct, in addition to giving rise to a cause of action under Song-Beverly, gave rise to claims under the Unfair Competition Law (Bus. & Prof.Code, § 17200 et seq.) (UCL) and for invasion of privacy.
Pottery Barn demurred to Powers's complaint. Pottery Barn alleged e-mails are not personal identification information within the meaning of Song-Beverly and that, in any event, regulation of the collection of e-mails is pre-empted by CAN-SPAM. Pottery Barn further alleged Song-Beverly was an unlawful limitation on its right to engage in commercial speech.
The trial court sustained the demurrer with leave to amend. The trial court determined e-mails are personal identification information within the scope of Song-Beverly, but that Powers's claims were nonetheless pre-empted by CAN-SPAM. The trial court gave Powers leave to allege that, aside from e-mails, Pottery Barn had collected other personal identification information. Powers was unable to make such an allegation and the trial court entered a judgment of dismissal. Powers filed a timely notice of appeal.
“On appeal from a judgment dismissing an action after sustaining a demurrer ․ the standard of review is well settled. The reviewing court gives the complaint a reasonable interpretation, and treats the demurrer as admitting all material facts properly pleaded. [Citations.] The court does not, however, assume the truth of contentions, deductions or conclusions of law. [Citation.] The judgment must be affirmed ‘if any one of the several grounds of demurrer is well taken. [Citations.]’ [Citation.] [H]owever, it is error for a trial court to sustain a demurrer when the plaintiff has stated a cause of action under any possible legal theory.” (Aubry v. Tri-City Hospital Dist. (1992) 2 Cal.4th 962, 966-967, 9 Cal.Rptr.2d 92, 831 P.2d 317.) Where the plaintiff has been given an opportunity to amend, we presume the complaint states as strong a case as is possible. (Otworth v. Southern Pac. Transportation Co. (1985) 166 Cal.App.3d 452, 457, 212 Cal.Rptr. 743.)
Song-Beverly was enacted in 1971. “The act ‘imposes fair business practices for the protection of the consumers. “Such a law is remedial in nature and in the public interest [and] is to be liberally construed to the end of fostering its objectives.” ’ [Citations.]” (Florez v. Linens ‘N Things, Inc. (2003) 108 Cal.App.4th 447, 450, 133 Cal.Rptr.2d 465.)
The particular provisions of Song-Beverly in dispute here were added by the Legislature in 1990 as AB 2920 and in pertinent part state: “(a) Except as provided in subdivision (c), no person, firm, partnership, association, or corporation that accepts credit cards for the transaction of business shall do any of the following:
“(1) Request, or require as a condition to accepting the credit card as payment in full or in part for goods or services, the cardholder to write any personal identification information upon the credit card transaction form or otherwise.
“(2) Request, or require as a condition to accepting the credit card as payment in full or in part for goods or services, the cardholder to provide personal identification information, which the person, firm, partnership, association, or corporation accepting the credit card writes, causes to be written, or otherwise records upon the credit card transaction form or otherwise.
“(3) Utilize, in any credit card transaction, a credit card form which contains preprinted spaces specifically designated for filling in any personal identification information of the cardholder.
“(b) For purposes of this section ‘personal identification information,’ means information concerning the cardholder, other than information set forth on the credit card, and including, but not limited to, the cardholder's address and telephone number.” (Civ.Code, § 1747.08.)
In reviewing the legislative history of AB 2920, the court in Florez v. Linens ‘N Things, Inc., supra, 108 Cal.App.4th at page 452, 133 Cal.Rptr.2d 465 stated: “Our inquiry begins with the California Assembly Committee on Finance and Insurance, Background Information Request on Assembly Bill No. 2920 (1989-1990 Reg. Sess.): ‘AB 2920 seeks to protect the personal privacy of consumers who use credit cards to purchase goods or services by prohibiting retailers from requiring consumers to provide addresses, telephone numbers and other personal information that is unnecessary to complete the transaction and that the retailer does not need.’ (Italics added.) In essence, the original enactment (Stats.1990, ch. 999, § 1, pp. 4191-4192 [Assem. Bill No. 2920] ) was a response to two principal privacy concerns. ‘[F]irst, that with increased use of computer technology, very specific and personal information about a consumer's spending habits was being made available to anyone willing to pay for it; and second, that acts of harassment and violence were being committed by store clerks who obtained customers' phone numbers and addresses.’ ” (Fn. Omitted.)
CAN-SPAM was enacted in 2003. Under CAN-SPAM the sender of any unsolicited “commercial electronic mail message” is subject to civil liability unless the e-mail contains: a mechanism which permits the addressee to “opt-out” or unsubscribe from further e-mails, an accurate identification of the sender, an accurate subject line, a physical address of the sender and a warning label if the e-mail contains adult content. (Tit. 15, U.S.C. § 7704.) CAN-SPAM also makes it a crime to send e-mail through a computer without the permission of the owner of the computer (“open-relay”) or place false information in the e-mail header. (Tit. 18, U.S.C., § 1037(a)(1), (3).)
In enacting CAN-SPAM, Congress expressly found: “The convenience and efficiency of electronic mail are threatened by the extremely rapid growth in the volume of unsolicited commercial electronic mail. Unsolicited commercial electronic mail is currently estimated to account for over half of all electronic mail traffic, up from an estimated 7 percent in 2001, and the volume continues to rise. Most of these messages are fraudulent or deceptive in one or more respects.” (Tit. 15, U.S.C., § 7701(a)(2).) However, Congress also found: “Many States have enacted legislation intended to regulate or reduce unsolicited commercial electronic mail, but these statutes impose different standards and requirements. As a result, they do not appear to have been successful in addressing the problems associated with unsolicited commercial electronic mail, in part because, since an electronic mail address does not specify a geographic location, it can be extremely difficult for law-abiding businesses to know with which of these disparate statutes they are required to comply.” (Tit. 15, U.S.C., § 7701(a)(11).)
In light of its findings, Congress expressly provided that CAN-SPAM pre-empts state anti-SPAM laws: “This chapter supersedes any statute, regulation, or rule of a State or political subdivision of a State that expressly regulates the use of electronic mail to send commercial messages, except to the extent that any such statute, regulation, or rule prohibits falsity or deception in any portion of a commercial electronic mail message or information attached thereto.” (Tit. 15, U.S.C., § 7707(b)(1).) Importantly, Congress also expressly limited the pre-emptive impact of CAN-SPAM: “This chapter shall not be construed to preempt the applicability of-(A) State laws that are not specific to electronic mail, including State trespass, contract, or tort law; or (B) other State laws to the extent that those laws relate to acts of fraud or computer crime.” (Tit. 15, U.S.C., § 7707(b)(2).)
CAN-SPAM cannot be interpreted as pre-empting application of Song-Beverly to Pottery Barn's collection of e-mail from its credit card customers. Song-Beverly does not expressly regulate any Internet activity, let alone use of “electronic mail to send commercial messages.” (See Tit. 15, U.S.C § 7701(b)(1).) Rather, as we have discussed, Song-Beverly only governs the information businesses may collect in the course of transacting business with credit card users. Thus Song-Beverly does not fall within the scope of CAN-SPAM's express pre-emption provisions. Importantly, CAN-SPAM does not permit us to find any implied pre-emption here. CAN-SPAM not only has a carefully limited express pre-emption provision, but it also expressly excludes pre-emption of any state laws, such as Song-Beverly, which “are not specific to electronic mail.”
Contrary to Pottery Barn's argument, nothing in Facebook, Inc. v. ConnectU LLC (N.D.Cal. 2007) 489 F.Supp.2d 1087, 1093-1094 (Facebook ), expands CAN-SPAM pre-emption to cover state laws which do not expressly and specifically regulate e-mail. In Facebook the plaintiff made a claim under two California anti-spam statutes, Business and Professions Code sections 17529.4 and 17538.45. Business and Professions Code section 17529.42 expressly prevents businesses from electronically collecting e-mail addresses from the Internet for the purpose of sending unsolicited e-mail to the collected addresses; Business and Professions Code section 17538.453 prevents the unauthorized use of e-mail servers located in this state to send unsolicited e-mails. Although Business and Professions Code section 17529.4 may be violated by collecting e-mail addresses with only the intent to send unsolicited e-mails and without actual distribution of any e-mails, the court in Facebook nonetheless properly concluded that it, as well as Business and Professions Code section 17538.45, regulate “the use of electronic mail to send commercial messages.” (Facebook, supra, 489 F.Supp.2d at pp. 1093-1094.)
The express and specific e-mail regulations considered in Facebook are readily distinguishable from Song-Beverly, which does not directly regulate the use of e-mails or the Internet, but instead protects the privacy of consumers when they use credit cards to transact business. (See Florez v. Linens ‘N Things, Inc., supra, 108 Cal.App.4th at p. 452, 133 Cal.Rptr.2d 465.) Song-Beverly's impact on a business's use of e-mail is only an incident of the statute's regulation of such credit card transactions. By its terms CAN-SPAM does not pre-empt state statutes which are not specific to e-mail and have only such incidental impact on e-mail use. (Tit. 15, U.S.C. § 7707(b)(2).)
In sum, the trial court erred in sustaining Pottery Barn's demurrer on the grounds Powers's Song-Beverly claims are pre-empted by CAN-SPAM.
Judgment reversed. Appellant to recover her costs of appeal.
BENKE, Acting P.J.