Customers Sue Apple for Revealing Too Much Credit Card Info

Lora Bentley

Continuing in the PCI compliance vein...


Earlier this month, InformationWeek reported that Apple is facing a class-action lawsuit brought under the Fair Credit Reporting Act alleging that the computer maker was not properly protecting customer data. The plaintiffs allege that Apple violated the FCRA because its purchase receipts show the customer's full name, address, phone number, and e-mail address, as well as credit card expiration date. Including all of that information on the receipt, they argue, increases the risk of identity theft.


And in case there's any question, it isn't that Apple's practices have actually resulted in identity theft, the story points out. An attorney for the plantiffs says:

We're not alleging and we're not seeking any damages related to actual identity theft.

The problem is simply that Apple is not complying with the law. Whether such noncompliance is intentional or unintentional is irrelevant, according to a recent Supreme Court decision, InformationWeek reports. And the fact that compliance would be rather simple and inexpensive certainly won't help Apple's case.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.