Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Massachusetts lawsuit accuses Apple of misusing customers' personal info

Last updated

Adding to Apple's mountain of legal conflict, a lawsuit filed this week in New England claims that Apple collected retail customers' zip codes in violation of state law and then profited from the sale of that information to third parties.


Apple's Boylston Street store in Boston

Plaintiffs Adam Christensen, Jeffrey Scolnick, and William Farrell claim that they were forced to provide their zip code when making credit card purchases at Apple retail stores in Massachusetts, a practice that the suit contends is illegal under the Massachusetts Unfair Trade Practices Act. That statute makes it unlawful to compel customers to provide personally identifiable information beyond that which is required by credit card issuers to verify the transaction.

The complaint goes on to allege that Apple not only collects this information, but then sells it to other companies for profit. As proof, the suit offers a passage from Apple's privacy policy that states "Apple may make certain personal information available to strategic partners that work with Apple to provide products and services, or that help Apple market to customers."

This has caused the plaintiffs harm, the suit says, in the following ways:

First, Plaintiffs and the Class have been injured because they have received unwanted marketing materials from Apple as a result of having provided their zip codes when using credit cards at Apple. Second, Plaintiffs and the Class have been injured by Apple's sale of Plaintiffs' and the Class' PII to third-parties, which was collected by Apple in violation of Mass. Gen. Laws ch. 93 § 105(c). And third, Plaintiffs and the Class have been injured because Apple misappropriated their economically valuable PII [Personally Identifiable Information] without consideration.

Christensen, Scolnick, and Farrell seek certification as representatives of a class that would include anyone "from whom Apple requested and recorded personal identification information in conjunction with a credit card transaction occurring in Massachusetts."

On behalf of that class, the group is seeking damages of up to $75 per violation, interest on those damages, litigation expenses and attorneys' fees, and "such other and further relief as may be just and proper." The petition also asks for an injunction that would force Apple to stop collecting zip codes in the state.

The plaintiffs' law firm first contacted Apple with the complaint last April in a bid to settle without going to court. At the time, they sought damages of just $25 per violation, attorneys' fees, and "a reasonable incentive reward...for services as the proposed class representative."

Notably, the earlier complaint did not accuse Apple of profiting from the sale of the data to third parties. That charge was tacked on once the suit was filed, and the reason for its late addition is unknown.

Apple has not yet responded to the suit.



88 Comments

anantksundaram 18 Years · 20391 comments

I think it would have been useful to clarify in the headline that a few stupid people in MA brought the lawsuit, i.e., it's not a 'Massachusetts lawsuit....'.

 

This will get thrown out.

pegarm 18 Years · 5 comments

This is going to end up getting tossed. A credit card billing zip code could be considered required by credit card issuers in order to verify a transaction.

bigmac2 13 Years · 639 comments

Quote:

Originally Posted by AppleInsider 
 

First, Plaintiffs and the Class have been injured because they have received unwanted marketing materials

 

Ouch, poor guys being injured by marketing material, they should have a hard time living in this country.  I wonder how they could use the internet with constant unwanted marketing material poping out on every web site. 

jkichline 14 Years · 1369 comments

First, many credit processing systems require a ZIP code to verify the credit card's authenticity. This is quite a common practice especially with the level of hacking we've seen lately with Target, etc. Second, there's no correlation between what a legal document claims to allow and what was actually done. What's put in privacy policies is intentionally broad and usually applies only to the transaction method employed. For instance, a privacy policy on a website doesn't necessarily mean that's the same privacy policy used in a store. Who said they sold it to another party? Perhaps the ZIP code was just used to process the credit card transaction. Third, if you're that dang paranoid, how about you use cash and wear an aluminum foil hat? Or as Sir Jonny Ive says "Aluminium Fedora"

gatorguy 13 Years · 24627 comments

[quote name="anantksundaram" url="/t/161627/massachusetts-lawsuit-accuses-apple-of-misusing-customers-personal-info#post_2459166"]I think it would have been useful to clarify in the headline that a few stupid people in MA brought the lawsuit, i.e., it's not a 'Massachusetts lawsuit....'. This will get thrown out. [/quote] ...and if not thrown out then settled quickly. Discovery in a privacy case seldom comes out well IMO. There will be something somewhere that would reflect poorly on Apple. Doesn't the media always find something?