Kelleher v. Eaglerider, Inc., 2010 WL 4684037 (N.D.Ill., Nov. 10 2010)
The Fair and Accurate Credit Transactions Act of 2003 (FACTA) prohibits any “person that accepts credit cards or debit cards for the transaction of business” from “print[ing] more than the last 5 digits of the card number or the expiration date upon any receipt provided to the cardholder at the point of the sale or transaction.” 15 U.S.C. § 1681 c(g)(1). The prohibition applies only to receipts that are “electronically printed.” Id. § 1681 c(g)(2).
Plaintiffs used the web to book reservations to rent motorcycles from defendant. At the end of the reservation process, the plaintiffs allegedly saw on their computer screens their credit cards’ expiration dates. So they sued under FACTA.
Defendant moved for summary judgment. The court granted the motion.
The court looked to the recent Seventh Circuit case of Shlahtichman v. 1-800 Contacts, Inc., which it found to resolve the present dispute. In Shlahtichman, the court considered whether an email confirmation of a purchase, showing the credit card’s expiration date, was “electroncially printed” under FACTA. It answered the question in the negative, finding that “when one refers to a printed receipt, what springs to mind is a tangible document.” FACTA’s language, “as a whole clearly shows that the statute contemplates transactions where receipts are physically printed using electronic point of sale devices like electronic cash registers or dial-up terminals.”
December 8, 2010
Glad to see that the courts will not be the dupe of people who want to distort the clear intent of the statute in order to collect damages that they have not suffered.
FACTA is clearly intending to prevent full credit card info (including expiry date) that someone could use to buy things, from falling into the hands of someone other than the cardholder. Showing the information on the screen to the cardholder hardly presents the same risk. There is no reason to assume that FACTA intended to reduce the risks from shoulder-surfing (and it's not clear that the numbers were displayed in a form that anyone not right in front of the screen could see).
The more interesting case would be if someone were claiming that the screen shot validated the transaction, rather than being the ground for collateral attack ('collateral' because the issue in this case and the one cited had nothing to do with the transaction itself.)