Skip to main content

Massachusetts Zip Code Class Action: Take 3

Written by Amy Malone

Another class action suit has been filed in Massachusetts in the zip code wars.  This time, the target is instrument retailer Guitar Center for allegedly requesting customers to provide their zip codes when making purchases with a credit card in contravention of Mass. Gen Laws ch. 93§ 105(a).  Zip code class action suits started in California against retail giant Williams-Sonoma, and last year they found their way to Massachusetts in a case filed against national craft retailer, Michaels Stores.   We discussed that case in some detail, here.

The Massachusetts Michaels case was dismissed from the U.S. District Court for the District of Massachusetts in January of 2013, but questions of law were sent from the federal court to the Massachusetts Supreme Judicial Court.  The big questions referred to the SJC for determination under Massachusetts law, were (1) whether a zip code is personal identification information (“PII”) under § 105 (a) and (2) whether a complainant could state a cognizable claim under that section without suffering identity theft.   The court ruled that zip codes are personal information under the law and identity theft is not a necessary element in arguing a valid claim.

The SJC ruling kicked opened the door for lawsuits in Massachusetts against major retailers that collect zip codes when processing credit cards.  Currently there are two class actions pending against Bed, Bath and Beyond (complaints are here and here) and now there this week's filing against Guitar Center.  The Nielan_v_Guitar_Center_complaint is very similar to the Bed, Bath and Beyond complaints: claiming that Guitar Center harmed plaintiffs by unnecessarily collecting zip codes when customers completed purchases with credit cards.   Credit card companies do not require zip codes to be collected in order to process transactions.

The plaintiffs claim they suffered injury due to (1) receiving unwanted marketing material and (2) through Guitar Center’s misappropriation of their economically valuable PII without consideration.  The SJC listed receiving unwanted marketing material and the sale of a customer’s PII as two possible injuries under a merchant’s violation of §105(a).

Plaintiffs in the Bed, Bath, and Beyond cases as well as the Guitar Center litigation are requesting statutory damages of $25 per violation as well as treble damages.



Subscribe To Viewpoints


Cynthia J. Larose

Member / Co-Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.