Fantastic news! If you were on the hook for not fully complying with credit card privacy laws, your honest intentions are now enough to protect you from costly lawsuits.

In a legal nutshell, the new law holds businesses accountable for violating privacy standards only if it led to the customer suffering damages.

It’s a case of where smaller businesses won’t get stung by the law unless someone got burned.

Under a law enacted in late 2006, businesses and merchants that accepted debit or credit cards were ordered to help protect customers from ID theft.

Under those rules, merchants had to make sure receipts showed only the last five digits of the credit card number, and didn’t disclose the expiration date.

Otherwise, businesses could be docked $100 to $1,000 for each “willful violation.”

The trouble began when businesses across the U.S. and several heavy-hitter retailers found themselves facing court – and hefty fines – for failing to omit when the cards expired.

Prosecuting these cases was unfair, attorneys argued, because the businesses that listed only the truncated account numbers were trying to follow the law. Besides, expiration dates had very little role
in ID theft.

There’s a happy ending: Businesses won’t be forced to raise prices to cover higher costs, and countless lawsuits will be avoided.

Tags: credit card, customer, ID fraud