European Data Protection Digest

Customer Service Requirement Raises Concerns

FINANCIAL PRIVACY—UK

January 20, 2012

COMPUTERWORLD UK reports on a controversial procedure conducted by London department store Fortnum & Mason asking customers who are returning items to e-mail their credit card details. A company spokesman said no payment details are stored by the organisation. According to the article, a customer service e-mail sent to a customer said credit card details--including card type, name on the card, number, expiry date and security code--were required to get a refund. Though the company said it would destroy the information once the transaction went through, one security expert criticised the company's current practice as "weak."
Full Story