Best Buy's practice of scanning the magnetic card strip of the drivers' licenses of customers who made returns was not a violation of any privacy law, the Eleventh Circuit ruled last month. The court agreed with and affirmed the district court's ruling that plaintiff Steven Siegler did not have any valid claim for relief under the Drivers' Protection Privacy Act ("DPPA").
Siegler, who was hoping to launch a class action suit against Best Buy, was a customer who was attempting to return a computer mouse that he had purchased the day before. Per the store's policy for returns, the cashier requested Siegler's drivers' license, which was voluntarily handed over and swiped by the cashier. Siegler then demanded that the information derived from that scan be deleted, but the store said they were unable to do so.
The relevant parts of the DPPA state that, "A person who knowingly obtains, discloses or uses personal information, from a motor vehicle record, for a purpose not permitted under this chapter shall be liable to the individual to whom the information pertains, who may bring a civil action in a United States district court."
The district court claimed that a plain reading of the DPPA makes it rather obvious that the Act was meant to protect the disclosure or obtaining of information from the actual Florida DMV, hence "a motor vehicle record." Here, any information was obtained from the drivers' license and essentially from the driver Siegler himself who had, more or less, volunteered the information himself.
The court also went on to clarify that the main focus of that protection was meant to ensure that state government DMV workers essentially would not snoop around in customers government records in their official capacity. Therefore, Best Buy does not fall into the scope of who the rule was applied to.
In short, the DPPA is essentially irrelevant here because it's meant to protect information from actual records at the DMV, not at a store.