Compu Credit agreed to a settlement that included crediting 4 million to the accounts of affected cardholders and paying a .4 million penalty.
"As a general rule, the specific transaction information is not transmitted to the issuing bank.
It's not only your retail purchases, but your online purchases. Some people pay for their utilities with credit cards." Federal financial privacy laws (Regulation P) prohibit credit card issuers from sharing your personal and payment information with third parties not affiliated with the issuer (except under court order or when fraud is involved).
Banks must send annual copies of their privacy policies to cardholders, but the law does not govern what the issuer does with payment information internally.
According to the lawsuit, Compu Credit used an undisclosed behavioral scoring model to track customer purchases.
The company lowered credit limits on cardholders who shopped at certain establishments or used certain services, including pawnshops, massage parlors, tire retread shops, marriage counselors and bars and nightclubs.