I respectfully dissent.
Section 1747.08 of the Civil Code1 was enacted to prevent any retailer such as defendant Apple Inc. from collecting and exploiting the personal identification information of consumers who use credit cards to make their purchases. Plaintiff’s complaint sufficiently states a cause of action under this statute: it alleges that defendant required and recorded plaintiff’s address and telephone number as a condition to his online purchases of electronically downloadable products, and that defendant’s actions were not otherwise permitted by the statute. In holding to the contrary, the majority relies on speculation and debatable factual assumptions to carve out an expansive exception to section 1747.08 that leaves online retailers free to collect and use the personal identification information of credit card users as they wish.
I.
Because this case comes to us on a demurrer, “we review the allegations of the operative complaint for facts sufficient to state a claim for relief. In doing so, we treat the demurrer as admitting all material facts properly pleaded. ‘ “Further, we give the complaint a reasonable interpretation, reading it as a whole and its parts in their context.” ’ [Citation.]” (C.A. v. William S. Hart Union High School Dist. (2012) 53 Cal.4th 861, 866 [138 Cal.Rptr.3d 1, 270 P.3d 699].)
Plaintiff seeks statutory penalties for defendant’s alleged violations of section 1747.08, a statute enacted to “ ‘protect the personal privacy of consumers who pay for transactions with credit cards.’ ” (Pineda v. Williams-Sonoma Stores, Inc. (2011) 51 Cal.4th 524, 534 [120 Cal.Rptr.3d 531, 246 P.3d 612] (Pineda); see Archer v. United Rentals, Inc. (2011) 195 Cal.App.4th 807, 827 [126 Cal.Rptr.3d 118].) Subdivision (a) of section 1747.08 (section 1747.08(a)) provides: “Except as provided in subdivision (c), no person, firm, partnership, association, or corporation that accepts *157credit cards for the transaction of business shall do any of the following: [5Q . . . HI (2) Request, or require as a condition to accepting the credit card as payment in full or in part for goods or services, the cardholder to provide personal identification information, which the . . . corporation accepting the credit card . . . records upon the credit card transaction form or otherwise.” For purposes of the statute, subdivision (b) of section 1747.08 (section 1747.08(b)) defines “personal identification information” as “information concerning the cardholder, other than information set forth on the credit card, and including, but not limited to, the cardholder’s address and telephone number.” Subdivision (c) of section 1747.08 (section 1747.08(c)) states in pertinent part that section 1747.08(a) does not apply if, among other things, the person or entity accepting the credit card is contractually obligated to provide personal identification information in order to complete the credit card transaction (§ 1747.08(c)(3)(A)), or is obligated by federal or state law or regulation to collect and record such information (§ 1747.08(c)(3)(C)), or requires the information “for a special purpose incidental but related to the individual credit card transaction, including, but not limited to, information relating to shipping, delivery, servicing, or installation of the purchased merchandise, or for special orders” (§ 1747.08(c)(4)).
Plaintiff’s complaint contains the following allegations, some of which are based on information and belief. Plaintiff purchased media downloads from defendant on various occasions in 2010. Defendant’s Web site would not permit plaintiff to obtain his purchases by credit card unless he first provided his telephone number and address. Such personal information was not required by the credit card processing company to complete the transaction. But even if the credit card processing company required a valid billing address and credit card identification number, under no circumstance would plaintiff’s telephone number be required to complete the purchase transaction. Defendant “records each consumer’s personal information, including, but not limited to a telephone number and address, in line with each credit card transaction, and keeps records of such personal information.” Defendant “is not contractually obligated to provide a consumer’s telephone number and/or address in order to complete the credit card transaction,” nor is defendant required to record such personal information under federal or state law or regulation or for any incidental purpose such as shipping.
Assuming the truth of these allegations, they establish that defendant required and recorded plaintiffs personal identification information when plaintiff used his credit card to make purchases, and that none of the exceptions listed in section 1747.08(c) applied, at least as to some of the information taken. Accordingly, plaintiff’s complaint adequately states a cause of action for violation of section 1747.08.
*158H.
The majority implicitly agrees that defendant’s conduct falls within the plain terms of section 1747.08(a). (See maj. opn., ante, at p. 137.) The majority holds, however, that plaintiff was not entitled to protection of his personal identification information because online credit card purchases of electronically downloadable products are categorically exempt from the statute’s application. (Maj. opn., ante, at pp. 133, 140, 150.) Although recognizing this is a question of statutory construction, the majority reaches a result that is contrary to the terms, purpose, and legislative history of section 1747.08.
The rules governing statutory construction are uncomplicated and settled. When construing a statute, our goal “is to ascertain the intent of the lawmakers so as to effectuate the purpose of the statute.” (Estate of Griswold (2001) 25 Cal.4th 904, 910 [108 Cal.Rptr.2d 165, 24 P.3d 1191].) We look first to the language of the statute, mindful that the words “ ‘ “should be given the meaning they bear in ordinary use. [Citations.]” ’ ” (DiCampli-Mintz v. County of Santa Clara (2012) 55 Cal.4th 983, 992 [150 Cal.Rptr.3d 111, 289 P.3d 884].) Judicial construction, and judicially crafted exceptions, are appropriate only when literal interpretation of a statute would yield absurd results or implicate due process. (Cassel v. Superior Court (2011) 51 Cal.4th 113, 124 [119 Cal.Rptr.3d 437, 244 P.3d 1080]; In re C.H. (2011) 53 Cal.4th 94, 107 [133 Cal.Rptr.3d 573, 264 P.3d 357].) Otherwise, a statute “must be applied in strict accordance with [its] plain terms.” (Cassel, at p. 124.) “ ‘ “Only when the statute’s language is ambiguous or susceptible of more than one reasonable interpretation, may the court turn to extrinsic aids to assist in interpretation.” [Citation.]’ ” (In re Ethan C. (2012) 54 Cal.4th 610, 627 [143 Cal.Rptr.3d 565, 279 P.3d 1052].) Under no circumstance, however, may the court “ ‘under the guise of construction, rewrite the law or give the words an effect different from the plain and direct import of the terms used.’ [Citation.]” (Dicampli-Mintz, at p. 992.) In this regard, the court “ ‘ “must assume that the Legislature knew how to create an exception if it wished to do so____” [Citation.]’ ” (Ibid.)
Section 1747.08(a) contains language broadly stating that “no person, firm, partnership, association, or corporation that accepts credit cards” shall request or require the cardholder to provide personal identification information and cause it to be recorded. Section 1747.08(a) flatly states its proscriptions shall apply “[e]xcept as provided in subdivision (c).” Section 1747.08(c) lists *159various business-related reasons for which the requesting, requiring, or recording of personal identification information does not violate section 1747.08(a). Virtually all of these exceptions could apply either in online credit card purchase transactions, or in face-to-face purchase transactions occurring at brick-and-mortar establishments.2 There is nothing in subdivision (a), (b), or (c) suggesting a literal construction of section 1747.08 would implicate due process or result in absurd consequences.
Subdivision (d) of section 1747.08 (section 1747.08(d)) lists one additional proviso to the statute’s application. It clarifies that no person or entity subject to the statutory proscriptions is prohibited “from requiring the cardholder, as a condition to accepting the credit card as payment in full or in part for goods or services, to provide reasonable forms of positive identification,” such as a driver’s license or other form of photo identification, “provided that none of the information contained thereon is written or recorded.” (Ibid.) Section 1747.08(d) further provides that if the cardholder uses a credit card number to pay for the transaction without making the “card available upon request to verify the number, the cardholder’s driver’s license number or identification card number may be recorded.” Unlike section 1747.08(c), section 1747.08(d) makes no allowance for the recording of a cardholder’s address or telephone number. Instead, it permits retailers to require presentment of reasonable forms of positive identification, and when the credit card itself is not made available, to write down a license number or other photo identification card number.
Had section 1747.08(d) been written to require retailers to demand and visually inspect a cardholder’s driver’s license or other photo identification card as a condition of accepting a credit card, then one might reasonably infer the proscriptions of section 1747.08(a) could have no application to online credit card transactions given the asserted impossibility of complying with the statutory commands. As it stands, however, section 1747.08(d) is merely permissive and thus poses no barrier or difficulty to an online retailer’s compliance with the entirety of the statute. Moreover, section 1747.08(d) does not, in any event, permit the recording of addresses or telephone *160numbers for card-not-present purchases at brick-and-mortar establishments.3 Finally, there is nothing in this or any other subdivision in section 1747.08 that requires retailers, of any sort, to accept credit cards for purchases when they deem the risk of fraud or identity theft unacceptable. Hence, the statutory terms reflect a legislative determination that heightened privacy interests in personal information such as addresses and telephone numbers outweigh the necessity or usefulness of such information for any supposed fraud prevention purpose in card-not-present transactions.
In sum, applying section 1747.08(a) to online retailers flows logically from the plain meaning of the statute, is not absurd, and fully promotes the legislative objective to protect the personal identification information of credit card users against exploitation by retailers. Under these circumstances, we are bound to construe section 1747.08 “in strict accordance with [its] plain terms.” (Cassel v. Superior Court, supra, 51 Cal.4th at p. 124.)
Undeterred by the plain language of section 1747.08, the majority emphasizes the substantive provisions of section 1747.08 were first enacted “almost a decade before online commercial transactions became widespread.” (Maj. opn., ante, at p. 136.) From this the majority posits “[w]e cannot assume that the Legislature, had it confronted a type of transaction in which the standard mechanisms for verifying a cardholder’s identity were not available, would have made the same policy choice as it did with respect to transactions in which it found no tension between privacy protection and fraud prevention.” (Id. at p. 140.) The majority views section 1747.08(d) as demonstrating “the Legislature’s intent to permit retailers to use and even record personal identification information when necessary to combat fraud and identity theft” (maj. opn., ante, at p. 140), but finds such provision has no application to online transactions because “an online retailer cannot visually inspect the credit card, the signature on the back of the card, or the customer’s photo identification” (id. at pp. 140-141). According to the majority, the Legislature did not intend for section 1747.08 to apply to online credit card transactions “[bjecause the statutory scheme provides no means for online retailers ... to protect against credit card fraud . . . .” (Maj. opn., ante, at p. 143.)
Even assuming resort to extrinsic aids is appropriate, the majority bases its construction of section 1747.08 on two critical, but flawed, assumptions. The first assumption is that the legislative intent underlying the statute is not limited to protecting consumer privacy, but also extends to protecting consumers and retailers from “undue risk of fraud.” (Maj. opn., ante, at p. 139.) *161The second is a factual assumption—that the personal identification information defendant allegedly demanded and recorded here, i.e., cardholder addresses and telephone numbers, are “necessary to combat fraud and identity theft” in online credit card transactions. (Maj. opn., ante, at p. 140.) As demonstrated below, there is no legislative source to support the former assumption, and no factual basis in the complaint or judicially noticeable materials to support the latter.
The language of section 1747.08 reflects its underlying purpose is to safeguard consumer privacy by prohibiting any person or entity from requiring, requesting, or recording personal identification information when such information is unnecessary to complete a credit card transaction. That section 1747.08 has no primary antifraud purpose is demonstrated by its terms: the statute does not purport to require retailers to take antiffaud measures; nor does it condition its protections on a retailer’s ability to protect against credit card fraud.
The legislative history is in accord. As we recently explained in our unanimous opinion in Pineda, supra, 51 Cal.4th 524, the Legislature enacted the predecessor to section 1747.08 in order “to provide robust consumer protections by prohibiting retailers from soliciting and recording information about the cardholder that is unnecessary to the credit card transaction.” (Pineda, at p. 536.) The precise concern prompting the Legislature’s action was that retailers were acquiring this additional but unnecessary personal information “ ‘for their own business purposes—for example, to build mailing and telephone lists which they can subsequently use for their own in-house marketing efforts, or sell to direct-mail or tele-marketing specialists, or to others.’ ” (Id. at pp. S34—535.)4
Significantly, neither Pineda nor the legislative history itself mentions a legislative intent to protect retailers from undue risk of fraud. That is not surprising, because the Legislature enacted the consumer privacy protections with the understanding that a retailer was not put at risk of loss from fraud, so long as the retailer complied with the card issuer’s operating procedures for credit card transactions. (See Dept. of Consumer Affairs, Enrolled Bill Rep. on Assem. Bill No. 2920 (1989-1990 Reg. Sess.) July 21, 1990, p. 2 (Enrolled Bill Report) [“the credit card issuer guarantees payment to the retailer if proper procedures are followed (even if the consumer does not pay the credit card company)”].) Thus, notwithstanding counsel’s factual assertions at oral argument (see maj. opn., ante, at p. 141), the relevant legislative *162history undercuts the majority’s theory that retailer protection was a principal objective of section 1747.08.
Although the legislative history discloses a concern about credit card fraud, such concern pertained specifically to the circumstance that recordation of unnecessary personal information posed a fraud risk to the cardholder, not the retailer, because the information could be used “in conjunction with the credit card number to order goods by phone or mail and charge it to the cardholder” or “to apply for other sources of credit in the cardholder’s name.” (Enrolled Bill Rep., supra, at p. 2 [“By the time the subterfuge is discovered, the consumer’s credit and credit history could be severely damaged.”].) Yet, despite this awareness in 1990 that credit cards were being used to “order goods by phone or mail” (ibid.), the Legislature provided no exception to section 1747.08’s applicability for mail-order and telephone order (MOTO) purchases.
Like retailers that accept credit cards for online purchases, those that accept credit cards for MOTO transactions have no opportunity to visually inspect a driver’s license or other forms of photo identification as allowed by section 1747.08(d). That online and MOTO retailers appear similarly situated in this regard renders implausible the majority’s theory that the Legislature would not have intended “section 1747.08(a)’s prohibitions to apply to [online] transactions despite the unavailability of section 1747.08(d)’s safeguards.” (Maj. opn., ante, at p. 141.) The majority offers no reason, cogent or otherwise, why the Legislature, having enacted section 1747.08’s privacy protections without an exception for MOTO transactions, would not also contemplate applicability of the statutory protections to other card-not-present transactions such as those occurring online.
The majority additionally views section 1747.08(d) as demonstrating “the Legislature’s intent to permit retailers to use and even record personal identification information when necessary to combat fraud and identity theft.” (Maj. opn., ante, at p. 140, italics added.) But again, neither the language nor the history of section 1747.08 indicates this to be the case, and we may assume the Legislature knew how to create such an exception had it intended to do so. (DiCampli-Mintz v. County of Santa Clara, supra, 55 Cal.4th at p. 992.) In any event, this matter comes to us on a demurrer, and there is nothing in the record from which we may discern that both cardholder addresses and telephone numbers are necessary to combat online fraud and identity theft. Because the necessity issue is a factual one that appears open to reasonable debate, it seems a particularly inappropriate basis for sustaining a demurrer and judicially limiting the plain reach of section 1747.08.
Finally, the majority views the enactment of the California Online Privacy Protection Act of 2003 (Bus. & Prof. Code, § 22575 et seq.; COPPA) as *163signifying that “when the Legislature intends to address online transactions, it does so unambiguously.” (Maj. opn., ante, at p. 148.) This conclusion appears incongruous with the majority’s express acknowledgement that courts do not rely on “wooden construction of [statutory] terms” when “construing statutes that predate their possible applicability to new technology.” (Id. at p. 137 [“ ‘Drafters of every era know that technological advances will proceed apace and that the rules they create will one day apply to all sorts of circumstances they could not possibly envision.’ ”]; e.g., O’Grady v. Superior Court (2006) 139 Cal.App.4th 1423 [44 Cal.Rptr.3d 72] [holding that petitioners’ Web sites qualify as periodical publications under the Cal. reporter’s shield law].)
COPPA’s disclosure requirements do nothing to restrict an online retailer’s use of a consumer’s personal identification information; nor do they prevent the sharing or sale of such information. True, consumers who are not satisfied with a retailer’s posted privacy policy may always decline to purchase the retailer’s products. But today’s decision deprives consumers of section 1747.08’s additional safeguards, which in contrast to COPPA make retailers bear the burden of privacy protection. The majority’s interpretation of section 1747.08 foists this burden onto consumers, leaving consumers unable to freely use their credit cards for online purchases without surrendering their personal identification information.
m.
Pure and simple, a literal interpretation of section 1747.08 that includes online credit card transactions within its scope promotes the Legislature’s intent to scrupulously protect the privacy of credit card users and is not absurd. This interpretation is also consistent with our unanimous opinion in Pineda, supra, 51 Cal.4th 524, which recognized that section 1747.08’s “overriding purpose was to ‘protect the personal privacy of consumers who pay for transactions with credit cards’ ” (Pineda, at p. 534) and “to provide robust consumer protections by prohibiting retailers from soliciting and recording information about the cardholder that is unnecessary to the credit card transaction” (id. at p. 536). I see no reason to depart from Pineda’s conclusion that protecting consumer privacy is the “evident purpose of the statute.” (Ibid.)
If defendant and other retailers wish to demonstrate that section 1747.08 is ill suited to the online industry because the collection of personal identification information presently serves a valid antifraud function, they may make their case to the Legislature. Unlike this court, the Legislature would have the opportunity to take evidence on the issue, to weigh the antifraud utility of such information against the potential of its misuse and exploitation, and, if *164appropriate, to craft a balanced statutory exception that preserves the privacy interests of consumers while responding to legitimate antifraud and identity theft concerns of online retailers. Unfortunately, today’s decision relies on speculation and debatable factual assumptions to wholly strip online credit card users of the statutory consumer privacy protections, leaving online retailers free to require personal identification information as a condition of credit card acceptance and to use such information for whatever purposes they wish. Rather than fashioning such an expansive exception to section 1747.08, this court should have given effect to its plain terms and left it to the Legislature to address defendant’s claims of competing policy interests.
Kennard, J., and Jones, J.,* concurred.
A11 further statutory references are to this code unless otherwise indicated.
E.g., section 1747.08(c)(1) (credit card used as deposit to secure payment); section 1747.08(c)(2) (cash advance transactions); section 1747.08(c)(3)(A) (personal identification information contractually required to complete the credit card transaction); section 1747.08(c)(3)(C) (information required by federal or state law or regulation); section 1747.08(c)(4) (information necessary for special purpose incidental but related to the individual credit card transaction, such as shipping, servicing, or installation).
Consistent with this conclusion, the majority concedes “section 1747.08(d) does not permit Apple to collect a billing address in the course of an online transaction.” (Maj. opn., ante, at p. 142.)
At this stage in the proceedings, defendant has not filed an answer or given an explanation as to why it collects the addresses and telephone numbers of cardholders and what it does with such information.
Presiding Justice, Court of Appeal, First Appellate District, Division Five, assigned by the Chief Justice pursuant to article VI, section 6 of the California Constitution.