Best Buy uses The Retail Equation, Inc., (TRE) who says the info they capture "includes identification number, name, address, date of birth and expiration date" (http://www.theretailequation.com/CFaqs.aspx).

I have been notified by two major banks who have compromised my credit card info. Think I trust TRE, who's company profile lists 25-50 employees, to provide the resources to keep it safe? No way.

I think it's time to cue the tin foil hat.

Anyone here posting a disclaimer that they "don't work for Best Buy" blah, blah, blah, probably does, so I would discount those posts. Some here want to distort the argument - I don't think anyone is objecting to "showing" a driver's license to verify identity. It is the recording (with other personal data), tracking and lack of transparency we object to (e.g., asking to see your license and then punching in the data without asking). I personally don't have a problem using your DL to track no-receipt returns, as long as no other personal info is associated with it - Target does this now but lets you know it is JUST the number and nothing else, and only if you have no receipt. 

Best Buy already tracks Reward Zone customer purchases and returns, or those made by credit/debit card (they don't need your cc when charging back to your account). At least they could have easily exempted such returns from the new policy (reward zone customers with the credit card used for the purchase present at the time of return). But they took the easy way out and are apparently willing to risk the privacy of even some of their best customers.

I believe it is a short-sighted decision that won't save money in the long run. The cost of any data breach to a company can be huge, and is much worse if government issued ID is involved. This new policy is aggravating some of their best customers and doesn't address the number one source of retail shrinkage - employee theft.

If you're a Reward Zone member, doesn't Best Buy already have your name, address, and phone number?

Why aren't there concerns expressed about the privacy of information in that situation? 

In fact, when I go to BBY to make a purchase, and don't have my RZ card, they ask for my phone number to look it up. Then, my name and address appear on the screen of the credit card swipe machine, where I am supposed to verify it is correct.

To me, that seems less secure than the TRE thing that's been discussed. I don't know what that company collects - does it include driver's license number? Or is it just name and address? If they require a DL number, then how can passports be accepted? 

Anyway, my point is that RZ customers have already provided their name, phone number, and address to Best Buy. And that info is, in theory, available to any employee that has access to the POS system.

I don't think that's the case with the DL info that's sent to TRE. I checked out their website and it sounds like they are the ones who store the information, not the retailer. If that's the case, then Best Buy employees wouldn't have access to a person's personal data. Unless they are taking your ID out of your sight (to provide them an opportunity to copy down your information), or unless they have a photographic memory, I don't see how the employee processing your return could steal your DL data.

Actually, I think people put themselves at much greater risk every time they provide their credit card to a waiter/waitress at a restaurant. We often don't realize how long that card is out of our possession - ANYTHING could be happening with it. It would take just a minute for someone to write the number, expiration date, name AND the security code on the back.

Wow. You Best Buy schills can be thick. Those are exactly the problems:  1. Best Buy ALREADY has address info, etc., in their database, and therefore all the ingredients for identity theft when said database is hacked. 2. A DL is a primary, gov't issued ID, which can be used to get a replacement birth certificate, making a breach much worse than address info 3. Compromised Credit Card info isn't a big deal because you're not responsible for any fraudulent charges 4. TRE won't confirm who "owns" the server where the data is stored, whether Best Buy, TRE or some 3rd party in India or China, but does confirm Best Buy owns the data 5. If it is a TRE-owned server, is that supposed to be a comfort? That a company with 25-50 employees has the capacity to implement and maintain rigorous physical & electronic security protocols? What we do know is that, if owned by TRE, said server will likely go to the auction block, probably with data intact, if TRE goes under.

In short, there is no such thing as a secure database, which is why best-practice security protocols call for separation of critical data (hacking one database will only get them one piece of data) and storage of only that data which is absolutely necessary. I DO NOT consider it necessary for Best Buy to permanently store my government ID data in order to conduct their return tracking program.

A very valid concern, enuf. I guess what it boils down to is that now WE DON"T REALLY KNOW what Best Buy's return policy is. They won't disclose what constitutes "too many" returns. And is it tracked along with purchases? If I purchase 5 items and return 4 in one month, is that excessive? What about the person who purchases 12 items and returns 4? Will they also be cutoff from further returns? And for how long?

And what about the reason for the return? Does an item returned sealed, unused count the same as an opened item? Does a defective item count the same as one the customer who just decided they no longer wanted? How about the return period. Does a "renter" who returns an item at the deadline count the same as a customer who returns an item the day after purchase? 

Bottom line: Too many questions, too many potential problems, too much evasiveness and lack of good faith on the part of Best Buy. I'd rather deal with mailing an item back to New Egg (after getting it at a much lower price).