But the state Supreme Court earlier this month sided with Apple, saying those consumer protections don't apply to downloadable products like iTunes songs and videos.
"It throws out all privacy protections for people doing online purchases for downloads. And we think the next step will be for any online commerce," said Richard Holober with the Consumer Federation of California.
Assemblyman Roger Dickinson is trying to fix that with a bill that would extend current privacy protections to online stores but still allow companies to be able to detect credit card fraud. That means getting rid of a customer's information shortly after the purchase.
"They can't aggregate that with other bits of information to develop all sorts of profiling about you as a consumer, your habits," said Holober.
Online retailers are already concerned. Many companies are based outside California and feel state lawmakers have no jurisdiction. Plus, the measure spoils one of the conveniences of cyber shopping if customer information can't be kept.
"Consumers often times opt in to allow their information to be stored by the retailers so that when they return again for another purchase, the retailer knows who they are. That's a great experience for an online shopper," said Rebecca Madigan with Online Performance Marketing.
Many iTunes customers say they look forward to more privacy.
"It actually kind of worries me. It might be dangerous to give out more personal information than you have to," said Shawna Pierce.
In court documents, Apple never said why it needed personal information and what it did with it. Similar privacy cases are pending against eHarmony and Ticketmaster.