Articles Posted in Data Technology, Privacy & Security

Published on: July 19, 2017

Hotel Cybersecurity: Protecting your guests and your property from vendor data breaches

By Jim Butler and the Global Hospitality Group®

19 July 2017

Click here for the latest articles on Data Technology, Privacy & Security.

Hotels rely on third-party vendors to help run their properties efficiently, and often must give them access to sensitive guest data. This leaves hotels vulnerable to cyber attacks; they’re only as secure as their vendors are, and may find themselves directly liable for a data breach. My partner Bob Braun, senior member of JMBM’s Global Hospitality Group® and co-chair of JMBM’s Cybersecurity and Privacy Group, discusses recent hotel cybersecurity breaches and how hotel owners can protect themselves.
Hotel data breaches
It’s not you, it’s your “friends”
by
Robert E. Braun
July was another notable month for hotel data breaches – on a single day, several well-known hotel brands and managers, including Four Seasons, Trump Hotels, Hard Rock Hotels & Casinos and Loews Hotels all announced that customer data may have been compromised as a result of a security failure. Each of the incidents is related to Sabre Hospitality Solutions’ credit card data breach in its SynXis hotel-reservations system, which Sabre first announced in a quarterly filing with the Securities and Exchange Commission on May 17. Based on Sabre’s investigation, Sabre announced that the breach was contained to “a limited subset of hotel reservations,” but the incident did allow an unauthorized party to access cardholder names, payment card numbers, card expiration dates, card security codes for some, and, in some cases, guest name, email, phone number and address.

Moreover, the duration of the breach was long quite long. Sabre’s investigation determined that the unauthorized party first obtained access to payment card and other reservation information on August 10, 2016, and the last access to payment card information was on March 9, 2017. The hackers had potential access for seven months.

CONTINUE READING →

Published on: February 1, 2017

Hotel Cybersecurity: What can happen when hackers strike?

By Jim Butler and the Global Hospitality Group®

1 February 2017

Click here for the latest articles on Data Technology, Privacy & Security.

Theft of confidential data by hackers is a major threat to businesses worldwide and the hotel industry is no exception. Hoteliers remain vulnerable to hackers seeking confidential information such as guests’ credit card data and employees’ personal information. They are also vulnerable in other ways. In a recent hotel breach, the hackers did not go after confidential data, but rather sought a ransom payment after taking control of the hotel’s technology. My partner Bob Braun, senior member of JMBM’s Global Hospitality Group® and co-chair of JMBM’s Cybersecurity and Privacy Group, describes what happened, and shares what hotels can do in response to such threats.
Hotels and Ransomware — Something Special
by
Robert E. Braun
Last year, at the Global Hospitality Group’s Meet the Money™ Conference, I participated in a panel on Cybersecurity and we discussed how cybersecurity issues affect the hotel industry. One of the comments was that hotels, more than most private industries, have to take into account the kind of physical harm that might be done by a hacker. We noted that not only are guest information systems targets, but also the life and safety systems – HVAC, elevators, electricity and so on. We concluded that while financial theft could impact a hotel and its reputation, a hack of the physical structure of a business could put the hotel out of business.

Locked Out

Our discussion turned out to be prescient when, this week, Romantik Seehotel Jaegerwirt, in the Austrian Alps, had their systems frozen by hackers, which resulted in the complete shutdown of hotel computers.

The 111-year-old hotel had already been targeted by hackers twice. This time, however, the hackers breached the key card system, made it impossible for guests to enter their rooms and prevented the front desk from reprogramming cards.

The hackers demanded €1500 in Bitcoin, promising that control of the key card system and room locks would be returned. Management of the hotel, fully occupied at the beginning of the winter season, chose to pay the ransom, rather than attempt a solution that could have taken significant time and harmed their 180 guests. CONTINUE READING →

Published on: May 10, 2016

Hotel Cybersecurity: Closing the doors before the horses leave the barn

By Jim Butler and the Global Hospitality Group®

10 May 2016
Click here for the latest articles on Data Technology, Privacy & Security

One of the great breakout sessions at our recent Meet the Money® hotel conference in Los Angeles was organized by my partner Bob Braun and moderated by Jeff Higley of HotelNewsNow. I was particularly impressed by the panel’s evidence of how costly cybersecurity breaches can be, how much can be done to prevent or limit exposure, and how reasonable the cost can be for a pro-active approach.

Here is Bob Braun’s summary of this panel last week in Los Angeles. This is a compelling call for an ounce of prevention. . .

5 Cybersecurity takeaways from Meet the Money®
by
Bob Braun, Hotel Lawyer and Data Security Advisor
Meet the Money® changes with the times, and the 2016 conference showcased the first panel on Cybersecurity in the hospitality industry – “Who’s Knocking at Your Digital Door,” featuring Bob Braun, from JMBM’s Global Hospitality Group and Co-Chair of the Firm’s Cybersecurity and Privacy Group; Bob Justus, of Optiv Security; Brad Maryman, from Maryman & Associates; Christian Ryan, from MARSH; and Kevin Shamoun, from Zeamster. Jeff Higley, of STR/HotelNewsNow.com moderated the panel.

The panelists, representing technical, legal law, law enforcement, insurance and payment systems, identified key cybersecurity challenges for the hospitality industry. Five key takeaways were:

Compliance does not equal security. Each of the panelists agreed that while meeting legal and business requirements is essential, compliance does not necessarily achieve real cybersecurity — completing checkboxes on a task list or questionnaire is only a first step. The panelists noted that each of the major hotel breaches in the last year, which involved every major hotel chain, implicated point of service credit card systems that complied with industry standards. Hotels and hotel companies need to look beyond complying with standardized requirements and has to evaluate their own risk profile and apply meaningful security plans.
Informed response is better than instant response. Too many organizations make the mistake of reacting before they think, especially when reporting a breach. Data breaches can be complicated matters, and it is essential to understand the scope of the breach, the data and individuals involved, and how a firm can remediate the source of the problem before disclosure. There is no question that speed is important, but some breaches do not require notification, while acting without ascertaining the facts can require multiple notifications, which is damaging to reputation and sends the wrong message.
Credit cards are not the only risk. While much focus is placed on the theft of credit card numbers, hotels must consider other risks. Hotels and hotel companies hold massive amounts of sensitive personal information that can be used to steal a guest’s identity. Moreover, hotels need to consider more than data; the interconnection of systems means that breaking into a financial structure can give a hacker access to door locks, heating and air conditioning systems, electrical, plumbing and other key structural and physical parts of the hotel. What would happen if a hacker flooded a hotel, or opened the doors? This damage can far exceed the damage from lost credit cards, and cause untold damage to the hotel, its brand and owners.

CONTINUE READING →

Published on: January 11, 2016

Not Just Heads In Beds – Cybersecurity for Hotel Owners

By Jim Butler and the Global Hospitality Group®

11 January 2016

Click here for the latest articles on Data Technology, Privacy & Security.

What part do hotel owners play in preventing a cyberattack and the resulting data breach? The hospitality industry relies on its reputation for confidence, and that confidence can be shattered when guests learn that their private information has been compromised. What can hotel owners do and how should they work with brands and management to prevent a cyberattack?

In the article below, my partner, Bob Braun reminds hotel owners that because they are generally required to indemnify brands and managers for costs the managers and brands incur – which could include a costly data breach – it is in the owners’ best interests to have a comprehensive plan in place. This article first appeared in Hotel Business Review in December 2015, and is reprinted with permission from www.hotelexecutive.com.
Not Just Heads in Beds – Cybersecurity for Hotel Owners

by
Bob Braun, Hotel Lawyer and Data Security Advisor
The basics of the hotel business have traditionally been simple: good location, fair prices, appropriate amenities and good service were the keys to success. While those factors are important today, hotels are no longer simply a “heads in beds” business; hotels are increasingly brand-oriented. Brands focus not only on the services and products they sell, but on developing the perception and recognition of the brand associated with those goods and services. That means that hotels, like all brands, need to focus more and more on understanding their customers and how to reach them, whether through loyalty programs, advertising, social media or otherwise.

The upshot of the focus on branding in the hospitality business is that hotels gather lots of information about their guests, ranging from credit card data to addresses, phone numbers, travel plans and preferences, birthdays, and more – all of which are valuable not just to the hotel brands and operators, but to cyberthieves. While hotel companies have understood this for years, they are, along with other customer-intensive industries, learning that collecting that information comes with responsibilities and, possibly, liability.

Cybercrime is big business. In 2014, there were 42.8 million detected security incidents (and, most likely, many more that were never discovered). Estimates of annual cost of cybercrime to the global economy ranges from $375 billion to as much as $575 billion as companies face increased vulnerability, ranging from greater technology available to cybercriminals and new types of cybercrime, like crypto-ransom. Cybercriminals began targeting hotels years ago. In a 2010, a Forbes magazine article quoted Nicholas Percoco, who said that “The hospitality industry was the flavor of the year for cybercrime. These companies have a lot of data, there are easy ways in and the intrusions can take a very long time to detect.” The lesson for hotel owners is that they cannot stand idly by – hotel owners must be proactive by instituting best practices in their own operations, requiring the same from managers, and obtaining insurance coverage to fund the inevitable costs of a breach.

The Wyndham Case

The threat to the hospitality industry became particularly evident in the recent federal court case brought by the Federal Trade Commission (the FTC) against Wyndham Hotels. On August 24, 2015, the Third Circuit United States Court of Appeals issued its ruling in the case FTC v. Wyndham Worldwide Corporation. The case was highly anticipated by the data security community generally for its expected ruling on the authority of the Federal Trade Commission to regulate data security standards, but nowhere was the anticipation more keen than in the hospitality industry. After all, this decision didn’t deal with retailers, banks or dating sites – it addressed a major hotel player and, by implication, all operators, brands and owners in the industry. The decision should be a wake-up call to hotel owners because, as described below, hotel owners may ultimately bear the cost of data breaches involving their hotels. Owners should look at the Wyndham decision as an opportunity to consider whether their brands and managers have taken the steps necessary to protect guests and, ultimately, the hotel owner.

CONTINUE READING →

Published on: November 3, 2015

Wi-Fi blocking is illegal. FCC fines Hilton Hotels and M.C. Dean over Wi-Fi blocking in two new actions

By Jim Butler and the Global Hospitality Group®

03 November 2015

Click here for the latest articles on Data Technology, Privacy & Security.

FCC takes two enforcement actions on Wi-Fi

On November 2, 2015, the FCC issued two separate news releases on Wi-Fi blocking. In one action, the FCC announced a $718,000 fine against M.C. Dean, one of the nation’s largest electrical contracting companies, for blocking personal mobile “hotspots” of convention visitors and exhibitors who tried to use their own data plans at the Baltimore Convention Center to connect to the Internet rather than paying M.C. Dean substantial fees to use the company’s Wi-Fi service.

FCC fines Wi-Fi hotspot provider M.C. Dean

According to the FCC, as the exclusive provider of Wi-Fi access at the Baltimore Convention Center, M.C. Dean charges exhibitors and visitors as much as $1,095 per event for Wi-Fi access. Last year, the Commission received a complaint from a company that provides equipment that enables users to establish hotspots at conventions and trade shows. The complainant alleged that M.C. Dean blocked hotspots its customers had tried to establish at the Baltimore Convention Center. After receiving the complaint, FCC Enforcement Bureau field agents visited the venue on multiple occasions and confirmed that Wi-Fi blocking activity was taking place.

The Enforcement Bureau’s investigation found that M.C. Dean engaged in Wi-Fi blocking at the Baltimore Convention Center on dozens of occasions in the last year. During the investigation, M.C. Dean revealed that it used the “Auto Block Mode” on its Wi-Fi system to block consumer-created Wi-Fi hotspots at the venue. The Wi-Fi system’s manual describes this mode as “shoot first, and ask questions later.” M.C. Dean’s Wi-Fi blocking activity also appears to have blocked Wi-Fi hotspots located outside of the venue, including passing vehicles. The Commission charged M.C. Dean with violating Section 333 of the Communications Act by maliciously interfering with or causing interference to lawful Wi-Fi hotspots.

FCC fines and warns Hilton

In a separate announcement, unrelated except as to the subject matter, the FCC proposed a $25,000 fine against Hilton Worldwide Holdings, Inc. for “apparent obstruction of an investigation into whether Hilton engaged in the blocking of consumers’ Wi-Fi devices”. A consumer complaint alleged that Hilton was blocking visitor’s Wi-Fi in Anaheim, California in order to force them to pay a $500 fee to access Hilton’s Wi-Fi. Other complaints alleged similar Wi-Fi blocking at other Hilton-brand properties. CONTINUE READING →

Published on: September 2, 2015

FCC says blocking FCC-approved Wi-Fi hotspots is “patently illegal” and imposes $750,000 fine on Smart City.

By Jim Butler and the Global Hospitality Group®

02 September 2015

Blocking Wi-Fi connections is “patently unlawful”

On August 18, 2015, the FCC announced a $750,000 civil penalty and formal Consent Decree with Smart City Holdings for blocking consumers’ personal Wi-Fi access at various convention centers, meeting centers and hotels around the United States. Smart City is an internet and telecommunications provider for such facilities, and had been blocking personal mobile “hotspots” being used by convention and meeting attendees.

Apparently referring to the $80 daily fee charged by Smart City for use of its Wi-Fi at the events, Travis LeBlanc, Chief of the FCC’s Enforcement Bureau said, “It is unacceptable for any company to charge consumers exorbitant fees to access the Internet while at the same time blocking them from using their own personal Wi-Fi hotspots to access the Internet.”

The FCC Enforcement Chief went on to say, “All companies who seek to use technologies that block FCC-approved Wi-Fi connections are on notice that such practices are patently unlawful.”

The FCC is focused on preventing Wi-Fi blocking

The FCC action in the Smart City case really emphasizes how serious the FCC is about stopping the practice of hotels and related facilities from blocking consumer hotspots in order to sell their own more expensive access to the internet.

Starting with high-profile investigation and settlement with Marriott International last year, the FCC has taken the following steps: CONTINUE READING →

Published on: August 31, 2015

What every hotel owner (and operator) needs to know about “data security” after the Wyndham Worldwide case

By Jim Butler and the Global Hospitality Group®

31 August 2015

Click here for the latest articles on Data Technology, Privacy & Security.

Massive data breaches affect hotels and their legal responsibilities. As unauthorized hacking of confidential data explodes in volume and seriousness, minimum expected standards are evolving that hoteliers and others must follow. Interestingly, the latest guidelines are provided in an August 24, 2015 appellate court decision involving Wyndham Worldwide as if to emphasize that these rules (really) apply to the hotel industry. How did this case arise? What are some basic steps that everyone with confidential data is expected to take? What happens if they don’t?

In the article below, my partner Bob Braun, explains the current situation and what it means to our industry.
FTC vs. Wyndham Worldwide – What it Means for Hotel Owners

by
Bob Braun, Hotel Lawyer and Data Security Advisor
Background on the case

On August 24, 2015, the Third Circuit United States Court of Appeals issued its ruling in the case FTC v. Wyndham Worldwide Corporation. The case was highly anticipated by the data security community generally for its expected ruling on the authority of the Federal Trade Commission to regulate data security standards, but nowhere was the anticipation more keen than in the hospitality industry. After all, this decision didn’t deal with retailers, banks or dating sites – it addressed a major hotel player and, by implication, all operators, brands and owners in the industry.

We know that cybercrime is big. In 2014, there were 42.8 million detected security incidents (and, most likely, many more that were never discovered). Estimates of annual cost of cybercrime to the global economy ranges from $375 billion to as much as $575 billion as companies face increased vulnerability, ranging from greater technology available to cybercriminals and new types of cybercrime, like crypto-ransom. CONTINUE READING →

Published on: October 4, 2014

Marriott signs FCC Consent Decree and agrees to pay $600,000 civil penalty for Wi-Fi blocking

By Jim Butler and the Global Hospitality Group®

4 October 2014

Click here for the latest articles on Data Technology, Privacy & Security.

Have you ever wondered why your cell phone or personal Wi-Fi hot spot does not seem to work in some hotels?

As more business and leisure travelers equip themselves to stay in constant communication with their work place and families, they have accelerated the tendency to shun high-priced hotel room telephones and internet connections. But sometimes, even when you are in the middle of New York City (or other major urban gateway) on a high floor, your cell service or Mi-Fi just does not seem to work, and you wonder if it is being jammed intentionally by the hotel.

On Friday, October 3, 2014, the Federal Communications Commission (FCC) confirmed (at least in one case) what a lot of travelers have suspected of hotel operators when it announced that Marriott International had signed a Consent Decree and agreed to pay a $600,000 civil penalty to resolve the FCC’s Wi-Fi blocking investigation. This was an investigation into whether Marriott intentionally interfered with and disabled Wi-Fi networks established by consumers in the conference facilities of the Gaylord Opryland Hotel and Convention Center in Nashville, Tennessee, in violation of Section 333 of the Communications Act.

According to the official FCC announcement, the FCC Enforcement Bureau’s investigation revealed that Marriott employees had used containment features of a Wi-Fi monitoring system at the Gaylord Opryland to prevent individuals from connecting to the Internet via their own personal Wi-Fi networks, while at the same time charging consumers, small businesses, and exhibitors as much as $1,000 per device to access Marriott’s Wi-Fi network.

Interfering with private cell phones, Wi-Fi or similar equipment violates federal law

The FCC has set up a special area on its website for providing information about and enabling the public to report illegal jamming. See www.fcc.gov/jammer.

On the website, the FCC prominently displays this warning: CONTINUE READING →

Published on: January 14, 2014

What the Target data security breaches mean for hoteliers

By Jim Butler and the Global Hospitality Group®

14 January 2014

Click here for the latest articles on Data Technology, Privacy & Security.

Hotel Lawyer: The growing problem of security breaches with sensitive customer information.

The recent headlines about the Target and Neiman Marcus security breach with customer credit cards highlights a growing crisis that concerns owners and operator of hotels as well as retailers. In this article, Bob Braun, one of the senior members of our Global Hospitality Group® who focuses on data security — when he is not working on hotel management or franchise agreements — gives us some thoughts on what to do about this problem.
The Target and Neiman Marcus breaches:
What hoteliers need to know
by
Robert E. Braun | Senior Member, Global Hospitality Group®
The Target and Neiman Marcus problem. The massive security breach of Target’s customer data may affect more than 110 million Americans — potentially about 1 in 3 persons living in the United States. Followed in quick succession by another 40 million customers of Neiman Marcus (and more disclosures expected soon from other retailers), it is time for us in the hotel industry to look at our own policies and procedures, and to think about how we should respond to these malicious attacks.

Hoteliers beware. Hotels are obvious targets for identity and financial theft for many reasons. Hotels transact business through credit cards, and those credit cards are kept on file and can be accessed multiple times during a guest’s stay. The possibility that a credit card charge will be recorded occurs with each night’s room charge, room service, bar or restaurant bill, spa charge, and so on. Every charge is another opportunity for an identity thief to access the information using sophisticated computer hacks and other malicious software, generally without the hotel’s knowledge.

The need to respond to guest demands is another source of insecurity. The Identity Theft Resource Center noted, “The ability to connect to the Internet is an integral part of many individual’s daily life. This has led to the increased demand for public WiFi.” As a result, hotels find themselves compelled to offer wireless internet, and that service is almost always unsecured. But an unsecured wireless network is “just as dangerous as leaving files of your most important personal documents on a street curb for all to see. Hackers can easily get into an unsecured wireless network and get financial information, business records or sensitive e-mails.” (PC World, “Got Wireless Security”). At the same time, hotels have little say in the matter. Guests demand wireless internet service.

Finally, hotels have employees — lots of employees — and many of them have access to the credit card and other personal information of guests. No matter how well trained and supervised, more personnel correlates to greater risk. The fact that low-level employees typically have access to key guest information, and that there is, historically, a high turnover in hotel employees, exacerbates the problem.

What happened to Target? While investigations are continuing, sources have reported that investigators believe the attackers used similar techniques and pieces of malicious software to steal data from retailers. One of the pieces of malware is a RAM scraper, or memory-parsing software, which allows cyber criminals to grab encrypted data by capturing it when it travels through the live memory of a computer, where it appears in plain text, the sources said. While the technology has been around for many years, its use has increased in recent years as retailers have improved their security, making it more difficult for hackers to obtain credit card data using other approaches.

The lesson? Even as merchants become more vigilant and focus on the security of their systems, criminals have become more sophisticated and are investing more time and effort in crafting their own systems.

CONTINUE READING →

Published on: April 11, 2013

Cyber Security Alert: How to protect your proprietary information from employees

By Jim Butler and the Global Hospitality Group®

11 April 2013

Click here for the latest articles on Data Technology, Privacy & Security.

Hotel Lawyer on technology challenges to your proprietary and sensitive corporate information. The continuing advances of technology continue to present a double edged sword. On the one edge are tremendous cost savings, efficiencies and power to manage information. On the other edge are daunting issues of information security and privacy.

In the article below, two of our Global Hospitality Group® lawyers talk about a recent court decision from the respected second circuit in New York that has important implications for every employer in the hospitality industry. It serves as a reminder that good employee handbooks and company policies are important to protecting your valuable business information and electronic data.

Here is what it is all about.

CONTINUE READING →

Jim Butler

Jim Butler is recognized as one of the top hotel lawyers in the world. He devotes 100% of his practice to hospitality, representing hotel owners, developers and lenders. Jim leads JMBM’s Global Hospitality Group® — a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion.
More

Robert Braun

Robert Braun is a partner in JMBM's Corporate Department and a senior member of JMBM's Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. Bob represents owners in both transactional and operational issues. He advises clients with respect to business formation, financing, mergers and acquisitions, venture capital financing, joint ventures and strategic partnerships. He has represented hotel owners in the negotiation of several hundred management agreements, as well as spa management and franchise agreements. Bob also advises hotel owners regarding telecommunications, software, internet, e-commerce, data processing and outsourcing agreements. To read Bob's articles, go to www.HotelLawBlog.com and select "Management Agreements." For more information, please contact Bob Braun at 310.785.5331 or rbraun@jmbm.com.

Marta Fernandez

Marta Fernandez is a partner in JMBM's Employment and Labor Department and a senior member of JMBM’s Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. As a management labor lawyer with more than 20 years of experience, Marta specializes in representing hospitality industry clients in all aspects of labor and employment including labor-management relations such as union prevention, collective bargaining for single as well as multi-employer bargaining units, neutrality agreements and defense of unfair labor practice charges before the NLRB. She defends employers in administrative and litigation claims, such as employee claims of sexual harassment and discrimination and counsels clients in preventative strategies such as executive training, arbitration enforcement, and policies and procedures. To read Marta's articles, go to www.HotelLawBlog.com and select "Labor & Employment." For more information, please contact Marta Fernandez at 310.201.3534 or at mfernandez@jmbm.com.

Guy Maisnik

Guy Maisnik is a partner in JMBM's Real Estate Department and a senior member of JMBM's Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. Guy's deep and broad transactional practice includes complex real estate finance and venture capital transactions, including project finance, commercial finance, leveraged leasing and real estate acquisitions. He assists clients with development, leasing and disposition, loan portfolio acquisitions, loan and debt restructure, workouts and real estate exchanges. Go to www.HotelLawBlog.com for current information in these areas. For more information, please contact Guy Maisnik at 310.201.3588 or mgm@jmbm.com.

David Sudeck

David Sudeck is a Partner in JMBM's Real Estate Department and a senior member of JMBM’s Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. David has significant experience in the vacation ownership arena, focusing on the formation and registration of condominiums, timeshares and fractional interest regimes. He negotiates hotel, spa and restaurant management agreements, and assists client in the development, acquisition, sale and leasing of hotels, golf courses and restaurants. For David's take on current issues in the timeshare arena, go to www.HotelLawBlog.com and click on the topic, "Timeshare." For more information, please contact David Sudeck at 310.201.3518 or dsudeck @jmbm.com.

Robert Kaplan

Robert Kaplan is a partner in JMBM's Bankruptcy, Insolvency and Restructurings Group and a senior member of the Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. Bob represents lenders, special servicers, hard money lenders, community banks, national banking associations, distressed debt investors, and equity investors, positioning them for the best possible outcome by acting expeditiously to preserve value and increase cash flow. His industry experience and his knowledge of the current capital markets -- where distressed assets often include complex deal structures and securitized loans -- allows him to bring creative and effective strategies to the table. When aggressive litigation is the best strategy, he is a vigorous and effective advocate for his clients. Bob represented the securitized lender in the Chapter 11 bankruptcy case filed by the Clift Hotel in San Francisco, and in the subsequent negotiations and successful sale of the loan to a third party. The lender -- acting by and through GMAC Commercial Mortgage Corporation as special servicer -- was the holder of a $60 million loan secured by a Deed of Trust on the Clift Hotel. He has also served as counsel to CapMark, J.E. Robert Company, Inc., AMRESCO Management Inc. and Midland Loan Servicer in their capacity as special servicers on troubled hotel loans in CMBS pools. For more information, contact Robert Kaplan at 415.984.9673 or rkaplan@jmbm.com.

Martin Orlick

Martin Orlick is a partner in JMBM's Real Estate Department and a senior member of JMBM's Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. Marty specializes in representing hospitality industry clients in Americans With Disabilities Act (ADA) compliance and defense. He has represented more than 500 businesses in ADA issues, many of them hotels and restaurants, as well as hotel mixed-use properties. Marty is a member of the American College of Real Estate Lawyers (ACREL) and a frequent speaker on the ADA and other topics. To read Marty's articles, go to www.HotelLawBlog.comand select "ADA." For more information, please contact Marty Orlick at 415.984.9667 or morlick@jmbm.com.

Scott Brink

Scott Brink is a senior member of JMBM's Global Hospitality Group® and a partner in JMBM's Labor & Employment Law Department. Scott is a management labor lawyer with more than two decades of experience representing employers in all aspects of labor relations and employment law including union prevention, collective bargaining negotiations, defense of unfair labor practice charges before the NLRB, wrongful discharge litigation, individual and class action employment discrimination and wage-and-hour claims, sexual-harassment litigation, arbitrations, personnel policies, California wage and hour law, and employee discipline and discharge. An experienced trial attorney, Scott has litigated a number of high-profile and complex cases involving a wide range of labor and employment law matters. For more information, contact Scott Brink at RSB@jmbm.com or 310.785.5365.

Travis Gemoets

Travis Gemoets is an experienced trial attorney and represents management in all facets of labor and employment law, including wage/hour class actions, claims of discrimination, harassment, wrongful termination, trade secrets and unfair competition, union/management relations and workplace violence. He is a member of JMBM's Global Hospitality Group(r), in which capacity he negotiates union contracts and resolves labor disputes throughout the country, defends class action claims, develops strategies for the mass onboarding and separation of employees, and recommends proactive changes to employers' policies and practices in order to minimize potential liability risks. Reach him at 310.785.5387 or tgemoets@jmbm.com.

Mark S. Adams

Mark S. Adams is an experienced trial lawyer and a member of JMBM's Global Hospitality Group® and Chinese Investment Group™. He focuses his practice on business litigation including contracts, corporate and partnership disputes, and hospitality disputes and litigation. On behalf of hotel and resort owners, Mark has successfully litigated the termination of long-term, no-cut, hotel management agreements, franchise agreements, fiduciary duty issues, investor-owner disputes, TOT assessments, and more. He has wide-ranging trial experience in a variety of commercial disputes, including complex multi-party litigation and class actions. He has tried numerous cases in state courts, federal courts, and in domestic and international arbitrations, and is a frequent author and speaker on trial practice. Mark's trial wins have been covered by Forbes, Reuters, and other publications. He has obtained two of California's annual 50 largest jury verdicts in the same year. Mark has taken or defended nearly 1,000 depositions throughout North America, Europe and the Middle East. He has been quoted as an expert on noncompete agreements in the Wall Street Journal. For more information, contact Mark at 949. 623.7230 or markadams@jmbm.com.

Bennett Young

Bennett Young is a partner in JMBM's Bankruptcy, Insolvency and Restructurings Group and a senior member of the Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. His clients include lenders, financial institutions, secured and unsecured creditors, distressed investment funds, businesses, receivers, special servicers and creditors' committees. Ben represented the owner of a partially completed multi-billion dollar resort property in the restructuring of its finances and has represented lenders to hotels and casinos. For more information, contact Ben Young at 415.984.9626 or byoung@jmbm.com

Sheri Bonstelle

Sheri Bonstelle is a partner in JMBM's Government, Land Use, Environment and Energy Department, and a member of JMBM's Global Hospitality Group®. She represents owners and developers in land use, zoning, environmental, litigation and construction matters. She manages all aspects of the entitlement process, including representing clients before local and state agencies, commissions and councils. Sheri also represents clients in a variety of land use and real estate litigation matters in state and federal courts, including cases arising under CEQA and other environmental laws. Her hotel experience includes handling the adaptive reuse of an historic office building as a luxury boutique hotel. For more information, please contact Sheri Bonstelle at 310.712.6847 or SBonstelle@jmbm.com.

Kevin McDonnell

Kevin McDonnell is a partner in JMBM's Government, Land Use, Environment and Energy Department, and a member of JMBM's Global Hospitality Group®. Kevin represents developers and owners of hotels in a broad range of land use and zoning issues including entitlements, code enforcement, easements and parking requirements, as well as related Parcel Map and Tract Map subdivision issues. His hospitality experience includes hotels, condo-hotels and mixed-use projects. A registered Civil Engineer and Structural Engineer in California, and a former building official for the City of Los Angeles, Kevin brings unique experience and insight in Zoning and Building Code applications and Code Enforcement issues. For more information, please contact Kevin McDonnell at 310.201.3590 or kkm@jmbm.com.

Jamie Ogden

Jamie Ogden is a tax lawyer at Jeffer Mangels Butler & Mitchell LLP. He advises individuals and businesses on a range of tax planning, tax controversy and estate planning matters. Jamie’s experience includes all tax aspects with respect to the hospitality industry, including acquisitions and dispositions (including Section 1031 exchanges), financing and management agreements. He also serves as lead tax counsel on M&A transactions, financing, internal corporate restructurings and deferred compensation matters. Jamie also works frequently with litigators on the tax aspects of litigation, judgments and settlements. Jamie has extensive experience with foreign compliance matters, including each variation of the IRS amnesty programs. In addition to his experience in private practice, Jamie also brings several years of service from both state and federal government. For more information, contact Jamie at JOgden@jmbm.com or 310.201.3510.

Wei Deng

Wei Deng is General Counsel of Bosen American Capital, Inc. where in addition to his legal duties, he is responsible for sourcing, evaluating and proposing United States investment opportunities to the company. Wei was previously with JMBM, where he focused on transactional and litigation matters.

Jay Thompson

Jay Thompson has extensive experience representing private companies, business owners, family offices and investors in mergers and acquisitions, private equity and venture capital transactions and private securities offerings. Jay serves as general counsel to many of his clients, their management, and board of directors, helping to shape and execute their business strategies, facilitate growth and liquidity, as well as to advise them on day-to-day legal and other strategic issues. He is known for his practical approach to business issues. Contact Jay at JThompson@jmbm.com or 949.623.7258

Marianne Martin

Marianne Martin has nearly fifteen years of experience advising clients on a variety of commercial, financing, bankruptcy, restructuring and M&A matters, with a particular niche dealing with distressed and/or turnaround situations. Her clients frequently include private equity and hedge funds, independent sponsors, family offices, public and private corporations, financial institutions and banks, healthcare-related companies, municipalities and venture capital funds. She has represented clients in various capacities, including as borrowers/debtors, lenders, acquirers, and agents/trustees in negotiating and documenting complex commercial transactions, out-of-court restructuring transactions and advising on purchasing considerations in secondary market debt transactions. Contact Marianne at MMartin@jmbm.com or 310.201.3531

Trevor Countryman

Trevor Countryman is an associate in the firm's Real Estate Department. He advises clients in all aspects of real estate transactions including property acquisitions and dispositions, financing, leasing, development and construction. Trevor's clients range from large funds to individual developers and opportunistic investors, engaged in deals involving office, retail, multi-family, single-family, mixed-use and hotel properties. Contact Trevor Countryman at 310.201.3546 or TCountryman@jmbm.com.

Vanessa Han

Vanessa Han is an associate in JMBM's Corporate group. Vanessa can be reached at VHan@jmbm.com or 310.785.5383

Vince Farhat

Vince Farhat is Chair of JMBM's White Collar Defense and Investigations practice. Vince has extensive jury trial experience and focuses his practice on representing companies and individuals in criminal and civil investigations and prosecutions by government enforcement agencies, as well as complex federal litigation. He also advises companies in connection with complex and sensitive internal investigations. Prior to joining JMBM, Vince served as an assistant United States attorney in the Major Frauds Section of the U.S. Attorney's Office for the Central District of California. Contact Vince Farhat at 310.785.5382 or VFarhat@jmbm.com.

Sarah G. Hartman

Sarah G. Hartman is a partner in JMBM's Litigation Group and a member of JMBM's Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. Sarah is an experienced litigator who advises and represents clients through all aspects of litigation, from inception through trial and appeal. She advises and represents clients in the hospitality industry, including the termination of hotel management agreements and franchise agreements. Sarah also advises and represents clients on women's health technology issues, intellectual property matters, and complex commercial disputes, including breach of fiduciary duty, fraud, breach of contract, unfair competition, products liability, employment litigation, class action defense, false advertising and other complex financial disputes. Contact Sarah Hartman at 949.623.7243 or SGHartman@jmbm.com.

Michael H. Strub, Jr.

Michael H. Strub, Jr. is a partner in JMBM's Litigation Group and a member of JMBM's Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. He is a highly skilled trial and appellate attorney who has handled high-stakes, complex commercial and business cases for 30 years including disputes arising out of hotel construction, lending, and bankruptcy. In addition, he has represented plaintiffs and defendants in business and commercial disputes in a variety of areas. Contact Michael H. Strub, Jr. at 949.623.7233 or MStrub@jmbm.com.

Ask the Hotel Lawyer™ is a quarterly column that I write for JMBM's Global Hospitality Advisor®. If you have a question you would like to submit to Ask the Hotel Lawyer™ please use the comments box below. While your question may not be of sufficient general interest for the column, I will try to respond to you individually if you leave your contact information below.
Jim Butler.