Published on: April 2, 2025

Hotel Data Privacy Alert: Fairmont has a New (Website) Visitor – A CIPA Class Action

By Jim Butler and the Global Hospitality Group®

02 April 2025

See how JMBM’s Global Hospitality Group® can help you.
Click here for the latest articles on Data Technology, Privacy & Security.

A recent lawsuit filed in the U.S. District Court for the Central District of California alleges that Accor Management US Inc., the parent company of Fairmont Hotels & Resorts, violated California’s privacy laws by improperly sharing users’ browsing and booking information with social media platforms without user consent. This data sharing is said to have enhanced the algorithms and ad targeting abilities of these platforms.

Bob Braun, senior member of JMBM’s Global Hospitality Group® and Co-Chair of the Firm’s Cybersecurity & Privacy Group, outlines what CIPA is and how companies should respond to CIPA claims.

Fairmont has a New (Website) Visitor – A CIPA Class Action

by Robert Braun, Co-Chair, JMBM Cybersecurity and Privacy Group;
Senior Member, JMBM Global Hospitality Group

On March 19, 2025, Accor Hotels, through its Fairmont Hotels & Resorts brand, became one of the latest – and one of highest profile – defendants in a current wave of website litigation. In the complaint, the attorneys for Natalie Gianne, claimed that when she accessed the Fairmont Hotels website to book a room, Accor allowed social media platforms to intercept communications, including confidential guest records without her prior consent in violation of the California Invasion of Privacy Act (“CIPA”, pronounced “see-pa”), and used that information to target her for advertisements.

Hotel companies need to pay particular attention to this case and its implications. Hotels are attractive targets for claims like these – they have broad website presence and have a public profile that makes these cases sensitive. In addition, large hotel companies are viewed as deep pockets that would be willing to settle.

What is CIPA?

The CIPA was originally adopted to adopted to protect California residents from a third party eavesdropping on a telephone call. As a result, in California and several other states, all parties to a phone call (including video calls) must consent to a recording. This is straightforward enough; however, CIPA plaintiffs, like Gianne, are extending the CIPA to information collected for website analytics purposes.

Data analytics is the process of examining raw data to uncover patterns, draw conclusions, and make informed decisions, enabling businesses to optimize performance, improve efficiency, and make strategic decisions. In the website context, analytics involves collecting, measuring, analyzing and reporting data to understand and improve website usage.

Where do the CIPA and Website Analytics Meet?

Websites have employed third parties to analyze website usage for years. Website owners want to know how users came to their site, what they do when they are on the site, and where they go when they leave. Website owners can use this information to make sure their sites are easy to navigate; if, for example, a user leaves a website while making a purchase at a website, the website owners will want to know why. They want to know what drives users to their sites, and how they can get more visitors. Analytics can help a website owner boost their search engine ratings, determine the value of marketing campaigns, and track digital marketing efforts.

Historically, analytics were internal – a website owner would collect information from visitors and use that information to improve their website. The website owner might hire an outside service (Google Analytics is well known for providing this service). Information about the visitor might be collected by a third party, but only in anonymous, aggregated form, and was only shared with the website owner. Bringing us back to the CIPA and similar laws, no third party was involved, so no consent was required.

Now, however, website owners have allowed (sometimes without their knowledge) social media companies like Facebook, LinkedIn and others to place tracking devices – typically, pixel trackers and other invisible items) on the site; when a user visits a page where the tracking device is installed, the user’s browser is instructed to transmit information to the tracker. However, not all companies obtain user consent to these tracking devices. In this case, a user can argue that personal information was shared with a third party without consent, and that it constituted a violation of CIPA.

How Should a Company Respond?

Update Website Documentation. One of the most important steps is to evaluate and, if necessary, update existing website terms of use, cookie policy, and privacy disclosures to reflect what is allowed on the website.

Website owners also need to implement processes to ensure and document consent. Typically, this is achieved through a “cookie banner” that a user must acknowledge before going to the site. However, the consent must be implemented carefully; it’s common for tracking technology to be triggered the moment a user lands on a site, which could be grounds for a claim that CIPA is being violated. Instead, no cookies or other trackers should be “turned on” until the user gives consent, something that website designers or privacy technicians can oversee. In addition, thought should be given to the form of the banner; it should provide for actual consent, which means that the consumer must be given a choice.

As important as privacy policy disclosures are the terms of use. While these have long been seen as a boilerplate document and implemented with little thought, key terms can protect the website owner, including limitation on damages, enforceable arbitration clauses and, when possible, class action waivers.

Act Quickly. When a company receives a CIPA claim, there are several things it (and its attorneys) should do to evaluate the seriousness of the claim:

Does the claim bring any specific evidence? Some letters or complaints don ‘t have specific information about the defendant or the basis for the claim, which may leave room for defenses.
What law firm brought the action? Some firms are known for filing CIPA class action claims and may have a reputation for settling easily or as hard negotiators. Since class action claims are often arranged by attorneys, they can be seen as the adverse party.
Does the demand letter include an offer for settlement? For better or worse, it’s often makes economic sense to resolve a case quickly, rather than spend unnecessary resources on litigation. This determination is more complicated that determining the cost of settlement against the cost of litigation. While a firm may want a quick and quiet resolution, it also should consider that a private, out of court may not protect them from future claims from other plaintiffs not included in this class.
Could the claim be subject to arbitration? Arbitration is confidential and will avoid the uncertainty of a jury trial.

In any case, responding to a claim, including a pre-litigation claim, requires experienced attorney. Counsel can evaluate the likelihood of litigation, preserve evidence and data, and conduct an internal investigation. A company needs evidence that can be used to challenge the CIPA claim, as well as class certification, but it’s important to gather it in a way that preserves the attorney/client privilege whenever possible.

If this article was of interest, you may also wish to read other articles by Bob Braun on “Data Technology, Privacy & Security,” which include the following:

Artificial Intelligence is Checking into your Hotel – Are You Ready?

The American Privacy Rights Act – What Does it Mean for Hotel Companies?

Time is Short – Reporting your Data Breach

Who’s Responsible for Personal Data at a Hotel?

Why hotels need “visibility” to avoid data privacy liability

Hotel Data Security: Challenges to Address in 2022

New Challenges for Hotels: The New California Privacy Rights and Enforcement Act of 2020

Hotel Managers and Owners Be Warned – You are Responsible for Your Hotel’s Data Security

The California Consumer Privacy Act – What Hoteliers Need to Know Now

Avoiding Hotel Data Breaches With a Risk Assessment Audit™ – Lessons From the Marriott International “Glitch”

Bob Braun is a Senior Member of JMBM’s Global Hospitality Group® and is Co-Chair of the Firm’s Cybersecurity & Privacy Group. Bob has more than 20 years of experience in representing hotel owners and developers in their contracts, relationships and disputes with hotel managers, licensors, franchisors and brands, and has negotiated hundreds of hotel management and franchise agreements. His practice includes experience with virtually every significant hotel brand and manager. Bob also advises clients on condo hotel securities issues and many transactional matters, including entity formation, financing, and joint ventures, and works with companies on their data technology, privacy and security matters. These include software licensing, cloud computing, e-commerce, data processing and outsourcing agreements for the hospitality industry.

In addition, Bob is a frequent lecturer as an expert in technology, privacy and data security issues, and is one of only two attorneys in the 2015 listing of SuperLawyers to be recognized for expertise in Information Technology. Bob is on the Advisory Board of the Information Systems Security Association, Los Angeles chapter, and a member of the International Association of Privacy Professionals. Contact Bob Braun at 310.785.5331 or rbraun@jmbm.com.

This is Jim Butler, author of www.HotelLawBlog.com and founding partner of JMBM and JMBM’s Global Hospitality Group®. We provide business and legal advice to hotel owners, developers, independent operators, and investors. This advice covers critical hotel issues such as hotel purchase, sale, development, financing, franchise, management, ADA, and IP matters. We also have compelling experience in hotel litigation, union avoidance and union negotiations, and cybersecurity & data privacy.

JMBM’s Global Hospitality Group® has been involved in more than $125 billion of hotel transactions and more than 4,700 hotel properties located around the globe. Contact me at +1-310-201-3526 or jbutler@jmbm.com to discuss how we can help.

How can we help? Brochure Credentials Photo Gallery

Jim Butler

Jim Butler is recognized as one of the top hotel lawyers in the world. He devotes 100% of his practice to hospitality, representing hotel owners, developers and lenders. Jim leads JMBM’s Global Hospitality Group® — a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion.
More

Robert Braun

Robert Braun is a partner in JMBM's Corporate Department and a senior member of JMBM's Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. Bob represents owners in both transactional and operational issues. He advises clients with respect to business formation, financing, mergers and acquisitions, venture capital financing, joint ventures and strategic partnerships. He has represented hotel owners in the negotiation of several hundred management agreements, as well as spa management and franchise agreements. Bob also advises hotel owners regarding telecommunications, software, internet, e-commerce, data processing and outsourcing agreements. To read Bob's articles, go to www.HotelLawBlog.com and select "Management Agreements." For more information, please contact Bob Braun at 310.785.5331 or rbraun@jmbm.com.

Marta Fernandez

Marta Fernandez is a partner in JMBM's Employment and Labor Department and a senior member of JMBM’s Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. As a management labor lawyer with more than 20 years of experience, Marta specializes in representing hospitality industry clients in all aspects of labor and employment including labor-management relations such as union prevention, collective bargaining for single as well as multi-employer bargaining units, neutrality agreements and defense of unfair labor practice charges before the NLRB. She defends employers in administrative and litigation claims, such as employee claims of sexual harassment and discrimination and counsels clients in preventative strategies such as executive training, arbitration enforcement, and policies and procedures. To read Marta's articles, go to www.HotelLawBlog.com and select "Labor & Employment." For more information, please contact Marta Fernandez at 310.201.3534 or at mfernandez@jmbm.com.

Guy Maisnik

Guy Maisnik is a partner in JMBM's Real Estate Department and a senior member of JMBM's Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. Guy's deep and broad transactional practice includes complex real estate finance and venture capital transactions, including project finance, commercial finance, leveraged leasing and real estate acquisitions. He assists clients with development, leasing and disposition, loan portfolio acquisitions, loan and debt restructure, workouts and real estate exchanges. Go to www.HotelLawBlog.com for current information in these areas. For more information, please contact Guy Maisnik at 310.201.3588 or mgm@jmbm.com.

David Sudeck

David Sudeck is a Partner in JMBM's Real Estate Department and a senior member of JMBM’s Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. David has significant experience in the vacation ownership arena, focusing on the formation and registration of condominiums, timeshares and fractional interest regimes. He negotiates hotel, spa and restaurant management agreements, and assists client in the development, acquisition, sale and leasing of hotels, golf courses and restaurants. For David's take on current issues in the timeshare arena, go to www.HotelLawBlog.com and click on the topic, "Timeshare." For more information, please contact David Sudeck at 310.201.3518 or dsudeck @jmbm.com.

Robert Kaplan

Robert Kaplan is a partner in JMBM's Bankruptcy, Insolvency and Restructurings Group and a senior member of the Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. Bob represents lenders, special servicers, hard money lenders, community banks, national banking associations, distressed debt investors, and equity investors, positioning them for the best possible outcome by acting expeditiously to preserve value and increase cash flow. His industry experience and his knowledge of the current capital markets -- where distressed assets often include complex deal structures and securitized loans -- allows him to bring creative and effective strategies to the table. When aggressive litigation is the best strategy, he is a vigorous and effective advocate for his clients. Bob represented the securitized lender in the Chapter 11 bankruptcy case filed by the Clift Hotel in San Francisco, and in the subsequent negotiations and successful sale of the loan to a third party. The lender -- acting by and through GMAC Commercial Mortgage Corporation as special servicer -- was the holder of a $60 million loan secured by a Deed of Trust on the Clift Hotel. He has also served as counsel to CapMark, J.E. Robert Company, Inc., AMRESCO Management Inc. and Midland Loan Servicer in their capacity as special servicers on troubled hotel loans in CMBS pools. For more information, contact Robert Kaplan at 415.984.9673 or rkaplan@jmbm.com.

Martin Orlick

Martin Orlick is a partner in JMBM's Real Estate Department and a senior member of JMBM's Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. Marty specializes in representing hospitality industry clients in Americans With Disabilities Act (ADA) compliance and defense. He has represented more than 500 businesses in ADA issues, many of them hotels and restaurants, as well as hotel mixed-use properties. Marty is a member of the American College of Real Estate Lawyers (ACREL) and a frequent speaker on the ADA and other topics. To read Marty's articles, go to www.HotelLawBlog.comand select "ADA." For more information, please contact Marty Orlick at 415.984.9667 or morlick@jmbm.com.

Scott Brink

Scott Brink is a senior member of JMBM's Global Hospitality Group® and a partner in JMBM's Labor & Employment Law Department. Scott is a management labor lawyer with more than two decades of experience representing employers in all aspects of labor relations and employment law including union prevention, collective bargaining negotiations, defense of unfair labor practice charges before the NLRB, wrongful discharge litigation, individual and class action employment discrimination and wage-and-hour claims, sexual-harassment litigation, arbitrations, personnel policies, California wage and hour law, and employee discipline and discharge. An experienced trial attorney, Scott has litigated a number of high-profile and complex cases involving a wide range of labor and employment law matters. For more information, contact Scott Brink at RSB@jmbm.com or 310.785.5365.

Travis Gemoets

Travis Gemoets is an experienced trial attorney and represents management in all facets of labor and employment law, including wage/hour class actions, claims of discrimination, harassment, wrongful termination, trade secrets and unfair competition, union/management relations and workplace violence. He is a member of JMBM's Global Hospitality Group(r), in which capacity he negotiates union contracts and resolves labor disputes throughout the country, defends class action claims, develops strategies for the mass onboarding and separation of employees, and recommends proactive changes to employers' policies and practices in order to minimize potential liability risks. Reach him at 310.785.5387 or tgemoets@jmbm.com.

Mark S. Adams

Mark S. Adams is an experienced trial lawyer and a member of JMBM's Global Hospitality Group® and Chinese Investment Group™. He focuses his practice on business litigation including contracts, corporate and partnership disputes, and hospitality disputes and litigation. On behalf of hotel and resort owners, Mark has successfully litigated the termination of long-term, no-cut, hotel management agreements, franchise agreements, fiduciary duty issues, investor-owner disputes, TOT assessments, and more. He has wide-ranging trial experience in a variety of commercial disputes, including complex multi-party litigation and class actions. He has tried numerous cases in state courts, federal courts, and in domestic and international arbitrations, and is a frequent author and speaker on trial practice. Mark's trial wins have been covered by Forbes, Reuters, and other publications. He has obtained two of California's annual 50 largest jury verdicts in the same year. Mark has taken or defended nearly 1,000 depositions throughout North America, Europe and the Middle East. He has been quoted as an expert on noncompete agreements in the Wall Street Journal. For more information, contact Mark at 949. 623.7230 or markadams@jmbm.com.

Bennett Young

Bennett Young is a partner in JMBM's Bankruptcy, Insolvency and Restructurings Group and a senior member of the Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. His clients include lenders, financial institutions, secured and unsecured creditors, distressed investment funds, businesses, receivers, special servicers and creditors' committees. Ben represented the owner of a partially completed multi-billion dollar resort property in the restructuring of its finances and has represented lenders to hotels and casinos. For more information, contact Ben Young at 415.984.9626 or byoung@jmbm.com

Sheri Bonstelle

Sheri Bonstelle is a partner in JMBM's Government, Land Use, Environment and Energy Department, and a member of JMBM's Global Hospitality Group®. She represents owners and developers in land use, zoning, environmental, litigation and construction matters. She manages all aspects of the entitlement process, including representing clients before local and state agencies, commissions and councils. Sheri also represents clients in a variety of land use and real estate litigation matters in state and federal courts, including cases arising under CEQA and other environmental laws. Her hotel experience includes handling the adaptive reuse of an historic office building as a luxury boutique hotel. For more information, please contact Sheri Bonstelle at 310.712.6847 or SBonstelle@jmbm.com.

Kevin McDonnell

Kevin McDonnell is a partner in JMBM's Government, Land Use, Environment and Energy Department, and a member of JMBM's Global Hospitality Group®. Kevin represents developers and owners of hotels in a broad range of land use and zoning issues including entitlements, code enforcement, easements and parking requirements, as well as related Parcel Map and Tract Map subdivision issues. His hospitality experience includes hotels, condo-hotels and mixed-use projects. A registered Civil Engineer and Structural Engineer in California, and a former building official for the City of Los Angeles, Kevin brings unique experience and insight in Zoning and Building Code applications and Code Enforcement issues. For more information, please contact Kevin McDonnell at 310.201.3590 or kkm@jmbm.com.

Jamie Ogden

Jamie Ogden is a tax lawyer at Jeffer Mangels Butler & Mitchell LLP. He advises individuals and businesses on a range of tax planning, tax controversy and estate planning matters. Jamie’s experience includes all tax aspects with respect to the hospitality industry, including acquisitions and dispositions (including Section 1031 exchanges), financing and management agreements. He also serves as lead tax counsel on M&A transactions, financing, internal corporate restructurings and deferred compensation matters. Jamie also works frequently with litigators on the tax aspects of litigation, judgments and settlements. Jamie has extensive experience with foreign compliance matters, including each variation of the IRS amnesty programs. In addition to his experience in private practice, Jamie also brings several years of service from both state and federal government. For more information, contact Jamie at JOgden@jmbm.com or 310.201.3510.

Wei Deng

Wei Deng is General Counsel of Bosen American Capital, Inc. where in addition to his legal duties, he is responsible for sourcing, evaluating and proposing United States investment opportunities to the company. Wei was previously with JMBM, where he focused on transactional and litigation matters.

Jay Thompson

Jay Thompson has extensive experience representing private companies, business owners, family offices and investors in mergers and acquisitions, private equity and venture capital transactions and private securities offerings. Jay serves as general counsel to many of his clients, their management, and board of directors, helping to shape and execute their business strategies, facilitate growth and liquidity, as well as to advise them on day-to-day legal and other strategic issues. He is known for his practical approach to business issues. Contact Jay at JThompson@jmbm.com or 949.623.7258

Marianne Martin

Marianne Martin has nearly fifteen years of experience advising clients on a variety of commercial, financing, bankruptcy, restructuring and M&A matters, with a particular niche dealing with distressed and/or turnaround situations. Her clients frequently include private equity and hedge funds, independent sponsors, family offices, public and private corporations, financial institutions and banks, healthcare-related companies, municipalities and venture capital funds. She has represented clients in various capacities, including as borrowers/debtors, lenders, acquirers, and agents/trustees in negotiating and documenting complex commercial transactions, out-of-court restructuring transactions and advising on purchasing considerations in secondary market debt transactions. Contact Marianne at MMartin@jmbm.com or 310.201.3531

Trevor Countryman

Trevor Countryman is an associate in the firm's Real Estate Department. He advises clients in all aspects of real estate transactions including property acquisitions and dispositions, financing, leasing, development and construction. Trevor's clients range from large funds to individual developers and opportunistic investors, engaged in deals involving office, retail, multi-family, single-family, mixed-use and hotel properties. Contact Trevor Countryman at 310.201.3546 or TCountryman@jmbm.com.

Vanessa Han

Vanessa Han is an associate in JMBM's Corporate group. Vanessa can be reached at VHan@jmbm.com or 310.785.5383

Vince Farhat

Vince Farhat is Chair of JMBM's White Collar Defense and Investigations practice. Vince has extensive jury trial experience and focuses his practice on representing companies and individuals in criminal and civil investigations and prosecutions by government enforcement agencies, as well as complex federal litigation. He also advises companies in connection with complex and sensitive internal investigations. Prior to joining JMBM, Vince served as an assistant United States attorney in the Major Frauds Section of the U.S. Attorney's Office for the Central District of California. Contact Vince Farhat at 310.785.5382 or VFarhat@jmbm.com.

Sarah G. Hartman

Sarah G. Hartman is a partner in JMBM's Litigation Group and a member of JMBM's Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. Sarah is an experienced litigator who advises and represents clients through all aspects of litigation, from inception through trial and appeal. She advises and represents clients in the hospitality industry, including the termination of hotel management agreements and franchise agreements. Sarah also advises and represents clients on women's health technology issues, intellectual property matters, and complex commercial disputes, including breach of fiduciary duty, fraud, breach of contract, unfair competition, products liability, employment litigation, class action defense, false advertising and other complex financial disputes. Contact Sarah Hartman at 949.623.7243 or SGHartman@jmbm.com.

Michael H. Strub, Jr.

Michael H. Strub, Jr. is a partner in JMBM's Litigation Group and a member of JMBM's Global Hospitality Group® -- a team of seasoned professionals who have helped clients around the world with more than 4,700 hospitality properties worth more than $125 billion. He is a highly skilled trial and appellate attorney who has handled high-stakes, complex commercial and business cases for 30 years including disputes arising out of hotel construction, lending, and bankruptcy. In addition, he has represented plaintiffs and defendants in business and commercial disputes in a variety of areas. Contact Michael H. Strub, Jr. at 949.623.7233 or MStrub@jmbm.com.

Ask the Hotel Lawyer™ is a quarterly column that I write for JMBM's Global Hospitality Advisor®. If you have a question you would like to submit to Ask the Hotel Lawyer™ please use the comments box below. While your question may not be of sufficient general interest for the column, I will try to respond to you individually if you leave your contact information below.
Jim Butler.