21 March 2023
See how JMBM’s Global Hospitality Group® can help you.
Click here for the latest articles on Data Technology, Privacy & Security.
Data privacy and security continue to be significant issues for hotel owners, operators, brands, and managers, representing the potential for both financial and reputational impacts. One important piece of the puzzle is which of the many entities involved in a hotel property is responsible for collecting, sharing, using and storing the personal data of guests and employees. Bob Braun, senior member of JMBM’s Global Hospitality Group® and Co-Chair of the Firm’s Cybersecurity & Privacy Group, gives an overview of current considerations.
Data Security and Privacy in Hospitality – Who’s Paying the Bill?
by Robert Braun, Co-Chair, JMBM Cybersecurity and Privacy Group;
Senior Member, JMBM Global Hospitality Group
One of the most valuable assets of a hotel brand is information – detailed personal information about guests at their hotels, participants in their loyalty programs, and visitors to their websites. This information allows hotel brands to focus on creating guest loyalty, acquiring potential guests, engaging in effective marketing, expanding market share, and creating properties and services that entice and satisfy hotel guests. Because of this, hotel brands have long contended that they “own” hotel guest data and have unencumbered rights to use it, without respect to the interests of hotel owners and even the guests themselves.
While this attitude may have been correct in the past, the world is changing. The EU’s General Data Protection Regulation, the California Consumer Protection Act, the California Privacy Rights Act, and similar laws throughout the United States and the world have turned this idea on its head. Anyone who collects personal data can do so only with the permission of the individual consumer; brands don’t own the personal information of guests, the guests do, and they are the ones who give the operator, brand or owner the right to collect and use it – and they can limit or revoke that right. CONTINUE READING →