Archives

Published on:

10 November 2020

See how JMBM’s Global Hospitality Group® can help you.
Click here for the latest articles on Data Technology, Privacy & Security.

On November 3rd, Californians voted to approve Proposition 24 which amends the California Consumer Privacy Act to include expanded consumer rights and greater privacy protections.

The California Privacy Rights and Enforcement Act – which also establishes an enforcement agency to guarantee strict compliance – places additional obligations on businesses to ensure that consumer data is transparent and secure. Given the scope of the Act and the short timeframe for compliance, hotels should immediately start looking at their data profiles and security to avoid running afoul of the new rules.

Bob Braun, senior member of JMBM’s Global Hospitality Group® and Co-Chair of the Firm’s Cybersecurity & Privacy Group, explains the major provisions of the Act and discusses the challenges hotels face as they look to address its requirements.

New Challenges for Hotels:
The New California Privacy Rights and Enforcement Act of 2020
by
Bob Braun, Hotel Lawyer

Many races and initiatives that California voters considered on November 3 are still undecided, but Proposition 24, the California Privacy Rights Act of 2020 (the “CPRA”) isn’t one of them.  The California electorate approved Proposition 24 by a comfortable margin – 56% of Californians voted in favor.

Like its predecessor the California Consumer Privacy Act of 2018 (the “CCPA”), the impact of the CPRA won’t be felt immediately.  It goes into effect on January 1, 2023, and many of its provisions are unclear and will require study.  But hotel companies with a presence in California will need to consider its requirements, and given the scope of the law, addressing its requirements early will be essential.

New Sheriff in Town

Perhaps the most significant development in the CPRA is the establishment of a new agency, the California Privacy Protection Agency, dedicated to handling enforcement and compliance with privacy regulations.  This makes California the first state with an agency focused solely on enforcing privacy laws.  This new agency will replace the California Attorney General in interpreting and enforcing the CCPA.  The ultimate impact of the agency will develop as its members are selected and interpret its mandate, but it is clear from the CPRA that it has broad authority to bring civil and criminal actions.

Select Key Provisions

The CPRA is an extension and modification of the CCPA.  It adds a number of new definitions and provisions that, in some cases, extend the scope of the CCPA and, in other cases, clarify the requirements of the CCPA.  The result is that hotel companies that already comply with the CCPA will need to revisit their policies and procedures to ensure compliance with the CPRA, and any firms that have not yet considered CCPA compliance have a steep learning curve.  Key provisions include: CONTINUE READING →

Published on:

23 October 2020

See how JMBM’s Global Hospitality Group® can help you.
Click here for the latest articles on Hotel Management Agreements and Hotel Franchise & License Agreements, and download our HMA & Franchise Agreement Handbook (3rd ed).

One of the biggest mistakes owners and developers continue to make is negotiating a “nonbinding” term sheet on various hotel arrangements, such as hotel franchise and hotel management agreements. This can be a costly misstep for the reasons Bob Braun points out in this article on a classic but perennial problem.

First Things First – The Letter of Intent in Hotel Agreements
by
Bob Braun, Hotel Lawyer

Love at First Sight?

How hotel developers and owners, on one hand, and hotel brands, on the other, meet and agree to brand a hotel or resort property is a complicated process. Sometimes developers or owners seek out a brand, and sometimes a brand will approach a potential owner. Either way, the developer/owner meets with a development executive from the brand, and the two parties see if they have enough in common to talk seriously about a long-term relationship. During those early stages, each is trying to demonstrate its resources, seriousness, and commitment to a long-term relationship of 20 years or more. They trade pro forma financials, introduce key personnel, and in pre-Covid days, wine and dine each other. Brands will research the background and business history of their potential franchisee, and owners will seek out other owners for references and their real-life experiences. Owners will study the performance of brands throughout the world, especially where the project is in a foreign locale. The process resembles a mating dance: owners are courting brands, and brands are courting owners. And most typically, owners declare the seriousness of their intentions with an application fee – a very large application fee.

At that point, the brand and owner negotiate and enter into a non-binding letter of intent. The letter of intent makes it clear – the terms in the letter are nothing more than a good faith statement of the desire to move forward and discuss the details. Owners negotiate the basic terms in the letter of intent, and after seeing that the letter is, by its terms, not binding, they sign it, believing that they and the lawyers will have another chance to revisit those issues that might concern them.

Reality Sets In

Unfortunately, brands and managers don’t take that position. They believe that while the letter of intent may state that it is “not binding,” the terms in the letter are not subject to meaningful negotiation once it is signed. More than that, they take the position that if a business or legal term is important to the owner, it must be in the “non-binding” letter of intent; otherwise, the brand will revert to their standard terms and conditions. As becomes painfully clear as the parties negotiate a franchise or management agreement with the brand, there are relatively few points open for negotiation, but if overlooked in the preliminary discussions, it may be impossible to reclaim them no matter how important. CONTINUE READING →

Published on:

17 July 2020

See how JMBM’s Global Hospitality Group® can help you.
Click here for the latest articles on Hotel Management Agreements and Hotel Franchise & License Agreements, and download our HMA & Franchise Agreement Handbook.

Franchise and Management Disputes in the Time of Covid
by
Robert Braun

If you are reading this, you are almost certainly in the hospitality industry, and you are most likely in a financial and emotional distress. During trying times, hotel owners rely more than ever on their brands and managers – the professionals that owners engage to protect the multi-million dollar investments that they have made in building, maintaining and upgrading properties. Owners rely on brands to drive occupancy and revenue, and on managers to make the most effective and efficient use of those revenues to drive the bottom-line revenues that allow owners to cover debt service, insurance and other expenses, and provide a return – without which no thinking investor would finance a hotel.

At the same time, the Covid-19 pandemic has driven hotel occupancy and rates fallen to levels that were previously unimaginable. Brands and managers are not to blame for the pandemic, but this is the time when they must stand up and work with owners to preserve their assets and prepare for the eventual – and lengthy – return to normal, whatever that normal may be.

Unfortunately, in many cases, brands and managers have not always met the challenge. Many brands and managers have simply submitted, without explanations, edicts regarding closing or reducing operations, demanding funds, and reduced responsiveness. Hotel companies have, across the board, furloughed or laid off large portions of their workforce, making it difficult to obtain the guidance and support owners need. CONTINUE READING →

Published on:

01 July 2020

See how JMBM’s Global Hospitality Group® can help you.

Meet the Money® Online: Hotels and Information Security
Protecting Guests and the Bottom Line

Last week, speakers from Manhattan Hospitality Advisors, Tiered Communication Services Inc. and Willis Towers Watson joined Bob Braun of JMBM’s Global Hospitality Group® for the second in a series of Meet the Money Online webinars.

If you missed “Hotels & Information Security – Protecting Guests and the Bottom Line,” you can watch the full webinar here.

You can also find the presentations made by our expert panelists on the Resource Center page:

Where Technology and Security Meet in Hotels

Jonathan Adam, co-founder and Chief Technology Officer, Tiered Communication Services, Inc., covers the primary elements required for information security, and how a secure hotel network should be designed. Meet the Money® Online June 2020.

Best Practices and Imperatives for Information Security

Bob Braun, co-chair of JMBM’s Cybersecurity and Privacy Group, and senior member of JMBM’s Global Hospitality Group® discusses why information security is so difficult to achieve, the importance of documentation, and why verifying third parties is critical. Meet the Money® Online June 2020.

Cyber Security – A Must in Today’s Viral World

Jack Westergom, Managing Director and Founder of Manhattan Hospitality Advisors explains why hotels are frequent targets of cyber crime, areas in which hotels can be proactive, and why you shouldn’t count on your brand for protection. Meet the Money® Online June 2020.

Cyber Insurance in the Hospitality Industry

Heather Wilkinson, SVP, FINEX E&O/Cyber, Willis Towers Watson, discusses why hotels need to determine their specific exposure, the importance of understanding what your cyber insurance actually covers, and the 5 main cyber threats that hotels are facing today. Meet the Money® Online June 2020.

 

While we weren’t able to gather in person for the 30th year of Meet the Money®, the national hotel investment and finance conference, we are continuing to provide the industry with research analysis and insight through Meet the Money Online. Join us on July 8, 2020 for the next in this series of informative webinars, the CMBS Special Servicing FAQs Virtual Roundtable. CONTINUE READING →

Published on:

22 June 2020

See how JMBM’s Global Hospitality Group® can help you.

Meet the Money® Online: Hotels and Information Security
Protecting Guests and the Bottom Line

Speakers from Manhattan Hospitality Advisors, Tiered Communication Services Inc. and Willis Towers Watson will join Bob Braun of JMBM’s Global Hospitality Group® for this informative online program.

Please join us this week, on Thursday, June 25, 2020, when Meet the Money® Online addresses an issue of critical importance to the hospitality industry: information security.

As privacy laws demand companies do more to protect customer and employee data – and cyber hackers become more sophisticated – making sure your hotel’s information is secure has never been more important.

This free webinar will take place on Thursday, June 25 at 10:30 AM PDT / 1:30 PM EDT. Register Now.

Join our panel of cybersecurity experts and hospitality veterans for a 1-hour webinar to discuss:

  • What personal information hotels collect and how they use it
  • The role of hotel owners, operators and brands in guest information
  • Technology aspects of information collection, use and protection
  • Insurance issues – how to mitigate risk and cost using insurance
  • Legal obligations and compliance

This discussion will be moderated by Robert E. Braun, partner and co-chair of the Cybersecurity and Privacy Group at Jeffer Mangels Butler & Mitchell LLP who works with companies on their data technology, privacy and security matters. Bob is also a senior member of JMBM’s Global Hospitality Group® and has more than 20 years of experience in representing hotel owners and developers in hotel management and franchise agreements, condo hotel securities issues and many transactional matters, including entity formation, financing, and joint ventures.

Our speakers include:

  • Jonathan Adam, Co-Founder and Chief Technology Officer, Tiered Communication Services, Inc.Jonathan Adam is a founding member and CTO of Tiered Communication Services, Inc. With 17 years of hotel experience, he pairs high end development projects with extremely secure advanced technology systems for an unsurpassed guest user experience, driving amazing rates of return to owners. He holds multiple technology patents, and co-founded the ySuite Incubator in Austin and PracTECHal Solutions headquartered in Las Vegas. The ySuite team owns and operates multiple hotels in the Austin area, and utilizing the TCS technology infrastructure, they generate significant amounts of high margin add-on revenue through new hospitality revenue channels.
  • Jack Westergom, Managing Director and Founder, Manhattan Hospitality AdvisorsJack Westergom is Managing Director and Founder of Manhattan Hospitality Advisors. Jack is a veteran hotelier whose background includes asset management, hotel/resort operations, international marketing, investment relations and real estate development including many of the top 25 hotels and resorts in the world. Manhattan Hospitality Advisors has provided oversight on over $18 billion of hospitality assets around the world and has helped hotels to successfully navigate through four real estate downturns.
  • Heather Wilkinson, SVP, FINEX E&O/Cyber, Wills Towers WatsonHeather Wilkinson is SVP in the FINEX Cyber & E&O practice for Willis Towers Watson with over fourteen years of experience in the cyber insurance industry. Heather is a founding member of the Willis Towers Watson E&O and Cyber Broker Team; she joined the organization in 2006 and has been instrumental in placing some of the largest towers of E&O and Cyber insurance placements in the world. She is uniquely qualified to handle Cyber and Professional Liability issues and placements and is based in Los Angeles.

There is no fee for this program.

REGISTER NOW CONTINUE READING →

Published on:

20 February 2020

See how JMBM’s Global Hospitality Group® can help you.
Click here for the latest articles on the impact of the coronavirus.

Coronavirus continues to be of global concern, and remains an issue the hospitality industry should be tracking, both for economic and legal reasons. Bob Braun discusses whether the virus may trigger a force majeure event for hotel operators and owners, and what that might mean for a property’s performance obligations and other operations.

— Jim
Coronavirus as Force Majeure Event:
What Hotel Owners and Operators Should Consider
by
Robert Braun

Coronavirus (COVID 19) has been a leading news item for more than a month now, competing and often pre-empting other national and international news items. For the hospitality industry, the virus has created severe disruptions in the largest single source of tourists. Hotel companies, both inside and outside of China, have warned of reductions in revenues, and as the virus continues to spread, the trend does not bode well. Like the SARS virus of 2002-2003, coronavirus has the potential to disrupt travel for months, and the travel industry will take time to recover.

Performance Tests and More
The most immediate effect will be seen by hotel companies when they review upcoming financial statements and see shortfalls. This could, among other things, cause some hotels to fail their performance obligations, giving owners the right to terminate a management agreement (unless the hotel operator exercised a right to cure the shortfall). At that point, hotel operators are likely to claim that the impact of the virus constitutes a force majeure event, which would require performance tests to change the performance obligations. For more details on performance tests, see our article on Hotel Management Agreement Performance Standards.

CONTINUE READING →

Published on:

07 August 2019

Click here for the latest articles on Data Technology, Privacy & Security.

Many hotels operate internationally and are frequently subject to the European Union’s 2018 General Data Protection Regulation. The financial consequences of a breach can be significant, as recent fines imposed on Marriott International demonstrate.

Bob Braun, senior member of JMBM’s Global Hospitality Group® and Co-Chair of the Firm’s Cybersecurity & Privacy Group, explores the impact of last year’s breach on the hotel brand below.
Marriott’s GDPR Fine – Lessons to be Learned
by
Bob Braun, Cybersecurity Lawyer

On August 5, 2019, Marriott International announced that it had taken a $126 million charge in the second quarter, primarily as a result of the data breach it announced in 2018. Coincidentally, on July 9, 2019, The United Kingdom’s Information Commissioner’s Office (ICO), which enforces the General Data Protection Regulation in the UK, announced that it intends to impose a fine of £99,200,396 ($123,705,870) on Marriott for last year’s data breach. CONTINUE READING →

Published on:

30 November 2018

Click here for the latest articles on Data Technology, Privacy & Security.

Data breaches are back in the news, and this time, it’s a well-known hotel industry player: Marriott International. The company announced today that unauthorized access to their systems going back several years has exposed the names and other personal details of over 500 million guests. For hoteliers, this situation can be avoided by using the Global Hospitality Group® Risk Assessment Audit™, a comprehensive tool that combines your internal resources with our expertise in analyzing your risk profile, both for compliance purposes and to create effective data security strategies.

Bob Braun, senior member of JMBM’s Global Hospitality Group® and Co-Chair of the Firm’s Cybersecurity & Privacy Group, sums up what Marriott is facing and what lessons other hotels can learn from this incident, below.
Not a Good Day for Marriott
by
Bob Braun

It’s unlikely that anyone in the hospitality industry – perhaps anyone who watches the news – hasn’t heard about the data breach at Marriott. Marriott’s pre-eminent position in the hotel industry, and the very size of the breach, with an estimated 500 million individuals impacted (putting it second behind the Yahoo breach) make this noteworthy.

What Happened?
While some of the information is available, most of the details have yet to be filled in. However, there are some key takeaways that every hotel owner, operator and brand should consider: CONTINUE READING →

Published on:

31 August 2018

Click here for the latest articles on Data Technology, Privacy & Security

Despite a general effective date of January 1, 2020, there are 5 steps that anyone doing business in California should take now to avoid problems under the California Consumer Privacy Act of 2018 (the Act) when it becomes effective. As a follow up to his original article explaining the important provisions of the Act, my partner Bob Braun provides us an important update on recent regulatory activity concerning the Act and provides practical guidance on what needs to be done now.

To read Bob’s original article about the Act, click California Adopts the California Consumer Privacy Act of 2018.
Update: California Consumer Privacy Act of 2018
5 steps to take NOW to avoid trouble
by
Bob Braun

Recent regulatory developments

Late last week, the California legislature published proposed technical amendments to the California Consumer Privacy Act of 2018. These amendments reflect almost two months of lobbying by both consumer and industry groups. In addition, the FTC has received a number of complaints that the Act, along with other proposed state actions, would create confusion in an already-fragmented approach to privacy and security in the United States.

5 steps to take now

While the changes in the Act and attacks on the Act continue to create uncertainty, businesses need to consider immediate steps to avoid the significant penalties for non-compliance. Businesses must be in full compliance on the effective date of January 1, 2020. It will not be adequate to start compliance efforts on that date.

In particular, there are 5 steps that businesses need to take to ensure compliance by the effective date: CONTINUE READING →

Published on:

02 July 2018

Editor’s Note: See article update: Take 5 steps NOW to avoid trouble with California’s new privacy act.
Click here for the latest articles on Data Technology, Privacy & Security


Privacy legislation is dominating the news cycle these days–and it’s unlikely to slow down. Now, as U.S. companies are adjusting to the requirements of the European Union’s General Data Protection Regulation, the State of California has introduced new laws that will apply to California companies or companies doing business in California. Senior member of JMBM’s Global Hospitality Group® and Co-Chair of the Firm’s Cybersecurity & Privacy Group Bob Braun discusses the implications of the new legislation and how it will impact hotels, below.
California Adopts the California Consumer Privacy Act of 2018
by
Bob Braun

On June 28, 2018, just more than a month after the EU’s General Data Protection Regulation (GDPR) went into effect, imposing broad obligations and restrictions on any entity collecting personal information of EU citizens and residents, the California legislature has passed AB 375, and the governor has signed, the California Consumer Privacy Act of 2018, providing many of the same protections and sure to upend privacy regulation in the United States. The Act was passed by the State Assembly and signed into law by Governor Jerry Brown on June 28, 2018.

Hotel companies have been grappling with the impact of the GDPR on their operations, and analyzing whether they need to adopt policies and procedures, appoint data privacy officers and register with a Data Privacy Agency as required under the GDPR. Since a privacy rule that impacts California effectively becomes a national standard, this new Act means that hotel companies will need to consider many of those issues, regardless of their foreign operations.

The Act goes into effect on January 1, 2020, and while it has broad implications that will become more apparent over time, there are some key initial takeaways. CONTINUE READING →

Contact Information