Hotel Managers and Owners Be Warned – You are Responsible for Your Hotel’s Data Security
Hotel Managers and Owners Be Warned – You are Responsible for Your Hotel’s Data Security — By Robert E. Braun

JMBM · 16 Jan

On January 6, 2020, the Director of the FTC's Consumer Protection Bureau published a blog post with changes to the FTC's approach to its orders and settlements of data breach enforcement actions. One of the key elements of the report was a revision to the FTC's routine enforcement practice to ensure that its remedial data security orders include greater specificity about compliance expectations for companies subject to enforcement action and for third-party assessors engaged to conduct FTC-mandated monitoring and audits of targeted companies' data security practices.

CCPA: Hotel Loyalty Programs, Data Retention and the Brave New World of Privacy
CCPA: Hotel Loyalty Programs, Data Retention and the Brave New World of Privacy — By Robert E. Braun

JMBM · 20 Dec

The California Consumer Privacy Act (the "CCPA" or the "Act") is a piece of consumer privacy legislation which was signed by California Governor Jerry Brown on June 28, 2018, and goes into effect on January 1, 2020. The Act is, far and away, the strongest privacy legislation enacted in the United States at the moment (although there are a number of contenders for that honor), giving more power to consumers to control the collection and use of their private data, and is poised to have far-reaching effects on data privacy.

Cybersecurity Lawyer: Lessons from Marriott's $123 million GDPR fine
Cybersecurity Lawyer: Lessons from Marriott's $123 million GDPR fine

Hotel Law Blog · 7 Aug

Many hotels operate internationally and are frequently subject to the European Union's 2018 General Data Protection Regulation. The financial consequ

Guest Privacy - It's Your Business | Robert Braun
Guest Privacy - It's Your Business | Robert Braun — By Robert E. Braun

JMBM · 8 Dec

On a basic level, the hospitality business is simple - as is often said, it amounts to putting heads in beds. But finding the heads to put in the beds is a complex process and requires hotel companies to find out a great deal of information about their guests. Gathering and processing that information provides not only opportunities, but creates obligations, one of the most basic of which is ensuring the security of guests' personal information.

GDPR: What you need to know about the EEU's new data privacy rules
GDPR: What you need to know about the EEU's new data privacy rules

Hotel Law Blog · 25 May

The European Union’s General Data Privacy Regulation, rules protecting the privacy of personal information, has gone into effect and impacts every co