⚠ We would appreciate if you would disable your ad blocker when visiting our site! ⚠

The Privacy Dilemma

Order a reprint of this story
Close (X)


To reprint an article or any part of an article from Hospitality Upgrade please email geneva@hospitalityupgrade.com. Fee is $250 per reprint. One-time reprint. Fee may be waived under certain circumstances.


June 01, 2005
Privacy | Primer
Mark G. Haley, CHTP

View Magazine Version of This Article

© 2005 Hospitality Upgrade. No reproduction without written permission.

This article is excerpted and highly condensed from the AH&LA Technology Committee publication Principles of Privacy: Defining & Implementing Sound Privacy Practices in Hospitality. This publication is the eighth in a series of documents intended to deliver fundamental knowledge about significant areas in hospitality technology.

Why is Privacy So Important?
Hoteliers have been the trustees and guardians of guest privacy since the earliest inns. Guests maintain an expectation of privacy as a core component of the guest-innkeeper relationship. Guest privacy’s central position in that relationship has been codified in both statutory and case law. Hotel guest privacy has been enshrined in this manner for so long because hoteliers are privy to countless, very personal details about guest preferences and behavior. There is nothing new about the obligation of hoteliers and the expectation of guests.

What is new is the spotlight on privacy and data security in society at large, not just the hospitality industry. In recent months, major breaches of confidential personal information have appeared in the headlines weekly. Privacy issues are high profile news and no business, no hotel, wants to be at the center of one of these stories.

Hotels, like many other businesses, capture and retain extensive information on their customers. At a minimum, this information is used to support business transactions, such as posting a pay-per-view movie transaction to a guest folio. The best hoteliers retain many of these details in some form solely for the purpose of improving guest service delivery in the future. Many guests both expect and appreciate the enhanced service levels made possible by capturing, retaining and re-using information from past stays.

However, legitimate fears about the proliferation, capacity, long life and networking computer databases storing a multitude of details about individuals has spawned a global privacy movement strongly opposed to capturing personally identifiable data. This movement has led to the adoption of varying laws governing data collection around the world and numerous industry-defined data privacy and security initiatives.

These two contradictory imperatives, collecting and using personal information about guests to improve service while not running afoul of the spirit or the letter of privacy regulations and laws, combine to form what is termed the privacy dilemma. By nature, hoteliers want to do whatever they can to improve service and repeat patronage, yet must do so in respect of applicable laws.

Threats to Privacy
The numerous actual and potential threats to privacy include both criminal and potentially discriminatory abuse. Some of these threats include identity theft, credit card fraud, violent crimes or theft, data abuse and undesired marketing.
  • Identity theft fraud – Considered the fastest-growing crime in America today, usually defined as using another’s identity to obtain credit fraudulently and abuse that credit. Not a major risk area for hotels per se.
  • Credit card fraud – Typically means using another individual’s credit card account to obtain goods or services fraudulently. Hotels are at significant risk for credit card fraud as either a merchant or enabling theft of card numbers.
  • Violent crimes or theft – Where a privacy transgression such as improperly giving out a guest room number or duplicate key enables a criminal act against a hotel guest or other person. While rare, these incidents carry major liability potential for hotels.
  • Data use, abuse or discrimination – The fear that information about an individual could be used against them in some way. Hotels bear some exposure here for possibly giving guest information out to someone not entitled to it, such as a spouse’s attorney.
  • Undesired marketing in the form of spam – The most common privacy threat, greatly exacerbated in recent years by spam e-mail and spyware. Hotels must not allow their lists to fall into the hands of unscrupulous marketers and should practice double opt-in e-mail list registration.
Privacy Regulations
The global privacy movement has inspired numerous efforts to regulate the collection and use of personally-identifiable data. Some of these efforts have been governmental while others have been led by various industry associations.

While extremist privacy advocates typically decry self-regulation as a bad idea first and an utter failure second, we would consider the Payment Card Industry Data Security Standard often referred to in shorthand as Visa CISP, but adhered to and enforced by all major card issuers, a major victory for consumer privacy protection. Other meaningful wins for the consumer driven by the private sector include the various security and privacy certification services available that exist to give Web site privacy policies a seal of approval.

Commercial Self-Regulation
American Express, Diners Club, Discover Card, JCB, MasterCard and Visa have come together to define a minimum uniform set of regulations regarding data security for all participants in the payment industry. This collaboration is specifically intended to protect consumer privacy, reduce fraud and increase trust in the entire payment processing value chain. The issuers call these regulations the Payment Card Industry (PCI) Data Security Standard.

Another group of commercial self-regulation privacy initiatives of interest include non-profit organizations which have established privacy standards for Web sites. They offer certification of Web sites against their criteria and allow the site owner to display the certification logo. Well-known privacy certifiers include TRUSTe, The Better Business Bureau, WebTrust and Entertainment Software Ratings Board which is not relevant to hotels, but also well-known.

Governmental Regulation
In the United States, the most prominent privacy regulations are embodied in the CAN-SPAM anti-junk e-mail law and the Sarbanes-Oxley corporate governance legislation.

In a global, networked economy the most stringent regulations will tend to become the de facto standard over time.

CAN-SPAM requires e-mail marketers to adhere to the following minimum standards:

  • Senders must have a prior and on-going business relationship with recipients. This might include registering to receive promotions on a Web site, booking a room online or being a hotel guest.
  • The subject line must accurately reflect the actual message content.
  • Sender firms must be clearly and accurately identified.
  • Sender’s full name and street address must appear in the message.
  • Sender must allow recipient to unsubscribe by replying to or linking from the message.

Sarbanes-Oxley intends to compel higher levels of corporate governance. One tactic requires auditor certification that the systems and business processes in place provide an adequate level of internal control, security and data integrity. Auditing these practices will drive the protection of consumer data as well as corporate integrity.

Another important regulation, now taking effect nationwide, allows consumers to request a free annual credit report from each of the three major credit reporting bureaus. Most experts consider regular verification of your credit reports an important step in early detection of identity theft.

California has adopted SB1386 effective July 1, 2003, which requires that if a business experiences any breach of personal information, they must notify the individuals affected (customers, employees, etc.) of such breach. An identical federal law is now under consideration.

The European Union adopted Directive 97/66/.EC effective October 1998. It represents a substantially higher and more restrictive level of privacy regulation-by-legislation than that found in the United States. Originally, the directive specifically prohibited the transfer, electronically or otherwise, of personal data to countries in which data privacy is not protected in accordance with the EU standards. This led to American Airlines being sued in a Swedish court for potentially storing meal preferences of a Swedish passenger on a mainframe in Dallas.

This kind of restriction obviously interferes with business and is not good for the citizens of the EU or the United States, hence, the U.S. Department of Commerce negotiated the Safe Harbor framework, adopted in 2000. Safe Harbor allows American companies to conduct business in the EU as long as they document compliance with seven core principles:

  1. Notice – Firms must notify consumers what data they collect and for what purposes.
  2. Choice – Consumers must have the choice to opt-out of allowing the disclosure of personal information.
  3. Onward transfer – Firms must apply the notice and choice principles when disclosing information to third parties.
  4. Access – Individuals must be able to access and correct any information stored by an organization.
  5. Security – Organizations must take reasonable precautions against loss, misuse or unauthorized disclosure of personal information.
  6. Data integrity – Information must be relevant to the purpose for which it is collected, accurate, complete and current.
  7. Enforcement – Safe Harbor jurisdictions must offer readily available and affordable recourse venues for individual complaints of violations and to ensure compliance.
Practicing Privacy In Your Hotel
Sound privacy practices run the gamut in every hotel, from ensuring that front desk clerks write room numbers down rather than speak them to verifying that the online booking engine uses SSL encryption to secure reservations transactions. The best places to start for most hotels:
  • Evaluate every practice regarding giving out room numbers and keys in terms of guest privacy.
  • Evaluate your practices regarding fulfilling duplicate folio requests or other information about guest stays.
  • Evaluate your credit card practices in terms of privacy and CISP compliance. This should include practices where reports, screen displays and folios do not show complete card numbers
  • Evaluate your guest history/CRM applications according to the seven Safe Harbor principles and CISP compliance, then test Web sites that link back to CRM databases for security.
For more information on sound privacy practices for your hotel company, please download Principles of Privacy: Defining & Implementing Sound Privacy Practices in Hospitality from the members section of http://ahla.com.

Mark G. Haley, CHTP is a partner in The Prism Partnership, LLC, a consulting firm servicing the global hospitality and travel industries based in Boston. He is a member of the AH&LA Technology Committee and author of several of the primers published by the committee. For more information, please visit http://theprismpartnership.com or call (978) 521-3600.


want to read more articles like this?

want to read more articles like this?

Sign up to receive our twice-a-month Watercooler and Siegel Sez Newsletters and never miss another article or news story.