DATA PRIVACY AROUND THE WORLD
T E C H N O L O G Y
ASK
After data breaches at several major hotel companies last year , hotels have been on high alert when it comes to protecting their guests ’ personal information . At the same time , legal moves around the world have been aimed at giving customers more control over how their personal information is collected , stored and shared .
Hotels , which often collect details such as credit card numbers and preferences that help personalize a guest ’ s stay , face the tough challenge of getting the guest to trust them with information while simultaneously following the latest privacy regulations . Yet toeing this line and
TELL
AS DATA PRIVACY CONCERNS MOUNT , TRANSPARENCY ABOUT HOW GUEST INFORMATION IS BEING USED CAN PAY OFF .
Contributed by JULIANA SHALLCROSS
could offer an upside for hotels , says Wilson Raj , global director of consumer intelligence for SAS , a data analytics service .
Raj says hotels may win more favor with guests by being transparent in their data collection while still customizing stays . “ The hotel industry now has the opportunity to actually design the offerings or services with transparency and data privacy in mind from the get-go . That is the big opportunity ,” he says .
SHARING INFORMATION One way hotels can do this , Raj says , is to be very explicit about the data value exchange – what information is being collected and how the hotel will use it to enhance the guest ’ s experience . He cites recent efforts of an SAS client , Vail Resorts in Vail , Colorado , where the ski resort collected information from guests via a mobile app but also allowed the guests to share that data on social networks . Meanwhile , the resort was tracking guests ’ behavior on the properties and then tailoring offers based on that , such as discounts on spa treatments after a day of challenging ski runs or discounts on dinner for the family .
“ It ’ s still using data ,
DATA PRIVACY AROUND THE WORLD
EUROPE : The European Union is readying a 2018 enforcement date for the General Data Protection Regulation ( GDPR ), which applies to companies worldwide that pull in information on EU citizens . It widens the definition of personal information to pretty much anything that can identify an individual , including IP addresses . The GDPR provides customers with the right to be forgotten and mandates that all organizations that gather personal data , not just the data controllers often hired for the collection job , be held responsible for that sensitive information . Companies in violation of the GDPR will be fined 4 % of their global turnover .
UNITED STATES : No single law regulates data privacy , rather an ad-hoc approach that constitutes general regulations . According to law firm DLA Piper , the U . S . has about 20 “ sector-specific ” national privacy or data security laws including the Privacy Act of 1974 , while states have hundreds of such laws among them . President Donald Trump ’ s executive order on public safety has U . S . businesses concerned since it will exclude non-citizens from protection under the Privacy Act as well as jeopardize the Privacy Shield , an agreement between European Commission and U . S . businesses to transfer customer data across the Atlantic .
48 hotelsmag . com May 2017