This blog post was originally published as a Legal Alert on GSB's website on July 3, 2018. The post was also authored by Victoria Redman, GSB’s 2018 Summer Associate, located in the Seattle office.
On Thursday, June 28, 2018, the California Consumer Privacy Act of 2018 (the Act) passed with resounding support from both Republicans and Democrats, who voted in favor of the bill 73-0-7 in the Assembly and 38-0-3 in the Senate. The Act, which takes effect on January 1, 2020, imposes requirements on the processing and protection of personal data similar to, and in some cases, more extensive than the requirements under the EU General Data Protection Regulation (GDPR), which went into effect on May 25, 2018.
Lawyers often say “bad facts make bad law”. Combine that with weak legal arguments and, well, things can get really bad, really fast. That’s precisely what happened to Wyndham yesterday when the Third Circuit affirmed a federal District Court decision that the Federal Trade Commission (“FTC”) has authority to regulate cybersecurity under the unfairness prong of § 45(a) of the Federal Trade Commission Act. While commentators may disagree on the result from a legal or policy perspective, one thing is for certain, it was a bad result for Wyndham. The decision rejected in no uncertain terms Wyndham's argument that the FTC lacked authority; and not kindly.
Benjamin Lambiotte, technology and data privacy attorney in Garvey Schubert Barer’s D.C. office, shares key points from two significant survey reports analyzing trends in data security breaches during 2014 that were released this week; one from Verizon, and the other from IBM and the Poneman Institute. It should come as no surprise to anyone that once again, the hospitality industry is featured prominently in both reports. Thank you, Ben! – Greg
A pair of recently effected state laws makes clear that information security remains a significant issue that receives and will continue to receive considerable legislative and commercial attention. Hoteliers, restaurateurs and others in the hospitality industry use personally identifiable information (PII) of their guests and customers to improve services and create a personalized experience.
Greg and I attended the annual Hospitality Law Conference in Houston this February, which devoted an entire track to data privacy issues. It’s the definition of a hot topic, and important, so please take note!
Greg Duff founded and chairs Foster Garvey’s national Hospitality, Travel & Tourism group. His practice largely focuses on operations-oriented matters faced by hospitality industry members, including sales and marketing, distribution and e-commerce, procurement and technology. Greg also serves as counsel and legal advisor to many of the hospitality industry’s associations and trade groups, including AH&LA, HFTP and HSMAI.