On January 6, 2020, the Director of the FTC's Consumer Protection Bureau published a blog post with changes to the FTC's approach to its orders and settlements of data breach enforcement actions. One of the key elements of the report was a revision to the FTC's routine enforcement practice to ensure that its remedial data security orders include greater specificity about compliance expectations for companies subject to enforcement action and for third-party assessors engaged to conduct FTC-mandated monitoring and audits of targeted companies' data security practices.
The California Consumer Privacy Act (the "CCPA" or the "Act") is a piece of consumer privacy legislation which was signed by California Governor Jerry Brown on June 28, 2018, and goes into effect on January 1, 2020.
Brand concentration has intensified greatly over recent years and many new brands have been created. At last count (and the count changes often), Marriott owns 30 brands, Accor has 33, Wyndham has 18, Hilton has 14, IHG has 13, Choice has 11 and Hyatt has 10.
On a basic level, the hospitality business is simple - as is often said, it amounts to putting heads in beds. But finding the heads to put in the beds is a complex process and requires hotel companies to find out a great deal of information about their guests.
Data breaches are back in the news, and this time, its a well-known hotel industry player: Marriott International. The company announced today that unauthorized access to their systems going back several years has exposed the names and other personal details of over 500 million guests.