How Consumer Privacy Laws Impact the Hospitality Space
By Dana Kravetz Managing Partner, Michelman & Robinson, LLP | November 17, 2019
This article was co-authored by Scott Lyon, Partner, Michelman & Robinson, LLP
With a population just shy of 40 million people, California is by far the most populous state in the nation. How big is the Golden State? Consider this: California's economy-around $2.7 trillion-is the fifth largest in the world, putting it ahead of the United Kingdom, India, France, South Korea and even Russia.
Bottom line: Californians represent a significant percentage of consumers, not just in San Diego, Los Angeles, San Francisco and cities and towns in between, but throughout the U.S. Which should give hoteliers pause when pondering this additional fun fact: California is also home to the nation's strictest privacy law, the California Consumer Privacy Act (CCPA), which comes online January 1, 2020.
Privacy, a topic once reserved for the "do not disturb" signs that hang on hotel room doors across the globe, is now (or should be) front and center on the radar screens of hospitality executives everywhere. And that's because of statutes like the CCPA and similar domestic legislation in places like Colorado and Nevada, as well as the General Data Protection Regulation (GDPR) that became effective in the European Union on May 25, 2018. These laws create certain rights and restrictions with regard to the personal information (PI) and data collected from folks in California, Colorado, Nevada, the EU and every other jurisdiction that has (or may soon have) comparable privacy laws on the books.
For owners and management of hotels visited by customers hailing from these places, it's extremely important that they understand the nature of this new wave of privacy legislation and how it impacts their businesses. This article aims to place the privacy picture in better focus, with an overview and breakdown of the CCPA and GDPR, the two most significant privacy laws, to date.
California's pending privacy law gives Californians new valuable rights concerning their PI. Broadly, pursuant to the CCPA, consumers in California are entitled to know what PI is being collected about them; whether it's being sold and to whom; to access a copy of their PI; to delete any and all PI collected; and to opt-out of its sale. Likewise, consumers are protected against discrimination if they invoke these rights.