Header graphic for print

Duff on Hospitality Law

HOSPITALITY INDUSTRY RISKS: DATA PRIVACY AND SECURITY

Posted in Data Privacy, Hotels

I’m pleased to introduce guest author, Nick Montera, Vice President, Account Executive and head of the hospitality practice at Parker, Smith & Feek.  PS&F is an insurance and risk management brokerage firm headquartered in Bellevue, Washington, providing innovative insurance solutions to clients nationwide.  We appreciate Nick sharing his expertise and insights on this important and timely subject.  - Roger Hillman

HOSPITALITY INDUSTRY RISKS: DATA PRIVACY AND SECURITY

Most hospitality businesses allocate time and capital to efficiently collect and process data in order to improve sales, customer service and loyalty, and operations efficiency. Technological advances have made it easier to manage a wide range of information about customers, vendors, and employees. Virtually all businesses that use computer systems are to some extent vulnerable to costly exposures associated with system breaches.

Hotels and restaurants are no exception and, in fact, have much higher levels of exposure because they collect vast amounts of private data from customers as a part of their day-to-day operations through credit card transactions, online reservations, and rewards programs. Private data may be both personal (names, physical addresses, email addresses, social security numbers) and financial (credit card and banking). While technology helps your business run more efficiently, it also increases your risk for data privacy and security breaches, as well your liability to affected customers. Unfortunately, many hospitality companies have not upgraded their risk management plans to address the inherent exposures associated with today’s sophisticated data management. A breach can severely impact the financial stability and continuing success of a company, and so it’s important to understand the risks associated with data breaches and to develop plans to mitigate them.

Hospitality: A Targeted Industry

According to Nicholas J. Percoco, hospitality businesses often proves to be an easy target for criminals who are looking for high transaction volume, a large database of customer records, and low barriers to entry. In fact, organizations analyzing data breach trends consistently cite hospitality as the single most vulnerable industry:

Percoco, head of Trustwave Spider Labs, believes that the criminal element targets the food and beverage industry because of high transaction volume, which makes it possible to turn criminal activities into money very quickly. Trustwave Spider Labs found that food and beverage companies not only have systems that are vulnerable to infiltration, but often fail to detect a breach until long after it has occurred. Their study revealed that criminals stay undetected in a breached food and beverage system for an average of 173.5 days. The combination of high transaction volume and undetected breach time can prove devastating to a business.

A common misconception is that only large organizations need to worry about protecting against data breaches. In Verizon’s 2012 Report, two-thirds of the 855 investigated incidents occurred at businesses with 11 to 100 employees, a common size for many hospitality enterprises. However, no hospitality company is immune. Smaller, independent enterprises are vulnerable because they are small and may have systems that are easily breached. On the other hand, franchise operations often share a regional, national, or international data system that, once breached, can affect all or most of the individual franchisees.

Most businesses today have data privacy and security exposures, which may include 1) a presence on the Internet, 2) data on servers connected to the Internet, 3) file maintenance that contains personal and/or financial information, and 4) transmission, storage, or processing of data such as credit card payments. Businesses in the hospitality industry need to be particularly cognizant of these exposures. It is important to develop programs to reduce the possibility of a breach and take steps to mitigate the impact of a breach before one occurs.

Costs of a Data Breach

A company that experiences a breach can incur a range of costs that quickly add up to a substantial loss. When private data is compromised, your expenses could include notification and claims processing, credit monitoring services for affected individuals (to lessen the potential for civil suits), and employment of a public relations team (to assist with damage control and preservation of your reputation). There may be additional costs associated with finding and fixing the root cause of the breach, and recovery of lost data. Finally, you may have liability claims for failure to have reasonable safeguards in place to protect personal and financial data.

In the event of a breach, you are responsible for notifying the affected individuals. In fact, 46 states have enacted broad privacy laws pertaining to notification whenever personal or financial information might have been compromised, lost, or stolen. Furthermore, if private data of individuals from other states is affected, you must comply with each applicable state’s laws. For those in the hospitality industry, compliance can be costly and time consuming because it entails research into the privacy laws of the state of residency for every potential affected customer. Since many hotels and restaurants depend upon customers from all over the United States (as well as other countries), notification requirements and the related costs are of particular importance. The possibility of regulatory violations and fines can be drastically reduced if you have an adequate plan in place ahead of time.

Estimates of the average incurred cost for a breach vary between the studies, but one thing is evident: it’s expensive. According to the Ponemon Institute’s 2011 report, the average cost of a data breach in 2009 was $6.75 million per incident and $204 per individual record. The immediate financial cost of a data breach is only part of the story. It can cause a loss of customer trust and a tarnished reputation, which can be extremely difficult and expensive to rehabilitate. This is especially true for hotels and restaurants, which usually have high public profiles.

Data Security and Risk Management Basics

There is no doubt that the risks associated with data retention and transfer are real and significant. For a hospitality organization, it is of paramount importance to identify areas of exposure and develop adequate risk management programs that address data privacy and security. To help you get started, here is a list of questions (from Cyber insurance specialist Swett & Crawford) with my added commentary:

  • Is the corporation aware of all applicable state and federal privacy laws and notification requirements pertaining to customer data?
    • Due to the wide geographic dispersion of your clients, it is best to do this research upfront. If a breach occurs, you may not have adequate time to research and comply with state laws, which may be time sensitive. Missed deadlines could lead to costly regulatory fines and penalties.
    • Make sure that your organization is compliant with The Payment Card Industry Data Security Standards (PCI DSS) and any other standards that apply to your organization. Helpful information on PCI DSS can be found here.
  • Is any personal identifiable information (PII) or client confidential information stored on computers or in paper files on premises? If so, where specifically is the data stored, how is it secured, who has access and how many PII data files are there?
    • PII is often defined as unique information that can be used to identify, contact or locate a single person. In Washington state, PII is defined as an individual’s first name (or initial) and last name combined with one of the following: social security number, bank account number, credit or debit card number (including security code access code or password), driver’s license number, or a Washington identification card number.
    • Track personal data throughout your entire information infrastructure and identify all parties that have access to this data. Conduct an audit that gauges employee access to and use of personal data.
    • Make information security a written workplace policy.
  • Are all of the companies laptops encrypted? Are portable media devices like thumb drives prohibited or at lease encrypted?
    • Devices such as laptops, smart phones, external hard drives and flash drives all present possible data security threats if lost, stolen, or hacked. While most people assume that system hackers are the greatest threat, recent studies show that lost or stolen portable devices are the most common cause of data breaches.
  • Has the company implemented strong internal password controls and training to all employees?
    • Make sure passwords are strong. It is also a good practice to reset passwords periodically—90 days is a good timeline—and never duplicate passwords. It’s also a good idea to reset default passwords.
  • Are the company’s firewalls current and all security patches regularly updated?
    • A firewall can be the best defense when trying to isolate and contain breaches. Despite the expense, it is beneficial to invest in a robust set of firewalls that require user authentication.
  • Does the company outsource any services to third party vendors that may involve a client’s information? If so, do these vendors provide hold harmless and indemnification agreements with regards to any data breach involving personal identifiable information?
    • It’s a common misconception that outsourcing automatically transfers liability for data breaches to the vendor. It is vital that you have favorable hold harmless agreements and indemnification provisions in place with vendors, but even with these agreements in place, data owners can still be held responsible for compromised information.
  • Does the company have in force a detailed plan in case of a data breach?
    • In addition to developing and implementing a risk management program for data breach, risk transfer via insurance can be a cost effective risk management mechanism.

Data Breach Insurance Coverage Basics

Over 30 insurance carriers provide coverage that is tailored to specifically address exposures related to data breach. Naming conventions vary by insurance carrier, but some of the more common ones are Data Security, Data and Privacy, Cyber Liability, and Data Breach insurance. Coverage may be written on a standalone basis or combined with your Professional Liability or Media policy.

A properly structured policy will provide both first and third party coverage. First party coverage pays for direct losses incurred as a result of a breach including (but not necessarily limited to) notification costs, recovery of lost and destroyed data, forensic investigation expenses, credit monitoring and call center services for affected customers, business interruption losses, extortion demands, and public relations expenses. Third-party coverage protects companies from liability suits filed by individual customers, credit card companies, regulators, and various other third parties. Coverage should extend to defense costs as well as damages. Depending upon the carrier and insurability from a legal standpoint, it may also cover regulatory defense, fines, and penalties.

As a hospitality business, your financial stability and continuing success depend upon a proactive approach to data security risk management. Lax security practices or a security gap could result in a breach that encompasses massive amounts of stolen data, creating financial loss for your customers, vendors, and employees, as well as your business. It’s important to do all that you can to protect yourself from a breach. It’s equally important to devise a solid risk management plan, including insurance coverage, to mitigate the severity of loss when one occurs. If you have not yet done so, consult with your insurance professional about your data exposure and risk management solutions.

By Nick Montera, Vice President, Account Executive and head of the hospitality practice at Parker, Smith & Feek

 

There Is Such a Thing as a (Tax-) Free Lunch—Washington’s Department of Revenue Agrees

Posted in Hotels, Tax

Today’s post is co-authored by two of my colleagues in our state and local tax practice group, Michelle DeLappe and Miriam Woods.

It is not every day that Washington’s Department of Revenue issues a determination in which the taxpayer wins. In fact, it is a rare occasion when the Department decides that it was wrong; it is perhaps even rarer for it to publish that it was wrong. Happily, one of these rare occasions recently touched the hospitality industry—specifically, the very hospitable practice of giving free meals to guests.

The taxpayer in question is an extended-stay hotel that provides guests free breakfasts and dinners during their stay. The hotel does not have a restaurant and does not serve meals to the public. The Department audited the hotel and assessed it use tax on the food and beverages used in the meals based on the argument that the hotel uses them in their business.

Washington imposes sales tax on tangible property that a business uses. For hotels, this includes furnishings and amenities provided for guests’ use; hotels even have to pay sales tax on those little bottles of shampoo because they are deemed to have “used” them by simply placing them in the guests’ rooms. And in Washington, as in most other places with a sales tax, if you use something and don’t pay sales tax on it, then you still owe tax: hence, the “use tax.”

Here, when the taxpayer bought food ingredients and beverages, it paid no sales tax. The Department’s auditor, however, argued that the taxpayer was using the food and beverages just as it uses the little bottles of shampoo—even more so because it manipulates the ingredients into meals in the hotel kitchen. The Appeals Division disagreed based on Washington’s sales and use tax exemptions for food and food ingredients and for certain beverages.

So here’s the lesson for hotels and restaurants: if you are providing complimentary food, even prepared meals, you do not need to pay sales or use tax on the food or food ingredients or on exempt beverages. Note that sales or use tax apply to alcoholic beverages and soft drinks, though. There’s still no such thing as a tax-free glass of wine!

Kudos to the Department of Revenue for recognizing the error and publishing a taxpayer-friendly decision that provides helpful guidance.

For more information, the tax determination is available here.   If you have any questions, please feel free to contact me or Michelle or Miriam directly.

Don’t Jam Your Customers’ Mobile Hot Spots!

Posted in Hotels, Wi-Fi hotspots

Marriott International, Inc. found out the expensive way that it should not disable customers’ mobile hotspots.  It entered a Consent Decree with the Federal Communications Commission (“FCC”) in which it agreed to pay $600,000 to the U.S. Treasury.

A number of mobile devices, such as smart phones, can serve as a wireless access point to the Internet, sometimes called Wi-Fi hot spots.  Consumers use these devices to connect their laptops to the Internet through their smart phones. Marriott employees at Gaylord Opryland, which Marriott manages, were using Wi-Fi monitoring systems with containment features to de-authenticate guest-created Wi-Fi hotspots in their conference facilities, ballrooms, guest rooms or public areas. Meanwhile, Marriott had been charging conference exhibitors and attendees from $250 to $1000 per device to use the Gaylord Wi-Fi service in its conference facilities.

An individual complained to the FCC that he could not use his mobile hotspot in the convention space at a function at Gaylord Opryland. The FCC investigated Marriott’s compliance with Section 333 of the Communications Act, which prohibits any person from interfering with any radio communications equipment licensed or authorized by the Communications Act. To resolve that investigation, Marriott agreed to enter into a Consent Decree with the FCC requiring Marriott to pay the U.S. Treasury $600,000 and to file compliance reports for the next three years. A copy of the Order and Consent Decree is available here.

Marriott has since instructed the properties under its management to cease using containment equipment in any way to block consumer’s mobile hotspots. More information about impermissible Wi-Fi blocking practices is at www.fcc.gov/jammers.

Guest Room Privacy and the Fourth Amendment

Posted in Hotel Guest Room Privacy, Hotels

Hotels are faced with a delicate balancing act when it comes to maintaining guest privacy.  Hotel staff must comply with police investigations when noncompliance would constitute obstruction of justice.  At the same time, hotel employees must recognize their guests’ Fourth Amendment right to be protected from unreasonable searches and seizures.  If hotel employees comply with an unreasonable search or seizure that results in harm to the guest, the hotel could find itself exposed to civil liability.

Courts have recognized that the Fourth Amendment protection from unreasonable searches and seizures applies to searches and seizures in hotel and motel rooms.  Certain exceptions allow for warrantless searches and seizures, including consent.  In broad terms, the consent exception means that a party’s agreement, actual or implied to a search and/or seizure renders a warrant unnecessary.

In general, during a guest’s stay at the hotel, only the guest may consent to a search of his or her room.  While hotel staff members may access the room for cleaning and maintenance during the guest’s stay, they are not authorized to allow police to enter the room.  Thus, during a guest’s tenancy at the hotel, employees should not allow police to enter the guest’s room without a search warrant.

Fourth Amendment protections do not apply after a guest’s tenancy expires, at which point those employees with proper authorization from the hotel may aid the police and consent to a search of the room.  While this seems like a straightforward principle, it is not always clear when a tenancy actually expires for the purposes of the Fourth Amendment.  When faced with this lack of clarity, hotels can take certain actions to ensure careful compliance with the Fourth Amendment by issuing and consistently following policies regarding (a) guest checkout and (b) eviction of guests.

 I. Checkout Policy and Procedure

A guest’s Fourth Amendment rights expire once the checkout time has passed. However, this may be modified by the hotel’s practices and guest communications.  Consequently, hotel policies and practices may extend Fourth Amendment protections past the guest’s pre-arranged checkout time. For example, if a hotel gives a guest permission to stay until a later checkout time or has a practice of acquiescing when a guest stays past the posted checkout time, Fourth Amendment protections last until that later check-out time.  Courts have found that after a hotel provided specific guests with such an allowance, those guests “reasonably believed that the hotels would allow them to do so again, permitting them to retain a privacy interest in their rooms.”  Courts realize that most hotels have a pattern or practice of allowing guests some leeway regarding the checkout time.

Each Fourth Amendment inquiry concerning guests checking out of hotels hinges on the specific facts of the case.  A hotel that has a clear checkout policy and consistent procedures will provide both staff and guests with certainty as to when a guest’s Fourth Amendment protections have expired.

Fourth Amendment protections depend on the guest’s reasonable expectation of privacy in his or her room, meaning that hotels must state their checkout policies in a manner that would not confuse a reasonable person.  An effective communication policy and procedure could involve a notification about the checkout time to the guest upon check-in, the issuance of a reminder to the guest several hours before checkout, and the posting of the checkout time in each room.  Further measures may include contacting the guest in the event that checkout time has passed.  In these ways, a hotel can unequivocally state that a guest’s tenancy and accompanying Fourth Amendment protections expire at a certain time.

A hotel should do its best to be consistent in communicating and enforcing its checkout policy.  In the absence of consistency, guests might be considered reasonable in expecting their Fourth Amendment rights to extend beyond checkout time.  If a hotel wants to retain the option to make exceptions to its general checkout time, it should provide a system for staff members to record these extensions so that they know whether or not each guest is protected by the Fourth Amendment.

II. Eviction Policy and Procedure

A justifiable ejection will also extinguish a guest’s Fourth Amendment protections.  A guest’s tenancy expires after the hotel has identified grounds for eviction and taken affirmative steps to repossess the room.

Examples of what courts have found to be valid grounds for eviction include:

  •  Raucous behavior.
  • Illegal activity, including storing illegal drugs.
  • Failure to pay for the hotel room.
  • Intoxication, disorderly conduct, and carrying a gun in the hotel.
  • Odors of marijuana (except in those states that have now legalized recreational use) and complaints of loud noise.

The hotel must then act to take back possession of the room, which ends the guest’s expectation of privacy.  The Fourth Amendment continues to protect a guest until the hotel staff takes action to commence eviction.  The following actions have been identified as sufficient to constitute the commencement of eviction, and thus the extinguishment of Fourth Amendment protections:

  •  Locking the guest out of his room, as long as it is for the purpose of eviction.
  •  Contacting the police for their assistance in physically evicting the defendant.
  • Removal of the guest’s belongings from the room, a note left on the door informing the guest that he/ she had been evicted, the hotel staff telling the guest that he/she was evicted, or some combination of the above.

In order to create and follow an eviction policy that promotes compliance with the Fourth Amendment, a hotel should identify behaviors that justify eviction.  This requires consultation of the law, including any statutes that govern hotel policies.  The hotel should then train its staff to recognize and respond to behavior that triggers eviction.  A hotel should also provide guests with its eviction policy or communicate in some way the types of behavior that could trigger an eviction.  Finally, in the event of an eviction, the hotel must take steps to communicate to the guest that he or she is being evicted.  If the hotel has created any doubt or confusion as to whether the behavior under consideration triggers eviction, or does not clearly communicate that the guest is being evicted, Fourth Amendment protections may continue to apply. Therefore, as with the suggestions for checkout procedures discussed above, consistency and clarity will help to ensure a situation in which hotel employees and guests know when the Fourth Amendment no longer applies to protect guests.

In general, hotel staff should not allow police to enter a guest’s room without a warrant.  However, if the guest’s tenancy has expired because the checkout time has passed or the guest has been evicted, hotel staff may provide consent for a police search.  Hotels should implement polices and procedures that allow guests and staff to know, with certainty, the circumstances under which a guest’s tenancy expires.

What is “Suitable Seating” and How Does It Affect My Business?

Posted in Employment Law, Food and Beverage, Hotels

California employers are currently scratching their heads over how to interpret “suitable seating” that is required under California Wage Orders.  Nancy Cooper, member of our Labor and Employment Group and Hospitality, Travel and Tourism practice team, discusses how that term is defined will affect your business.  Thank you for today’s post, Nancy! – Greg

Section 1198 of the Labor Code of California states that the “employment of any employee for longer hours than those fixed by the order or under conditions of labor prohibited by the order is unlawful.

References to the “order” refer to California Wage Orders, which are issued from time to time by the California Industrial Welfare Commission and establish wages and working conditions for a number of industries within California. Section 14 of the majority of the California Wage Orders say that an employer must provide “all working employees” with “suitable seats when the nature of the work reasonably permits the use of seats.” What each Wage Order does not say is what this means.

Even though these Wage Orders have been around for decades, they are only now the focus of many lawsuits.  So why now?  Well, that is also hard to answer.  These laws were originally focused on allowing employees who worked on certain equipment or in other jobs that were essentially stationary to sit down as they performed their work.  There used to be many more “suitable seating” laws across the nation.  They appear to have originated in the 1950s and were focused on the increasing number of females in the workplace.  They have either remained on the books (though neutralized to be gender neutral) or taken off the books altogether.  The California laws came to life with the passage of the Private Attorney General Act (PAGA).  Under PAGA (which was deemed to apply to the suitable seating laws) an employee can seek up to a year of civil penalties and attorney fees, including a civil penalty of $100 for each aggrieved employee per pay period for the initial violation and $200 for each aggrieved employee per pay period for each subsequent violation.  So, now there is real money tied to the law.  Where there is real money – lawyers will follow.

Two of the more notable suits involving suitable seating are class actions that are currently on appeal with the Ninth Circuit Court of Appeals.  As the Ninth Circuit was trying to interpret the law and make a ruling in these cases, the Court discovered that there was not clear interpretation of the law in California state court.  There was not sufficient guidance from state courts to inform the Ninth Circuit what was intended under the law.  Thus, the Ninth Circuit said that rather than substitute its own judgment in the interpretation of California law, it asked the Supreme Court of California to clarify three specific questions.

They first asked the California Supreme Court to clarify whether the term “nature of the work” refers to individual tasks that an employee performs during the day, or whether it should be read “holistically” to cover a full range of duties.  As a sub-part to this question, if the courts should construe the “nature of the work” requirement holistically, should they then consider the entire range of an employee’s duties if more than half of the employee’s time is spent performing tasks that reasonably allow the use of a seat?

The second question the California Supreme Court was been asked to clarify is whether an employer’s business judgment should be considered in determining whether the nature of the work “reasonably permits” the use of a seat, as well as the physical layout of the workplace and the employee’s physical characteristics.

The third and final question posed to the California Supreme Court was to clarify whether the employee must prove what would constitute a “suitable seat” in order to prevail.

So, what does this mean to the California hospitality industry?  It could change the way in which operations are designed and how job expectations are defined.  What if a sous chef wants a stool as he does prep work?  Can the kitchen design handle the arrangement?  How does that reconcile with the hazards of the kitchen workplace?  Can it be set up in the often narrow passage ways of the kitchen?

How does the hostess position effectively use a seat and still present a welcoming atmosphere to the clientele?  What about the wait staff?  If they are given a seated area for use when the floor is not busy – what happens if someone is sitting down when they really should be tending to tables or cleaning the stations?

What about the reception desks at hotels and the spas?  Do they give the same image if they are sitting down – even if on a high stool?  More importantly, do you now have to change the lay-out of the reception area?  Is there enough room for the employees to be seated or use a stool?  Is a stool even considered “suitable seating”?

If a job or worksite has been modified as an accommodation to an individual in a wheelchair, does that mean that it is now considered to be a job that automatically can be performed when seated – even when it historically has not been?

It is not known when the California Supreme Court will provide answers to the questions posed by the Ninth Circuit.  Any guidance offered by the Court will still be open to interpretation and lead to more suits.  The answers will not be specific to any given industry.  The Court is unlikely to provide guidance on the interplay with other laws (e.g. workplace safety, OSHA, etc.) as well as define who has the burden to prove the violations exist and that the solutions are or are not reasonable.

Some of the early California cases regarding suitable seating suggest that there may be some considerations available to employers.  If a company can demonstrate that there is a genuine customer-service rationale for requiring the employees to stand, the company may have an argument.  Depending on the nature of the service provided by the employee, it is acceptable for a Company right to be concerned with efficiency – and the appearance of efficiency – of the delivered service.  These early cases have expressed concern not only about safety, but also about the employee’s ability to project a “ready-to-assist attitude” to the clientele.  It is not clear that these arguments will survive the California Supreme Court’s analysis.  It is anticipated that the answers will only create more questions, so it is well advised to start looking at your facilities as well as your job descriptions now so you can be prepared to take steps to not become the next lawsuit target.

Seattle’s New $15 Minimum Wage Raises Many Questions

Posted in Employment Law

On June 2, the Seattle City Council voted unanimously to approve a $15 minimum wage ordinance. Mayor Ed Murray signed it the next day. The ordinance provides that all employers will be required to reach the $15 per hour wage over a period of years, depending on their number of employees. Very generally speaking, and subject to a number of specifics touched on below, employers with 500 or fewer employees will be required to pay $10.00 an hour starting on April 1, 2015, and will make annual increases culminating in $15.00 an hour in 2021. Employers with more than 500 employers will need to pay $11.00 an hour starting in April 2015, and will reach $15.00 an hour in 2017 (2018 for employers who contribute to employee health insurance premiums).

Employers are grappling not only with how to manage the logistics of the increased wage, but with how to read the ordinance’s many definitions and exceptions. In the coming months we expect to see rule making and legal challenges that will hopefully clarify the impacts of the ordinance, so stay tuned. This blog post addresses a few of the questions we’ve been hearing so far.

Am I a Schedule 1 or Schedule 2 Employer?

Schedule 1 employers generally have more than 500 employees, while Schedule 2 employers generally have 500 or fewer employees. But it’s not that easy. If you’re a franchisee, as defined in the ordinance, you need to count all the employees employed by any other associated franchisee anywhere in the U.S.

Why does it matter which schedule I’m in?

Whether you are regarded as a Schedule 1 or Schedule 2 employer is important for two primary reasons: it determines how long you have to reach the minimum wage, and it determines whether you can consider tips and employer-paid healthcare premiums as part of the wage.

Schedule 1 employers reach the minimum wage of $15.00 more quickly, and while their contribution to health insurance premiums can delay the $15.00 minimum wage by a year (from 2017 to 2018) neither such contributions, nor tips, can be used to offset Schedule 1 employers’ obligations.

Schedule 2 employers have longer to reach the $15.00 minimum wage (seven years, by 2021), and prior to reaching that number, they can use a combination of wages and tips and/or premium contributions to meet their obligations.

Some of my employees work occasionally in Seattle. Are they covered?

Hours in Seattle are covered if the employee works at least two hours in Seattle during each two-week period. If you have employees who do any work in Seattle, you should carefully monitor the amount of such work and be prepared to pay the applicable minimum wage for hours spent in Seattle.

The ordinance does provide that time spent in Seattle solely for the purpose of traveling through Seattle from a point outside Seattle to a destination outside Seattle (for instance, a drive on I-5 from Renton to Bothell) will not be considered work in Seattle so long as there are “no employment-related or commercial stops in Seattle except for refueling or the employee’s personal meals or errands.”

 If two or more businesses are related, will their employees be counted together or separately?

The ordinance provides that for non-franchise employers (franchises are addressed in more detail below), separate entities may be regarded as an “integrated enterprise” for the purposes of counting employees and determining whether an employer is covered by Schedule 1 or Schedule 2. The concept of “integrated enterprise,” with similar (or identical) multi-factor tests, exists in other employment laws, including Seattle’s own Sick and Safe Leave ordinance and the federal Family and Medical Leave Act (FMLA). The ordinance also contains an important exception:

“There shall be a presumption that separate legal entities, which may share some degree of interrelated operations and common management with one another, shall be considered separate employers for purposes of this section as long as (1) separate legal entities operate substantially in separate physical locations from one another, and (2) each separate legal entity has partially different ultimate ownership.”

This exception invites creative thinking about structuring (or restructuring) ownership and operations.

Is my business a “franchisee”?

The ordinance defines a franchise as a certain kind of written agreement providing benefits (including association with a trademark) in exchange for payment of a “franchise fee.” Many employers know if they have a franchise agreement, but others may have business arrangements that are not called “franchise agreements,” (for instance “management agreements”) that might qualify under the ordinance. If you determine that you are a franchisee, you will need to learn how many employees are employed by associated franchisees anywhere in the U.S. If that number is more than 500, you will be considered a Schedule 1 Employer regardless of how many employees you employ.

 

Hotel Rebranding: Time for a Change?

Posted in Brands and Trademarks, Hotels

Is hotel rebranding the latest 2014 trend? Claire Hawkins, Chair of Garvey Schubert Barer’s Intellectual Property Practice and new author to Duff on Hospitality, weighs in on the topic and offers her insights on the intellectual property elements you’ll need to consider.  Thank you for today’s post, Claire! – Greg  

Is hotel rebranding trending, and is that a further sign of the recovering lodging industry? There have been a number of announced changes in hotel names and brands in the last few months, and while this may or may not signify an economic uptick, you can be assured that there has been a lot of work behind the scenes to get to this point for all of these venues.

A recent article noted there are many intellectual property issues involved in hotel rebranding, as well as the considerations of public opinion, current trends, and bottom line financials.

All of these factors are compounded given the general nature of hotels: large scale, significant reputation considerations, the considerable costs of the accompanying renovation (and usually updating) and replacing old inventory items that have the old brand, as well as the economic consequences of the time it takes (sometimes up to a year) for the unbranding and rebranding phases as well as reincorporating into the referral, booking, and online channels with the new name.

With all these issues already demanding time and resources, it makes sense to be very sure that the new brand to be adopted is available and that it will be a strong brand. Every company relies on trademark laws to communicate to consumers and to protect the reputation of its business. Making sure your new brand is not too similar to any other existing brand or trademark (including trade dress or other protectable elements), and then registering and managing your rights and responsibilities worldwide and online prevents your marketing and advertising resources and goals from being wasted. Examples of learning these lessons the hard way include instances when Hard Rock Café sued Hard Rock Hotel for trademark infringement; Hershey Entertainment & Resorts Company sued Radisson for calling its hotel Radisson Harrisburg Hershey; Barley Swine restaurant in Austin sued Barley & Swine restaurant in Florida; and Seacrets hotel in Maryland stopped use of SECRET SPOT as a name for restaurant services.

The benefit of a strong brand, if adopting a new one, is that you will be able to use the brand to refer to your business and reputation in a broad, confident manner, prevent others from using similar marks, and build up value and credibility with much more ease than with a mark that already has other similar users out there, and clearing the mark first can help prevent those schedule-interrupting cease and desist letters from third parties.

If you are instead switching to an existing brand, being aware of the strength of the brand’s intellectual property portfolio (worldwide trademark registrations, domain names, franchise or service agreements, web use, trade dress protections, etc.) as part of the initial due diligence can inform you of issues or hurdles or ongoing problems that will need to be considered or managed as the brand is adopted. For example, if the brand has had to send numerous cease and desist letters to others because the name is fairly descriptive, it would be important to include that aspect into future budgets. On the other hand, determining that the brand to be adopted has a strong portfolio of established rights and registrations would be an indication that the change would indeed bring value and stability to your endeavor.

Takeaway: For any of the many reasons to shift, update, adopt, or change a brand, evaluating the strength of the trademarks, trade dress, domain names, and other intellectual property elements should be included in the list of to-do items before proceeding. If you’re going to go with this trend, if it is one, you might as well go with confidence!

If you have any questions about trademark or other intellectual property rights associated with an upcoming branding or re-branding of your hotel or restaurant, please contact me or Claire Hawkins.

Who is Winning the Negative On-Line Review Battle?

Posted in Technology

The hospitality industry regularly faces tremendous challenges, ranging from unexpected tornadoes to salmonella lurking in organic eggs requested by guests.  However, negative reviews on TripAdvisor.com or similar sites pose particularly perplexing challenges.  Should the business respond or ignore them?  Our newest post from Judy Endejan, discusses the latest legal developments regarding negative on-line reviews.  Thank you Judy! – Greg 

Recently, some businesses have battled negative reviews aggressively by using contracts.  One web retailer, KlearGear.com, slapped a $3,500 fee on a customer for violating an anti-disparagement provision in its terms of use on its web-site and reported the customer as delinquent to credit agencies, harming their credit.  In another situation, a New York dentist required her patients to sign an agreement waiving any right to comment publicly about her services and to assign to her the copyright in any- after- the fact reviews.  While these examples represent creative, albeit desperate, attempts to stymie negative reviews, such tactics may cause more harm than the negative reviews.  For instance, the consumer who criticized kleargear.com has sued the company for harming her credit and trying to collect the $3,500 fee.

If a business sues a consumer for a negative review based on breach of its website’s terms of use, a court might void the language if it is unconscionable.  Standard consumer contracts printed in small type, that are not separately negotiated, generally will not be enforced because there is unequal bargaining power between the parties, which makes the contract unconscionable. However, this does not mean that every clause that waives the right to provide negative reviews is automatically unenforceable.  If these provisions are highlighted, specifically negotiated and supported by some unique consideration (such as a coupon for a free meal) a court might enforce them.  But how many businesses want to sue a customer?

Further, it’s very hard to strip a consumer of what many view as a fundamental First Amendment right to criticize.  Recently consumer groups have sought legislation that would prohibit businesses from stifling consumer reviews unless a consumer has expressly waived his or her right to give an opinion. Such legislation is pending in California.

So what is a business supposed to do about a false, negative review?  That depends on whether it can identify the negative reviewer and whether the review contains legally actionable statements. The First Amendment protects clear statements of opinion as long as the statement contains sufficient facts for a reader to know the basis for the opinion.  When an “opinion” implies the existence of undisclosed defamatory facts, it is actionable.  For instance, a review that contains hyperbolic, figurative language, such as “the place was a trainwreck” is generally viewed to be opinion and not defamatory if it explains why the reviewer came to that conclusion.  In contrast, reviews that contain provable false statements of fact may be actionable.  An example of this might be a review that states “the hotel lied about its cancellation policy,” when the cancellation policy is clearly disclosed in multiple places such as on its web-site, in confirmation letters and posted at the front desk.  In one recent case, Neumann v. Liles, the Oregon Court of Appeals allowed a defamation action to go forward against a wedding guest who posted a negative review on google.com about the wedding venue.  The Court found that the review contained factual statements that were wrong.  The Oregon Court found that the fact a plaintiff -business is public does not make the plaintiff a public figure, which makes it easier to prove defamation.  Otherwise if the plaintiff is a public figure the plaintiff must present evidence of actual malice, which means knowledge of falsity or reckless disregard of whether a statement is false.

This month a Lincoln City hotel owner took advantage of the Neumann ruling by suing an anonymous tripadvisor.com user that posted a negative review that stated, among other things, “the owner smokes weed” and the front desk attendant “had phone sex with someone.”  The Lincoln City hotel owner may have a hard time discovering the identity of the anonymous reviewer, however.  The First Amendment right to free speech includes the right to remain anonymous.  Website owners are extremely reluctant to cooperate in disclosing the identity of reviewers, if subpoenaed by a plaintiff in a defamation suit.  Any subpoena issued by a plaintiff’s attorney will likely be met with a motion to quash.  The right to remain anonymous is not absolute, however, and a business can succeed against a motion to quash, if it meets certain criteria that will vary from state to state.  For instance in Arizona, the plaintiff must show that (1) the anonymous speaker has been given adequate notice and a reasonable opportunity to respond to the subpoena; (2) the plaintiff’s cause of action could survive a motion for summary judgment for defamation on the elements of the claim, independent of the identity of the anonymous speaker; and (3) a balance of the parties’ competing interests favors disclosure, i.e. issuance of the subpoena to obtain the identity of the speaker.  Other jurisdictions, such as Washington D.C., require a plaintiff to prove that there is direct financial injury caused to the business by the alleged defamation.

While a business may be able to sue the reviewer it cannot sue Tripadvisor.com, and other sites such as Yelp. Congress enacted Section 230 of the Communications Decency Act that shields these from liability, as long as they are simply a platform for messages created by others.

Legal developments continue to swirl over the ying and yang of negative on-line reviews.  On the one hand, many businesses have a legitimate concern about stopping unfounded false, negative reviews that will harm their business.  On the other hand, consumers now view it as a God-given right to express their opinions about businesses in the many on-line forms that exist today.  So stay tuned for further developments.

Please contact me or Judy by email if you have any questions.

The Challenges that Hotel Brands Face in Paid Search

Posted in Hotels

I’m pleased to introduce guest author Sam Engel, from BrandVerity.  BrandVerity provides services that detect online brand and trademark abuse for a variety of industries including hospitality. Sam spoke recently to members of our Hospitality, Travel and Tourism team at our monthly meeting.  We’re grateful that Sam has offered to now share his experience and knowledge with our readers.  Welcome, Sam, and thank you for today’s post. – Greg

The Challenges that Hotel Brands Face in Paid Search

When you type the name of a hotel brand into a search engine, you’ll probably encounter a large number of text ads placed by online travel agencies (OTAs). Bidding and placing ads on variations of hotel brand names is a very common practice and has even led some in the hospitality industry to refer to it as a “war” between OTAs and hotels. Typically, those who support this viewpoint seem to frame it as a simple issue of direct bookings versus OTA bookings. While it’s certainly valuable for hotel brands to start thinking about it in those terms, there are some areas that this particular line of questioning still leaves uncovered. For example, why does the travel industry’s paid search landscape look like this in the first place? Furthermore, what other implications does this have for hotel brands?

In this post, I’d like to highlight some of the reasons that paid search is such a challenge for hotel brands—including the root causes that have led to the paid search struggle we have today, the broader implications of this struggle, and an idea for alleviating some of the industry’s conflict. Let’s start by exploring one of the reasons that we’ve arrived at this contentious relationship between hotels and OTAs:

1) It’s Easy for OTA Ads to Outnumber Your Brand’s Ads

In general, a hotel brand can only run a single paid search ad on a given search engine results page (SERP). This is because search engines have restrictions on “double-serving.” The engines’ rules prevent a single advertiser from having more than one ad appear on the SERP. This is typically enforced on the domain level. For example, only one ad leading to hilton.com would be allowed to appear—even if two separate AdWords accounts were trying to place two different ads for hilton.com.

While this restriction limits the brand’s prominence in paid search results, it enables OTAs to start to overwhelm the paid results. Individually, all the OTAs still have to follow the same rule. None of them can appear more than once. But in aggregate, they can really start to challenge the brand. Let’s say that five different OTAs are bidding on the same keyword as the brand. That leaves the brand significantly outnumbered with little recourse for pushing OTAs out of those spots. At BrandVerity, we’ve actually found this to be quite common in practice, too. In our recent report on hotels’ branded keywords, we found an average of nearly two OTA ads per branded SERP on Google and almost 5 per branded SERP on Bing.

2) The Search Engines Won’t Be the Middle Man

In the past, the search engines provided a pretty significant set of protections for trademark owners. In fact, they originally prevented any advertising on branded keywords.

That all changed long ago in the U.S. Today, anyone can bid on branded keywords. Furthermore, trademarked terms are up for grabs (and can be used by anyone in ad copy) unless a brand specifically opts out. When it comes to OTAs or other partners using trademarked terms, the engines distance themselves even further. Google and Bing are both very intentional about avoiding trademark disputes here. They each have language describing how “resellers” can use a brand’s trademark in their ad copy. This essentially places all the burden on the trademark owner to enforce their agreements with their partners. Brands can’t lean on Google or Bing for help—they have to go directly to the OTAs.

3) Hotels’ Contracts Can Quickly Become Outdated

One of the major reasons that OTAs initially had so much leeway in paid search is because it wasn’t in their agreements. It’s hard to write restrictions on something that doesn’t exist yet. So once Google AdWords came along, the OTAs had free reign to use the platform as they saw fit. Unfortunately for hotel brands, there wasn’t much recourse until the time came to renegotiate their contracts.

So, why does this still matter today? Haven’t nearly all hotel chains gotten past this and adjusted their OTA agreements accordingly? That may be true, but it’s important to remember that things can still change—just as they did when paid search first exploded onto the scene. Google is always experimenting with new ad formats, targeting options, and reporting tools. Not only is AdWords continually evolving, but there are all sorts of new marketing platforms being developed. To use another Google product as an example, the Google Hotel Finder made its debut only a few years ago. How many hotels have contracts with OTAs governing that channel?

Let’s assume that your contract specifies every single restriction down to a tee. That agreement is severely limited if you can’t identify violations and take action to remediate them. Unfortunately, paid search doesn’t lend itself to a quick ad-hoc review. It doesn’t offer the transparency of a billboard or a magazine ad. There are many variables affecting what you see when you try to investigate. The terms you search for, location you search from, time of day, and many other factors will impact what ads you see on the page. This can make it very difficult to be fully exhaustive in any compliance efforts.

4) Even with an Airtight Contract, Agreements Can Be Hard to Enforce

To further complicate the issue, many OTAs also have affiliate programs. Typically, they will have many affiliates in their program (often thousands). These affiliates are rewarded for the sales they refer to the OTA. This adds a layer of separation, and can make it very difficult to uphold your agreements. For example, let’s say an OTA’s affiliate is responsible for a violation of your agreement with the OTA. Will the OTA even be aware that the affiliate is responsible? If so, will they be able to rein in the rogue affiliate?

5) Will Increased Transparency Create More Trust?

One of the common grievances from hotel brands is that the OTAs are a bit of a black box. You know what bookings they generate for you, but you don’t have much insight about the pathway that the customer took to make that booking. This makes it very difficult to determine what credit belongs where—so it’s understandable that hotel brands might be slightly skeptical of their OTA partners. Which OTA bookings are truly incremental? In other words, which bookings did OTAs contribute that the brand would not have booked otherwise?

There are many variables involved in answering this question, and it may not be something that brands can fully answer. OTAs provide a lot of positives: access to a larger set of potential customers, websites that convert incredibly well, plus perks and guarantees that encourage undecided visitors to make bookings. There’s even the OTA billboard effect to consider, which may increase a hotel’s direct bookings outside of the OTA channel. But should all of these value-adds be bundled with the permission to bid on hotels’ brand terms? Should hotels be forced to buy the all-inclusive package?

It generally doesn’t make sense to order up an OTA’s services à la carte. One cannot simply ask for a booking here and a booking there, or to be featured on the OTA’s site with the caveat that customer ratings be excluded. OTA sites are a package deal. This may, in part, explain why OTAs have historically resisted making concessions with their paid search efforts. If paid search is just another part of the package, then why remove it?

Paid search is its own separate channel, and doesn’t have to be bundled. Unlike OTA sites, which are under direct OTA control and will most likely always be somewhat of a black box for hotels, paid search is a channel where brands can gain more visibility. Tools such as the AdWords Auction Insights report  are helping improve transparency, showing more of what’s happening under the hood. This is a good sign, because ultimately hotel brands and OTAs both stand to gain from it. Brands get the reassurance that OTAs’ interests are truly aligned with their own, and OTAs can reinforce the value they provide to brands. Furthermore, by increasing both sides’ mutual trust, the partnerships can be strengthened over time. Transparency may not solve all the issues, but hopefully we’ll see this trend continue—not just in paid search, but in other channels as well.

Chinese Investment in the U.S. Hotel Industry

Posted in Hotels

Today’s blog post was contributed by Garvey Schubert Barer’s D.C. attorney and China Practice ChairRichard Gluck, based on original research by GSB’s Yi Zhang. His extensive knowledge of international business and collaboration between the U.S. and China is a great resource to the firm. We’re grateful to have him as a new author to the Duff on Hospitality blog. – Greg

We have all seen the growth of Chinese investment in the U.S. hotel industry, but this is only the tip of the Chinese investment iceberg in acquiring U.S. management expertise and technology to fuel the growth of the hospitality and hotel industry in China itself.

With the robust growth of its national economy and an emerging tourism industry, China’s hotel sector has experienced rapid development in recent years. Economic growth in China has led to a significant increase in domestic travel for business and pleasure.  In 2013, with 2.3 million hotel rooms, China’s total income from the national tourism industry was over $305 billion, an increase of approximately 20% against the previous year. However, only 15% of Chinese hotels have a brand affiliation; the market is highly fragmented and has vast product discrepancies.

China has identified tourism as a core growth engine, and many provincial government authorities plan to promote tourism by encouraging direct investment in real estate and the tourism industry. Chinese government development policy controls the investment priorities within China.  According to the government’s current (12th) Five-Year Plan period (2010-2015), fostering China’s tourism industry is a strategic pillar for the country’s efforts to establish a satisfactory modern service industry.  The authorities in charge of tourism at all levels, including the national tourism industry, have been directed by the government to “optimize the development environment in an all-around manner, vigorously expand the development opportunities, and accelerate the transformation of the industry.”

This rather general statement of government policy can have far reaching consequences.  Consider these numbers:  By 2015, China’s domestic tourism population should reach 3.3 billion, the number of inbound overnight tourists should reach 66.3 million, and the number of outbound overnight tourists should reach 83.75 million. The annual increase of the number of direct employees in the tourism industry should reach 700,000 while the total direct employment in the tourism industry should reach 15 million by 2015. According to the China National Tourism Administration, about 200,000 additional accommodation properties are expected to be built by 2015. Formats such as time-shares and vacation rentals are also being considered as ways to help sell existing properties.

China is still a developing country.  This accounts for enormous growth and accelerating growth in the hotel and hospitality sector.  But sustaining that growth and ensuring quality requires China to obtain management and technology know-how from more developed economies. China’s domestic market could benefit from the knowledge, skills, and experience that are brought back from overseas investments. Thus, as both the Chinese central government and local governments develop their plans, they are focusing on differentiation, internationalization, high-end brands, and major impact.  They are welcoming foreign investment by experienced operators, and providing incentives for major hospitality players such as land-price discounts, cash or tax incentives, and priority approval processes.

Many of the investments made by Chinese companies in the U.S. hotel industry are designed to follow Chinese government policy that encourages “going out” by Chinese companies to “bring back” management expertise and best practices from world class operators outside of China to leapfrog the development process.

China’s mid-market is likely to be the most exciting space over the next few years. The mid-segment is currently under-represented from a brand and investment-grade product perspective.  But with rising incomes and a wealthier travelling middle class, dramatic growth is expected.  For example, March 13th’s Wall Street Journal reported on how Dalian, a northern Chinese port city on the Yellow Sea with a population of about 5.9 million, demands historic 17th- and 18th-century French architectural elements, including French carved stone details such as niches, balconies, and keystones, along with slate roofs.

Roughly 170 Chinese cities have more than one million residents, but only four cities – Shanghai, Beijing, Guangzhou and Shenzhen – are considered “first-tier” in terms of size and per capita GDP.  To be considered in the second tier, a city should have a population of at least three million and a minimum GDP equivalent to USD 2,000 per capita. By this definition, more than 60 Chinese cities are qualified as second tier.  According to figures from the U.S. Commercial Service, 14 of China’s second-tier cities account for 54 percent of the total imports from the U.S.  The hotel market potential in these cities vast and growing.

Are you someone who seeks to work with Chinese investors in the U.S. hotel industry, or looking to find investment opportunities in China? Let us know your thoughts and we would be happy to answer any questions. Please contact me or Greg Duff.