Header graphic for print

Duff on Hospitality Law

Washington State Liquor Control Board Rules Now Prohibit Marijuana Consumption in Liquor Licensed Premises: Implications for Licensed Hotel Properties

Posted in Cannabis, Garvey Schubert Barer, Hotel Guest Room Privacy, Hotels

Jared Van Kirk is a member of Garvey Schubert Barer’s Labor and Employment Group and a previous blog contributor.  Jared has been following how legalized recreational marijuana in Washington affects all employers and how the Washington State Liquor Control Board (WSLCB) will regulate marijuana consumption in premises holding liquor licenses, which will have a direct impact on the hospitality industry in Washington State. Jared is also a member of Garvey Schubert Barer’s Cannabis Industry Group and has been involved in opposing challenges to Washington’s recreational marijuana laws.  Thank you, Jared, for sharing this very important update. – Greg

Since Washington voters passed I-502 in 2012, there has been much discussion concerning how hoteliers should respond to guests who seek to use (or are caught using) marijuana on a hotel property, either in a public area or in a guest room. Could a hotel even promote itself as friendly to marijuana tourists?

Use of marijuana in view of the general public remains illegal under state law and Liquor Control Board regulations have long required liquor licensees to conduct their licensed premises in compliance with such state drug laws.  Allowing guests to smoke anything, including marijuana, in public spaces may also violate public smoking laws and smoke-free workplace laws.  So, it was fairly clear that guests could not use marijuana in the public areas of a hotel, and a hotel could not allow guests to use marijuana (smoked or otherwise) in any public place.  But that left open the question of whether a hotel could allow guests to use marijuana in smoking-friendly rooms, either explicitly or simply by taking no affirmative action against use of marijuana in guest rooms.

Amended Liquor Control Board rules that went into effect earlier this year appear to answer this question with respect to properties with hotel liquor licenses.  WAC 314-11-015 addresses the responsibilities of all liquor licensees, including hotel licensees.  The amendments state that licensees and their employees may not:

Engage in or permit any employee or other person to engage in the consumption of any type of marijuana, usable marijuana, or marijuana-infused products in a liquor licensed business, including outdoor service areas or any part of the property owned or controlled by the licensee.

or

Permit any person consuming, or who has consumed within the licensed premises, any type of marijuana, usable marijuana, or marijuana-infused products to remain on any part of the licensed premises.

Licensed premises” includes all areas under the legal control of the licensee and available to or used by customers, which would include guest rooms.

It is unclear whether the Liquor Control Board intended these amendments to require hotels with premises licenses to exclude marijuana use in guest rooms and require licensed hotels to remove patrons who have used marijuana in guest rooms. However, as written, the amended rule states that a hotel licensee may not permit any person to consume marijuana in any part of the property owned or controlled by the licensee nor remain on any part of the licensed premises after consuming marijuana on the licensed premises.  The letter of these rules require licensed hotels to prohibit use of marijuana in all areas of their property, including guest rooms, and to remove patrons who are found to have consumed marijuana on their property.

If you have any questions about the issues raised in Jared Van Kirk’s post, please contact us! Greg Duff or Jared Van Kirk.

“I know it when I see it”: Considerations for Soft Branding

Posted in Brands and Trademarks, Trade Dress Protections

What is soft branding?  Is it better to be a soft brand or a hard brand? Claire Hawkins, Chair of Garvey Schubert Barer’s Intellectual Property Practice and member of Garvey Schubert Barer’s Hospitality, Travel and Tourism Practice, gives serious consideration to the outer edges of soft branding and offers her insights on the intellectual property components hoteliers and restaurateurs need to consider.  Thank you for today’s post, Claire! – Greg  

 “I know it when I see it”: Considerations for Soft Branding

Independent hospitality businesses can benefit from the appeal of freedom, individuality, and uniqueness, but over time may also struggle with the lack of convenience and efficiency that established, consistent, and defined brands have. One-of-a-kind hotels, restaurants, or the like are great at capturing customers preferring “hidden gem,” “independent,” “boutique,” “local,” or “customized” venues, but by not going so far as to define the scope or consistent aspects of their brand, may not have the resources necessary to adequately protect the time and effort it took to develop and implement the unique aspects of the brand. A sign of success is surely competition, and it takes real cash and resources to stay ahead of trends. How then is it possible to have the flexibility of a unique and undefined brand, but also to prevent brand infringement and consumer confusion from copycats?

The décor or trademarks of major brands such as Marriott, Applebee’s, or even Motel 6 and Olive Garden are easy to define and identify. Recognition is one benefit of defined branding, along with the ability to set and meet customer expectations. The counterpart to these hard brands is of course the soft brand. Soft brands essentially define what a brand is supposed to do, rather than what elements make up that brand. Is it better to be a hard or a soft brand?  Hard brands have the perception of strength and solidity, and soft brands communicate of grace and fluidity. With either, consistency is key, but consistency is much harder to achieve with soft brands.

If it is at all possible, building a more defined brand portfolio is helpful when trying to keep hold of your good idea, and to stop others from appropriating efforts or styles you worked so hard to establish. One way to protect and be better able to police a brand is to have definitions, uniformity, and registrations.

Not just logos or words can be registered and protected with the US Trademark Office, but décor, product packaging, and color schemes as well in the category of “trade dress.” Trade dress protection is intended to protect consumers from packaging or appearance of products that are designed to imitate other products and to prevent a consumer from buying one product or service under the belief that it is another. For example, an arrangement of a children’s clothing line, the design of a magazine cover, the appearance and décor of a chain of restaurants, and a way of displaying wine bottles in a wine shop can all be protectable trade dress.

To register trade dress with the US Trademark Office, the trade dress must be defined and consistently used, but also be distinctive and not simply functional.  These requirements serve the purpose of trademark or trade dress protection generally, which is to allow customers to identify the source of a product or service by creating recognition in the consumer’s mind.

Given these seemingly strict requirements, before dismissing trade dress registration out-of-hand as to restrictive to your one-of-a-kind brand, consider whether you might still be able to meet the minimum threshold to register some aspects of your brand, which could go some distance to both building a portfolio of intellectual property assets that can be leveraged, but also allow you to stop infringers and copy-cats:

1.            The US Trademark Office requires a clear statement of the goods or services offered in connection with the trade dress, e.g., “retail store services featuring communication products and services,” “hotel and motel services,” “casino services,” “resort hotel, restaurant, bar, and lounge services,” or the like.

 2.            You must also submit an image and description of the trade dress to be protected:

 

           Color is not claimed as a feature of the mark. The mark consists of trade dress consisting of a three-dimensional building with concave facade, a curved roofline sweeping up toward the left top corner when viewed from the front and the word “WYNN” in a stylized script in the top left corner. The horizontal lining does not indicate color, but is a feature of the trade dress.

          Color is not claimed as a feature of the mark. The mark consists of trade dress of a hotel’s exterior. At one corner of the building is a tower featuring several windows beneath a ledge, above which is a pedestal featuring the stylized text “MOTEL 6″. The elements in the drawing shown in broken lines show the position of the mark as applied to the building in which the services are provided and are not claimed as features of the mark.

          The color(s) white, orange, gray, dark orange, and beige is/are claimed as a feature of the mark. The mark consists of trade dress consisting of the interior of a hotel room. The walls in the room are white except for two walls that are colored orange: the wall behind the combination TV stand/hanger rod and the wall behind the bed. The bed features a gray blanket with a dark orange sash. Above the bed are two white rectangular wall lights. On one side of the bed is a built-in luggage rack that spans the distance to the wall featuring the window and on the other side is a built-in nightstand that spans the distance to a beige seat, which conforms to the wall. The seat is immediately adjacent to a writing desk, beneath which is a four legged chair, and above which is a mirror with a small ledge beneath it and below a rectangular white light. At the far end of the room is a window covered by a dark orange curtain that matches the bed sash. The elements in the drawing shown in broken lines show the position of the mark as applied to the room in which the services are provided and are not claimed as features of the mark.

           The color(s) green is/are claimed as a feature of the mark. The mark consists of a three-dimensional trade dress depicting two exterior doors. Each door has a green frame, a green bottom portion, and a glass panel in the upper portion. The wording “ROCCO’S TACOS AND TEQUILA BAR” appears on the glass panel. Door elements shown in dashed lines are not part of the mark. The colors black and white represent background, outlining, shading and/or transparent areas and are not part of the mark.

          The color(s) blue and white is/are claimed as a feature of the mark. The trade dress consists of repetitive wording in blue on a white box, the wording consists of the following, all in blue and in no particular order; hot burgers, pop, cool and frosty soda, luscious frosty soda, creamy shakes, luscious mouth watering warm buns, firm fries, warm buns. The words POP BURGER are in blue and appear at the center of the top of the box, which logo consists of the word POP with the image of a burger in place of the letter O, and the word BURGER written across the patty of the burger.

 

3.            To secure US registration of trade dress you must submit a date of first use and to maintain the registration, consistently use the mark as shown on the registration.

The benefits of federal registration include formal, public notice of your claim of ownership of the trade dress; a legal presumption of your ownership of the trade dress and your exclusive right to use the trade dress nationwide on or in connection with the goods/services listed in the registration; the ability to bring an action concerning the trade dress in federal court; the use of the U.S. registration as a basis to obtain registration in foreign countries; the ability to more easily stop competitors from engaging in behavior that is likely to cause consumer confusion; and the inclusion of the asset in your intellectual property portfolio.

If a definitive brand is not your thing, here are some additional options to help protect your investment in a soft brand:

  Agreements – consider non-compete language in agreements with employees, franchisees, licensees, and the like with respect to specific or general brand aspects.

  Remaining fluid – put time and energy into staying ahead of the trends to minimize mimicking, and be willing to jettison aspects that become trendy or are appropriated by others.

  Distinguish yourself – stay aware of competitors or similar businesses and avoid any similarities so that any copying of your own style is easily identified.

  Selective registration – choose one aspect in a softer brand that is key, use it consistently, and obtain registration for that aspect.

It is a great time to be an independent business in the hospitality industry, but be aware of both the limitations of an intentionally un-defined brand and the benefits of identifying, registering, or otherwise adding some protection to the business you are building.

If you have any questions about brand or trade dress protection, please feel free to contact me directly chawkins@gsblaw.com.

 

Photo credits:  images are from the US Trademark Office’s website and are used as examples of successful trade dress registrations.

On the road – highlights from 2014 PhoCusWright Conference in Los Angeles, CA

Posted in Conference Notes, Hotels

This week finds me at LA Live in downtown Los Angeles attending this year’s PhoCusWright Conference.  Those in the hotel industry know LA live well – for the past few years the JW Marriott at LA Live has served as the host hotel for the industry’s annual ALIS Conference. While ALIS is known for bringing together the hotel industry’s best and brightest, I would submit that the 1600 plus attendees (from 40 plus countries) at this year’s PhocusWright represent the future of travel and the hotel industry.

The first day of the Conference featured no less than 32 companies (of varying size and age) presenting their newest travel innovations. I sat through many of these presentations, which provided me an incredible look into the future of travel, distribution, the use of travel data and content and other travel innovations.  Some key takeaways . . .

- Web transparency (and its many effects) continues – a number of the presentations featured functionality allowing travelers to hold or book a specific rate and then cancel that booking and book at a new, lower rate in the days, weeks or months prior to arrival.

- Content is king – studies of travelers continue to show the value and influence if relevant, superior content – a number of the innovations presented either promoted their content (or access to third party content) or their ability to curate or organize content in a way no one else can (debatable)

- Cloud computing is ubiquitous – if you are in the computing world, you’ve known this for years.

- The travel experience – from the top of the travel “funnel” through the trip itself is becoming more segmented and bifurcated every day – no wonder hoteliers struggle to get theirs arms around and control guests’ experiences – from inspirational searches, to pre-arrival communications and up-sells, to in-destination marketing, to post-stay feedback and evaluation – there are increasing numbers of industry participants that wish to control the guest’s experience.

- Focus on ancillary services continues to grow. Innovators are looking beyond the large air and hotel components of travel to smaller, more fragmented ancillary services and products – rental cars, public transportation, restaurants and travel insurance.

The second day of the Conference featured a number of interesting substantive presentations leading up the afternoon’s “keynote” addresses by Cvent, Ctrip, Homeaway and Expedia.  Similar presentations are scheduled for the third and final day.

Look for my  post-Conference blog post later this week!

The Use (Abuse) of Branded Keywords in Paid Search

Posted in Brands and Trademarks

Our friends (and former contributors) at Seattle-based BrandVerity have produced another detailed study on third parties’ use (and dare I say, abuse) of popular brand terms in paid search advertising.  Many of you have experienced these abuses (and the associated frustration) yourselves.  Now details about these abuses (and the supporting metrics) are in one comprehensive report.  The report is available for download today at https://www.brandverity.com/state-of-branded-keywords-paid-search-q3-2014/

Keep BrandVerity and this report in mind next time you negotiate a distribution agreement or, once the agreement is finalized, you wish to keep your distribution channels honest.

 

 

 

Brand Protection in the Era of Exploding Domains

Posted in Brands and Trademarks, Web Domains

Since 2013 the number and type of web domains has exploded and is having a major impact on brands. Ruth Walters has been watching this new era of growth and can share her insights on brand protection. Ruth focuses on hospitality operations and general intellectual property and technology transactions. Thank you for today’s post, Ruth!  -Greg

 Back in the olden days of last year, there was no particular reason for hospitality industry members to be particularly interested in the administration of the Internet unless you were curious. Now, it benefits every brand owner to understand and pay attention to the basics of how new domain names come into being, who selects them and how they become public. Beginning in late 2013 and early 2014, the number and type of domains has exploded, providing brand owners both the opportunity to expand and strengthen their on-line presence and to expand the number of potential infringing domains there are to worry about. Much of the domain name process operates outside the awareness of many brand holders, and many have been caught unaware.

The Internet is administered by a non-profit corporation called the Internet Corporation for Net Names and Numbers (ICANN). It is this entity that decides, among other things, what letter strings go after the dot. Beginning in 2012, ICANN began its New Generic Top-Level Domains Program to “increase competition and choice in the domain name space.” ICANN accepts applications for new letter strings and then evaluates them and delegates them to the applicant registry (not registrar, which is the entity in this process most familiar to brand owners and the public—like Register.com, GoDaddy, or Network Solutions).  Eventually, the registry works with ICANN-approved registrars and the new strings are available to the public for registration.

Some terminology: the letter strings after the dot are called top-level domains (TLDs) and are divided into two main categories—generic top-level domains (gTLDs) and country-code top level domains (ccTLDs). gTLDs are further divided into two sub-categories “unsponsored” gTLDs (uTLDs) which anyone can register (like .com, .net, .biz and .info) and sponsored gTLDs (sTLDs) which can only be registered by members of a “sponsored community” (like .gov, .edu, .aero)

The huge push in adding TLDs in the last year or so has focused on gTLDs and the addition of a third category of domains, the Internationalized Domain Name (IDNs) which allow TLDs in characters that are not US-ASCII, such as Chinese, Arabic or Cyrillic. These may be representations of existing TLDs, like .com, in the applicable characters or new TLDs or both.

Any brand owner can see the potential problems here. The number of TLDs to worry about has gone from a handful to, over the next few years, possibly more than 1300. That makes more than 1300 opportunities for a cybersquatter to register [your brand] in connection with a new domain and possibly several opportunities missed to register useful new TLDs, such as .review, .hotel, .restaurant or, depending on how you feel about things, .wtf. There is also the possibility that the new TLD itself may infringe a trademark, and ICANN has accounted for that possibility in its review and the provision of a post-delegation dispute resolution process.

Trademark Clearinghouse

The more likely scenario is that the second-level domain (the bit right before the dot) will be the infringing piece. ICANN has responded to the significant concerns of brand owners in this regard by introducing a new rights policing mechanism called the Trademark Clearinghouse, participation in which is mandatory for all new gTLD registries. Rather than requiring brand owners to rely on the Uniform Domain Name Dispute Resolution Policy process, requiring brand owners to proceed only after a potential infringing name is registered, the Clearinghouse allows for some pre-registration enforcement. Successful registration of valid trademarks with the Clearinghouse permits those trademark owners—for a fee, of course—to:

  •  Apply before the general public for the domain names in which the second-level domains; and
  •  Receive notice of any third-party registrations for domain names containing an exact match to the registered mark(s) for as long as the records are maintained at the Clearinghouse. The potential registrant of an infringing domain name also receives a warning when attempting to register a domain name during the 90 days after the close of the sunrise period, which is called the “Trademark Claim” period.

Registering with the Clearinghouse, if possible, has obvious benefits. In addition, brand owners can track the opening and closing of sunrise periods on both the Clearinghouse and ICANN websites (ICANN’s site includes sunrise periods out into 2015; the Clearinghouse site is more limited).

Blocking Mechanisms

The Clearinghouse in turn works with a variety of registrars who provide what are called “blocking mechanisms” for the new gTLDs. In very brief, the owner of a trademark registered at the Clearinghouse can purchase blocking services to block third-party registrations of domain names containing that trademark (and, possibly, similar marks) without having to go to the trouble of defensively registering [your brand].[gTLD] 70 or 80 times.

Uniform Rapid Suspension System

If  blocking, defensive registration and notification still don’t work (which is entirely possible, given the nature of the Internet) ICANN has also instituted the URS which creates a more streamlined process for shutting down infringing domain names than even the UDRP provides.

As we have written before in many circumstances, the Internet is a tough place for brand owners and, in some ways, it has gotten tougher. Fortunately, there are mechanisms that exist to help brand owners keep control of their good names on the Internet and also to explore new opportunities for expanding their on-line presences.

HOSPITALITY INDUSTRY RISKS: DATA PRIVACY AND SECURITY

Posted in Data Privacy, Hotels

I’m pleased to introduce guest author, Nick Montera, Vice President, Account Executive and head of the hospitality practice at Parker, Smith & Feek.  PS&F is an insurance and risk management brokerage firm headquartered in Bellevue, Washington, providing innovative insurance solutions to clients nationwide.  We appreciate Nick sharing his expertise and insights on this important and timely subject.  - Roger Hillman

HOSPITALITY INDUSTRY RISKS: DATA PRIVACY AND SECURITY

Most hospitality businesses allocate time and capital to efficiently collect and process data in order to improve sales, customer service and loyalty, and operations efficiency. Technological advances have made it easier to manage a wide range of information about customers, vendors, and employees. Virtually all businesses that use computer systems are to some extent vulnerable to costly exposures associated with system breaches.

Hotels and restaurants are no exception and, in fact, have much higher levels of exposure because they collect vast amounts of private data from customers as a part of their day-to-day operations through credit card transactions, online reservations, and rewards programs. Private data may be both personal (names, physical addresses, email addresses, social security numbers) and financial (credit card and banking). While technology helps your business run more efficiently, it also increases your risk for data privacy and security breaches, as well your liability to affected customers. Unfortunately, many hospitality companies have not upgraded their risk management plans to address the inherent exposures associated with today’s sophisticated data management. A breach can severely impact the financial stability and continuing success of a company, and so it’s important to understand the risks associated with data breaches and to develop plans to mitigate them.

Hospitality: A Targeted Industry

According to Nicholas J. Percoco, hospitality businesses often proves to be an easy target for criminals who are looking for high transaction volume, a large database of customer records, and low barriers to entry. In fact, organizations analyzing data breach trends consistently cite hospitality as the single most vulnerable industry:

Percoco, head of Trustwave Spider Labs, believes that the criminal element targets the food and beverage industry because of high transaction volume, which makes it possible to turn criminal activities into money very quickly. Trustwave Spider Labs found that food and beverage companies not only have systems that are vulnerable to infiltration, but often fail to detect a breach until long after it has occurred. Their study revealed that criminals stay undetected in a breached food and beverage system for an average of 173.5 days. The combination of high transaction volume and undetected breach time can prove devastating to a business.

A common misconception is that only large organizations need to worry about protecting against data breaches. In Verizon’s 2012 Report, two-thirds of the 855 investigated incidents occurred at businesses with 11 to 100 employees, a common size for many hospitality enterprises. However, no hospitality company is immune. Smaller, independent enterprises are vulnerable because they are small and may have systems that are easily breached. On the other hand, franchise operations often share a regional, national, or international data system that, once breached, can affect all or most of the individual franchisees.

Most businesses today have data privacy and security exposures, which may include 1) a presence on the Internet, 2) data on servers connected to the Internet, 3) file maintenance that contains personal and/or financial information, and 4) transmission, storage, or processing of data such as credit card payments. Businesses in the hospitality industry need to be particularly cognizant of these exposures. It is important to develop programs to reduce the possibility of a breach and take steps to mitigate the impact of a breach before one occurs.

Costs of a Data Breach

A company that experiences a breach can incur a range of costs that quickly add up to a substantial loss. When private data is compromised, your expenses could include notification and claims processing, credit monitoring services for affected individuals (to lessen the potential for civil suits), and employment of a public relations team (to assist with damage control and preservation of your reputation). There may be additional costs associated with finding and fixing the root cause of the breach, and recovery of lost data. Finally, you may have liability claims for failure to have reasonable safeguards in place to protect personal and financial data.

In the event of a breach, you are responsible for notifying the affected individuals. In fact, 46 states have enacted broad privacy laws pertaining to notification whenever personal or financial information might have been compromised, lost, or stolen. Furthermore, if private data of individuals from other states is affected, you must comply with each applicable state’s laws. For those in the hospitality industry, compliance can be costly and time consuming because it entails research into the privacy laws of the state of residency for every potential affected customer. Since many hotels and restaurants depend upon customers from all over the United States (as well as other countries), notification requirements and the related costs are of particular importance. The possibility of regulatory violations and fines can be drastically reduced if you have an adequate plan in place ahead of time.

Estimates of the average incurred cost for a breach vary between the studies, but one thing is evident: it’s expensive. According to the Ponemon Institute’s 2011 report, the average cost of a data breach in 2009 was $6.75 million per incident and $204 per individual record. The immediate financial cost of a data breach is only part of the story. It can cause a loss of customer trust and a tarnished reputation, which can be extremely difficult and expensive to rehabilitate. This is especially true for hotels and restaurants, which usually have high public profiles.

Data Security and Risk Management Basics

There is no doubt that the risks associated with data retention and transfer are real and significant. For a hospitality organization, it is of paramount importance to identify areas of exposure and develop adequate risk management programs that address data privacy and security. To help you get started, here is a list of questions (from Cyber insurance specialist Swett & Crawford) with my added commentary:

  • Is the corporation aware of all applicable state and federal privacy laws and notification requirements pertaining to customer data?
    • Due to the wide geographic dispersion of your clients, it is best to do this research upfront. If a breach occurs, you may not have adequate time to research and comply with state laws, which may be time sensitive. Missed deadlines could lead to costly regulatory fines and penalties.
    • Make sure that your organization is compliant with The Payment Card Industry Data Security Standards (PCI DSS) and any other standards that apply to your organization. Helpful information on PCI DSS can be found here.
  • Is any personal identifiable information (PII) or client confidential information stored on computers or in paper files on premises? If so, where specifically is the data stored, how is it secured, who has access and how many PII data files are there?
    • PII is often defined as unique information that can be used to identify, contact or locate a single person. In Washington state, PII is defined as an individual’s first name (or initial) and last name combined with one of the following: social security number, bank account number, credit or debit card number (including security code access code or password), driver’s license number, or a Washington identification card number.
    • Track personal data throughout your entire information infrastructure and identify all parties that have access to this data. Conduct an audit that gauges employee access to and use of personal data.
    • Make information security a written workplace policy.
  • Are all of the companies laptops encrypted? Are portable media devices like thumb drives prohibited or at lease encrypted?
    • Devices such as laptops, smart phones, external hard drives and flash drives all present possible data security threats if lost, stolen, or hacked. While most people assume that system hackers are the greatest threat, recent studies show that lost or stolen portable devices are the most common cause of data breaches.
  • Has the company implemented strong internal password controls and training to all employees?
    • Make sure passwords are strong. It is also a good practice to reset passwords periodically—90 days is a good timeline—and never duplicate passwords. It’s also a good idea to reset default passwords.
  • Are the company’s firewalls current and all security patches regularly updated?
    • A firewall can be the best defense when trying to isolate and contain breaches. Despite the expense, it is beneficial to invest in a robust set of firewalls that require user authentication.
  • Does the company outsource any services to third party vendors that may involve a client’s information? If so, do these vendors provide hold harmless and indemnification agreements with regards to any data breach involving personal identifiable information?
    • It’s a common misconception that outsourcing automatically transfers liability for data breaches to the vendor. It is vital that you have favorable hold harmless agreements and indemnification provisions in place with vendors, but even with these agreements in place, data owners can still be held responsible for compromised information.
  • Does the company have in force a detailed plan in case of a data breach?
    • In addition to developing and implementing a risk management program for data breach, risk transfer via insurance can be a cost effective risk management mechanism.

Data Breach Insurance Coverage Basics

Over 30 insurance carriers provide coverage that is tailored to specifically address exposures related to data breach. Naming conventions vary by insurance carrier, but some of the more common ones are Data Security, Data and Privacy, Cyber Liability, and Data Breach insurance. Coverage may be written on a standalone basis or combined with your Professional Liability or Media policy.

A properly structured policy will provide both first and third party coverage. First party coverage pays for direct losses incurred as a result of a breach including (but not necessarily limited to) notification costs, recovery of lost and destroyed data, forensic investigation expenses, credit monitoring and call center services for affected customers, business interruption losses, extortion demands, and public relations expenses. Third-party coverage protects companies from liability suits filed by individual customers, credit card companies, regulators, and various other third parties. Coverage should extend to defense costs as well as damages. Depending upon the carrier and insurability from a legal standpoint, it may also cover regulatory defense, fines, and penalties.

As a hospitality business, your financial stability and continuing success depend upon a proactive approach to data security risk management. Lax security practices or a security gap could result in a breach that encompasses massive amounts of stolen data, creating financial loss for your customers, vendors, and employees, as well as your business. It’s important to do all that you can to protect yourself from a breach. It’s equally important to devise a solid risk management plan, including insurance coverage, to mitigate the severity of loss when one occurs. If you have not yet done so, consult with your insurance professional about your data exposure and risk management solutions.

By Nick Montera, Vice President, Account Executive and head of the hospitality practice at Parker, Smith & Feek

 

There Is Such a Thing as a (Tax-) Free Lunch—Washington’s Department of Revenue Agrees

Posted in Hotels, Tax

Today’s post is co-authored by two of my colleagues in our state and local tax practice group, Michelle DeLappe and Miriam Woods.

It is not every day that Washington’s Department of Revenue issues a determination in which the taxpayer wins. In fact, it is a rare occasion when the Department decides that it was wrong; it is perhaps even rarer for it to publish that it was wrong. Happily, one of these rare occasions recently touched the hospitality industry—specifically, the very hospitable practice of giving free meals to guests.

The taxpayer in question is an extended-stay hotel that provides guests free breakfasts and dinners during their stay. The hotel does not have a restaurant and does not serve meals to the public. The Department audited the hotel and assessed it use tax on the food and beverages used in the meals based on the argument that the hotel uses them in their business.

Washington imposes sales tax on tangible property that a business uses. For hotels, this includes furnishings and amenities provided for guests’ use; hotels even have to pay sales tax on those little bottles of shampoo because they are deemed to have “used” them by simply placing them in the guests’ rooms. And in Washington, as in most other places with a sales tax, if you use something and don’t pay sales tax on it, then you still owe tax: hence, the “use tax.”

Here, when the taxpayer bought food ingredients and beverages, it paid no sales tax. The Department’s auditor, however, argued that the taxpayer was using the food and beverages just as it uses the little bottles of shampoo—even more so because it manipulates the ingredients into meals in the hotel kitchen. The Appeals Division disagreed based on Washington’s sales and use tax exemptions for food and food ingredients and for certain beverages.

So here’s the lesson for hotels and restaurants: if you are providing complimentary food, even prepared meals, you do not need to pay sales or use tax on the food or food ingredients or on exempt beverages. Note that sales or use tax apply to alcoholic beverages and soft drinks, though. There’s still no such thing as a tax-free glass of wine!

Kudos to the Department of Revenue for recognizing the error and publishing a taxpayer-friendly decision that provides helpful guidance.

For more information, the tax determination is available here.   If you have any questions, please feel free to contact me or Michelle or Miriam directly.

Don’t Jam Your Customers’ Mobile Hot Spots!

Posted in Hotels, Wi-Fi hotspots

Marriott International, Inc. found out the expensive way that it should not disable customers’ mobile hotspots.  It entered a Consent Decree with the Federal Communications Commission (“FCC”) in which it agreed to pay $600,000 to the U.S. Treasury.

A number of mobile devices, such as smart phones, can serve as a wireless access point to the Internet, sometimes called Wi-Fi hot spots.  Consumers use these devices to connect their laptops to the Internet through their smart phones. Marriott employees at Gaylord Opryland, which Marriott manages, were using Wi-Fi monitoring systems with containment features to de-authenticate guest-created Wi-Fi hotspots in their conference facilities, ballrooms, guest rooms or public areas. Meanwhile, Marriott had been charging conference exhibitors and attendees from $250 to $1000 per device to use the Gaylord Wi-Fi service in its conference facilities.

An individual complained to the FCC that he could not use his mobile hotspot in the convention space at a function at Gaylord Opryland. The FCC investigated Marriott’s compliance with Section 333 of the Communications Act, which prohibits any person from interfering with any radio communications equipment licensed or authorized by the Communications Act. To resolve that investigation, Marriott agreed to enter into a Consent Decree with the FCC requiring Marriott to pay the U.S. Treasury $600,000 and to file compliance reports for the next three years. A copy of the Order and Consent Decree is available here.

Marriott has since instructed the properties under its management to cease using containment equipment in any way to block consumer’s mobile hotspots. More information about impermissible Wi-Fi blocking practices is at www.fcc.gov/jammers.

Guest Room Privacy and the Fourth Amendment

Posted in Hotel Guest Room Privacy, Hotels

Hotels are faced with a delicate balancing act when it comes to maintaining guest privacy.  Hotel staff must comply with police investigations when noncompliance would constitute obstruction of justice.  At the same time, hotel employees must recognize their guests’ Fourth Amendment right to be protected from unreasonable searches and seizures.  If hotel employees comply with an unreasonable search or seizure that results in harm to the guest, the hotel could find itself exposed to civil liability.

Courts have recognized that the Fourth Amendment protection from unreasonable searches and seizures applies to searches and seizures in hotel and motel rooms.  Certain exceptions allow for warrantless searches and seizures, including consent.  In broad terms, the consent exception means that a party’s agreement, actual or implied to a search and/or seizure renders a warrant unnecessary.

In general, during a guest’s stay at the hotel, only the guest may consent to a search of his or her room.  While hotel staff members may access the room for cleaning and maintenance during the guest’s stay, they are not authorized to allow police to enter the room.  Thus, during a guest’s tenancy at the hotel, employees should not allow police to enter the guest’s room without a search warrant.

Fourth Amendment protections do not apply after a guest’s tenancy expires, at which point those employees with proper authorization from the hotel may aid the police and consent to a search of the room.  While this seems like a straightforward principle, it is not always clear when a tenancy actually expires for the purposes of the Fourth Amendment.  When faced with this lack of clarity, hotels can take certain actions to ensure careful compliance with the Fourth Amendment by issuing and consistently following policies regarding (a) guest checkout and (b) eviction of guests.

 I. Checkout Policy and Procedure

A guest’s Fourth Amendment rights expire once the checkout time has passed. However, this may be modified by the hotel’s practices and guest communications.  Consequently, hotel policies and practices may extend Fourth Amendment protections past the guest’s pre-arranged checkout time. For example, if a hotel gives a guest permission to stay until a later checkout time or has a practice of acquiescing when a guest stays past the posted checkout time, Fourth Amendment protections last until that later check-out time.  Courts have found that after a hotel provided specific guests with such an allowance, those guests “reasonably believed that the hotels would allow them to do so again, permitting them to retain a privacy interest in their rooms.”  Courts realize that most hotels have a pattern or practice of allowing guests some leeway regarding the checkout time.

Each Fourth Amendment inquiry concerning guests checking out of hotels hinges on the specific facts of the case.  A hotel that has a clear checkout policy and consistent procedures will provide both staff and guests with certainty as to when a guest’s Fourth Amendment protections have expired.

Fourth Amendment protections depend on the guest’s reasonable expectation of privacy in his or her room, meaning that hotels must state their checkout policies in a manner that would not confuse a reasonable person.  An effective communication policy and procedure could involve a notification about the checkout time to the guest upon check-in, the issuance of a reminder to the guest several hours before checkout, and the posting of the checkout time in each room.  Further measures may include contacting the guest in the event that checkout time has passed.  In these ways, a hotel can unequivocally state that a guest’s tenancy and accompanying Fourth Amendment protections expire at a certain time.

A hotel should do its best to be consistent in communicating and enforcing its checkout policy.  In the absence of consistency, guests might be considered reasonable in expecting their Fourth Amendment rights to extend beyond checkout time.  If a hotel wants to retain the option to make exceptions to its general checkout time, it should provide a system for staff members to record these extensions so that they know whether or not each guest is protected by the Fourth Amendment.

II. Eviction Policy and Procedure

A justifiable ejection will also extinguish a guest’s Fourth Amendment protections.  A guest’s tenancy expires after the hotel has identified grounds for eviction and taken affirmative steps to repossess the room.

Examples of what courts have found to be valid grounds for eviction include:

  •  Raucous behavior.
  • Illegal activity, including storing illegal drugs.
  • Failure to pay for the hotel room.
  • Intoxication, disorderly conduct, and carrying a gun in the hotel.
  • Odors of marijuana (except in those states that have now legalized recreational use) and complaints of loud noise.

The hotel must then act to take back possession of the room, which ends the guest’s expectation of privacy.  The Fourth Amendment continues to protect a guest until the hotel staff takes action to commence eviction.  The following actions have been identified as sufficient to constitute the commencement of eviction, and thus the extinguishment of Fourth Amendment protections:

  •  Locking the guest out of his room, as long as it is for the purpose of eviction.
  •  Contacting the police for their assistance in physically evicting the defendant.
  • Removal of the guest’s belongings from the room, a note left on the door informing the guest that he/ she had been evicted, the hotel staff telling the guest that he/she was evicted, or some combination of the above.

In order to create and follow an eviction policy that promotes compliance with the Fourth Amendment, a hotel should identify behaviors that justify eviction.  This requires consultation of the law, including any statutes that govern hotel policies.  The hotel should then train its staff to recognize and respond to behavior that triggers eviction.  A hotel should also provide guests with its eviction policy or communicate in some way the types of behavior that could trigger an eviction.  Finally, in the event of an eviction, the hotel must take steps to communicate to the guest that he or she is being evicted.  If the hotel has created any doubt or confusion as to whether the behavior under consideration triggers eviction, or does not clearly communicate that the guest is being evicted, Fourth Amendment protections may continue to apply. Therefore, as with the suggestions for checkout procedures discussed above, consistency and clarity will help to ensure a situation in which hotel employees and guests know when the Fourth Amendment no longer applies to protect guests.

In general, hotel staff should not allow police to enter a guest’s room without a warrant.  However, if the guest’s tenancy has expired because the checkout time has passed or the guest has been evicted, hotel staff may provide consent for a police search.  Hotels should implement polices and procedures that allow guests and staff to know, with certainty, the circumstances under which a guest’s tenancy expires.

What is “Suitable Seating” and How Does It Affect My Business?

Posted in Employment Law, Food and Beverage, Hotels

California employers are currently scratching their heads over how to interpret “suitable seating” that is required under California Wage Orders.  Nancy Cooper, member of our Labor and Employment Group and Hospitality, Travel and Tourism practice team, discusses how that term is defined will affect your business.  Thank you for today’s post, Nancy! – Greg

Section 1198 of the Labor Code of California states that the “employment of any employee for longer hours than those fixed by the order or under conditions of labor prohibited by the order is unlawful.

References to the “order” refer to California Wage Orders, which are issued from time to time by the California Industrial Welfare Commission and establish wages and working conditions for a number of industries within California. Section 14 of the majority of the California Wage Orders say that an employer must provide “all working employees” with “suitable seats when the nature of the work reasonably permits the use of seats.” What each Wage Order does not say is what this means.

Even though these Wage Orders have been around for decades, they are only now the focus of many lawsuits.  So why now?  Well, that is also hard to answer.  These laws were originally focused on allowing employees who worked on certain equipment or in other jobs that were essentially stationary to sit down as they performed their work.  There used to be many more “suitable seating” laws across the nation.  They appear to have originated in the 1950s and were focused on the increasing number of females in the workplace.  They have either remained on the books (though neutralized to be gender neutral) or taken off the books altogether.  The California laws came to life with the passage of the Private Attorney General Act (PAGA).  Under PAGA (which was deemed to apply to the suitable seating laws) an employee can seek up to a year of civil penalties and attorney fees, including a civil penalty of $100 for each aggrieved employee per pay period for the initial violation and $200 for each aggrieved employee per pay period for each subsequent violation.  So, now there is real money tied to the law.  Where there is real money – lawyers will follow.

Two of the more notable suits involving suitable seating are class actions that are currently on appeal with the Ninth Circuit Court of Appeals.  As the Ninth Circuit was trying to interpret the law and make a ruling in these cases, the Court discovered that there was not clear interpretation of the law in California state court.  There was not sufficient guidance from state courts to inform the Ninth Circuit what was intended under the law.  Thus, the Ninth Circuit said that rather than substitute its own judgment in the interpretation of California law, it asked the Supreme Court of California to clarify three specific questions.

They first asked the California Supreme Court to clarify whether the term “nature of the work” refers to individual tasks that an employee performs during the day, or whether it should be read “holistically” to cover a full range of duties.  As a sub-part to this question, if the courts should construe the “nature of the work” requirement holistically, should they then consider the entire range of an employee’s duties if more than half of the employee’s time is spent performing tasks that reasonably allow the use of a seat?

The second question the California Supreme Court was been asked to clarify is whether an employer’s business judgment should be considered in determining whether the nature of the work “reasonably permits” the use of a seat, as well as the physical layout of the workplace and the employee’s physical characteristics.

The third and final question posed to the California Supreme Court was to clarify whether the employee must prove what would constitute a “suitable seat” in order to prevail.

So, what does this mean to the California hospitality industry?  It could change the way in which operations are designed and how job expectations are defined.  What if a sous chef wants a stool as he does prep work?  Can the kitchen design handle the arrangement?  How does that reconcile with the hazards of the kitchen workplace?  Can it be set up in the often narrow passage ways of the kitchen?

How does the hostess position effectively use a seat and still present a welcoming atmosphere to the clientele?  What about the wait staff?  If they are given a seated area for use when the floor is not busy – what happens if someone is sitting down when they really should be tending to tables or cleaning the stations?

What about the reception desks at hotels and the spas?  Do they give the same image if they are sitting down – even if on a high stool?  More importantly, do you now have to change the lay-out of the reception area?  Is there enough room for the employees to be seated or use a stool?  Is a stool even considered “suitable seating”?

If a job or worksite has been modified as an accommodation to an individual in a wheelchair, does that mean that it is now considered to be a job that automatically can be performed when seated – even when it historically has not been?

It is not known when the California Supreme Court will provide answers to the questions posed by the Ninth Circuit.  Any guidance offered by the Court will still be open to interpretation and lead to more suits.  The answers will not be specific to any given industry.  The Court is unlikely to provide guidance on the interplay with other laws (e.g. workplace safety, OSHA, etc.) as well as define who has the burden to prove the violations exist and that the solutions are or are not reasonable.

Some of the early California cases regarding suitable seating suggest that there may be some considerations available to employers.  If a company can demonstrate that there is a genuine customer-service rationale for requiring the employees to stand, the company may have an argument.  Depending on the nature of the service provided by the employee, it is acceptable for a Company right to be concerned with efficiency – and the appearance of efficiency – of the delivered service.  These early cases have expressed concern not only about safety, but also about the employee’s ability to project a “ready-to-assist attitude” to the clientele.  It is not clear that these arguments will survive the California Supreme Court’s analysis.  It is anticipated that the answers will only create more questions, so it is well advised to start looking at your facilities as well as your job descriptions now so you can be prepared to take steps to not become the next lawsuit target.