In the increasingly digitized
21st century, electronic personal privacy is a real and
growing concern for meeting planners, attendees and even hoteliers.
Identity theft is a significant danger at lodging establishments,
which routinely request, transfer and store sensitive data
pertaining to guests and groups. In 2006, it is nearly impossible
to do business with a hotel that uses computerized reservation
systems, websites, electronic key cards and e-mail without
electronically providing extensive personal information.
For meeting planners, it’s important to
take responsibility for protecting attendees. “Planners have to
know they are the guardians of that information,” says Jeff Rasco,
CMP, president of Wimberley, Texas-based Attendee Management Inc.,
an online registration service. “It really is a sacred trust. If
the wrong people get hold of that information, you could have
thousands of individuals at stake.”
Furthermore, planners themselves could
be open to lawsuits should they fail to take basic steps to
safeguard attendees’ personal data. “Everyone these days is very
litigious. A planner could be sued for not doing due diligence,”
says Diana S. Barber, Esq., professor of hospitality law at Georgia
State University and an attorney with Barber Law Associates in
Suwanee, Ga. “If a planner has discovered something and didn’t tell
the client, the client may have a claim of action against the
planner. It may not be successful, but it could cost a ton of money
to defend.”
With so much on the line, how can
planners most effectively protect sensitive electronic personal
information when working with hotels? M&C went to
knowledgeable insiders for advice.
Information please
Hotels do not shy away from requesting a raft of personal
data when fulfilling reservation requests, registering guests,
processing program memberships and even conducting regular
communications.
For instance, according to its website,
White Plains, N.Y.-based Starwood Hotels & Resorts Worldwide
Inc. collects personally identifiable information that “may include
your name, home, work and e-mail addresses, telephone and fax
numbers, credit card information, date of birth, gender and
lifestyle details such as room preferences, leisure activities,
names and ages of children, and other information necessary to
fulfill special requests [e.g., health conditions that require
special room accommodations].”
Starwood’s senior vice president and
chief privacy officer, Bill Min, assures that the hotel company is
“dedicated to protecting guest privacy and safeguarding personally
identifiable information, using both procedural and technical
safeguards,” including password controls, firewalls and encryption
technology.
But information collection by hotels
isn’t limited to just the guests. Meeting planners, too, often must
provide potentially sensitive business data that helps a property
customize its services for a group. Hilton Hotels, for example,
“may request more information about your organization, such as
organization name, annual budget for events, number of events you
sponsor per year, date of event, number of guests and number of
guest rooms required,” according to Hilton.com. (Hilton declined to
comment for this article, citing a longstanding policy in regard to
its security measures.) And hotel companies might save the content
of e-mails they receive regarding events and collect other
information online. This all adds up to a lot of knowledge about a
person and/or group.
And all too often such information can
fall into the wrong hands: In 2005 alone, the Federal Trade
Commission received more than 685,000 complaints about consumer
fraud and identity theft.
“The kinds of risks conventioneers face
are the same as any company using credit card information,” says
Marc Rotenberg, executive director of the Washington, D.C.-based
Electronic Privacy Information Center, an advocacy group. “Systems
are weak, and security is not as strong as it should be. Identity
theft is the biggest crime in the United States -- worth $53
billion in 2004 -- with a real impact on U.S. businesses. Companies
collecting and storing information on behalf of attendees or
members need to be incredibly concerned about how it’s used. If you
can’t protect it, don’t collect it.”
SECURITY BREACHES
Atlantis ResortWhile large hotel chains and individual properties endeavor to protect private personal information, mistakes can and do happen. Here are a few recent examples.
In December 2005, Orlando-based Marriott Vacation Club International, a vacation ownership division and subsidiary of Marriott International, lost backup computer data tapes containing the names, credit card numbers and Social Security numbers of about 206,000 associates, time-share owners and time-share customers. “We regret this situation occurred and realize this may cause concern for our associates and customers,” said Stephen P. Weisz, president of MVCI, at the time.
To reassure clients, MVCI notified the credit card companies and contracted with an independent identity-theft recovery service to perform credit monitoring, place fraud alerts with credit reporting companies, and provide identity theft insurance of up to $2,500 for those whose Social Security numbers (considered more sensitive than credit card numbers) were lost.
A similar incident occurred this past January at the upscale 2,300-room Atlantis Resort on Paradise Island in the Bahamas, owned by New York City-based Kerzner International. It was reported on Jan. 8 that a hacker was able to steal the sensitive personal information of 55,000
Atlantis Resort customers, mainly Americans. The hacked data included names, addresses, credit card numbers, Social Security numbers, driver’s license numbers and bank account information. Like Marriott Vacation Club International, Kerzner International notified those affected in writing and offered a year’s worth of credit monitoring free of charge.
Sometimes, printouts and hard copies of documents containing sensitive information can compromise security. Consider facts surrounding the December 2004 closing of the Best Western Greenwood Inn & Suites in Beverton, Ore. When the 217-room hotel was shuttered permanently, nobody bothered to clean out records such as canceled personal checks and credit card receipts from the property’s files. After local firefighters cut holes in the hotel structure as part of a training drill in May 2005, the door was literally left open for neighborhood identity thieves and methamphetamine addicts, who quickly took up residence at the abandoned hotel.
On July 21, 2005, local police arrested a man in possession of 30 credit card receipts from the Greenwood Inn (along with a supply of methamphetamine). Two days later, another ID thief was nabbed with photocopies of credit cards, drivers’ licenses, and names and addresses of Greenwood Inn guests. When police at last searched the abandoned hotel, they found 29 boxes of guests’ records left behind, unattended. -- B.M.L.
Registration
Of course, the biggest download of personal information
from planners and attendees occurs during the guest registration
process and then at check-in itself, when hotels rightly ask for
information about who will be staying there. Obviously, electronic
transfer of this data is best for quick processing, efficiency and
ease for the attendee, planner and hotel.
However, there has been a dearth of
good advice for planners on the subject of securing this data, and
the meetings industry seems slow to react to the threat. For
instance, the most recent (2003) edition of Meetings and
Conventions: A Planning Guide, from Meeting Professionals
International, makes no mention of electronic security during the
registration process, although it recommends using the web to
collect names, addresses, signatures, credit card numbers and
expiration dates, before “this static information is then e-mailed
to an account, at which point it is logged in a spreadsheet or
entered into a local database. The file may also be downloaded to a
local computer on a periodic basis and merged with a local
application.”
“With all the identity theft and nasty
people in the world, we’re very vulnerable, and we’re putting our
attendees at risk every day, and people don’t take it seriously
enough,” says Attendee Management Inc.’s Jeff Rasco. “I left the
planner side, and now I run a registration service company. People
don’t think anything of giving us their name or Social Security
number. Of course, our system is totally secure,” he adds,
“with military-level encryption.”
How should information be sent to and
shared with a hotel?
For electronic transfers of personal
registration information, Rasco recommends using a secure online
registration system such as Pegasus Solutions’ RezView or Hotel
Factory software, the Sabre Travel Network, or Passkey’s Group
Reservations systems. Another option is to provide a link from a
group’s event registration web page to connect directly with the
hotel’s reservation system.
“Most chains will set up a
meeting-specific website with a secure line for an attendee to
bounce into from the registration page,” Rasco continues. “The
attendee will have to input his or her information from scratch,
but at least you know you’re in a secure environment.”
Planners also should ask the hotel
about how the information will be stored, who will have access to
it and what level of training is provided to employees regarding
electronic security. (See “Security Breaches,” right.)
“Most of the bad stuff that happens is
not because a hacker figured out the secret to the pot of gold,”
says Rasco. “It’s because some idiot gave the hacker the password.
Someone calls and says, ‘I’m from the IT department,’ and the
respondent says, ‘Here you go!’ ”
Hotel key cards
These days at check-in, attendees are almost always
provided with computerized key cards, which long ago replaced metal
keys at most hotels. But the encoded cards often cause anxiety for
guests: Do they contain room numbers? Home addresses? E-mail
accounts? Even -- gulp -- credit card numbers?
Indeed, those mysterious plastic cards
can open guest room doors, inform hotel workers of a guest’s
identity and even act as an on-site charge card. But, despite
rampant rumors to the contrary, that’s where their power ends.
“I have actually had to deal with the
key card information issue quite a bit with airline crews,” says
Arthur Cooper, director of sales and marketing for the Renaissance
Chicago O’Hare Hotel. “Seems that word spread via the Internet and
crew sites that all the information in the hotel’s property
management system would be placed on that magnetic strip on the
back of our key cards. I have had to explain to flight attendants
that swiping their credit card does not transfer information to the
key card, but rather the key card only programs the door lock to
admit them. Some crew members still believe otherwise, and they pay
cash instead of using their credit cards.”
The “urban legends” surrounding the use
of key cards and identity theft have become so widespread that the
hotel industry as a whole has seen fit to directly assuage fears
(see “Key Card Phobia,” above).
“The issue of identity theft is a
public concern that is reported to affect many Americans,” says
Joseph A. McInerney, president and CEO of the Washington,
D.C.-based American Hotel and Lodging Association. “We’re doing
everything in our power to inform guests that this is a myth and is
not in any way affecting their personal safety.”
In fact, Marc Rotenberg of EPIC says
key cards are a privacy enhancement, rather than a risk. “A good
example of a privacy safeguard is the use of electronic room keys
rather than the old-style key with the room number printed right on
it,” he says. “That’s the kind of technology we often propose. It’s
an example of a good privacy technology.”
Wi-Fi
Most hotels courting group and business travelers also
boast access to high-speed wireless local area networks (LANs),
which allow guests to log on to the Internet from their laptops.
While such Wi-Fi zones certainly are convenient, they also can pose
serious risks to electronic security, both for individual attendees
and businesses in-house.
“Carrying your own laptop is like going
somewhere with money,” says Paul Sullivan, managing director of
South Jordan, Utah-based iBAHN EPS Enterprise Solutions, a wireless
broadband provider for the hospitality industry. “You take
precautions to protect that money. If you’re the employer or a
corporation and you’re going to a meeting or a conference, risks
are magnified. It’s like walking around with the corporate payroll
in your briefcase, and you need to take additional precautions.
Your information is extremely sensitive, and you’re in an
environment where there
are competitors.”
In a December 2005 survey of 1,000
Americans by the Austin, Texas-based Wi-Fi Alliance, 70 percent of
respondents said they are likely to travel with Wi-Fi enabled
laptops, now that the service has spread to more than 100,000
hotspots around the world. But these Wi-Fi zones pose risks,
including having transmissions intercepted or files made accessible
to others on the network. The fallout could include identity theft,
corporate espionage or electronic vandalism.
Savvy laptop users already will have
security software, such as a firewall to prevent hacking and/or a
Virtual Private Network (VPN), which encrypts transmissions back to
a secure access point. Indeed, major corporations issuing laptops
to employees often make VPN software mandatory in order to protect
privacy and corporate data. Such software creates a virtual
“tunnel” back to the receiver that cannot be tapped into by
outsiders on the same public network. But some attendees might lack
firewalls or VPN software on their laptops.
What questions should a planner ask of
a hotel to ensure attendees will not be subject to risk? What is
reasonable to expect in terms of electronic security from a hotel?
What should attendees be responsible for themselves?
“I think it’s prudent and a good
practice for meeting planners to make inquiries of the hotel,” says
Diana Barber, who offers two such questions: “How secure is your
network?” and “Do you have a disclaimer page on your Internet
access so attendees know it might not be a secure line?”
According to iBAHN’s Sullivan, “The
majority of hotel hotspots are wide open,” meaning there is no
security protocol such as Wired Equivalent Privacy (WEP) or Wi-Fi
Protected Access (WPA), which provides industry-standard
encryption, or about as much electronic security as a wired system.
Such measures, though highly desirable, require authentication. The
hotel should provide a temporary ID and password for a given event,
which the planner can then distribute to
attendees.
Another security solution is to ask the
hotel to supply a nonbroadcast service set identifier (SSID), which
acts as the network name only for the use of attendees to the
specific event or meeting. With such a setup, the hotel will not
make public the name of the wireless access point for just anyone
to see and use. “It means your attendees need to know the SSID,”
says Sullivan. “The planner puts the SSID in the packet, and the
attendee plugs the SSID into their wireless, and the hotel makes it
exclusive to that group.”
Planners should not take wireless
security lightly: The stakes are too high. According to the 2005
Computer Crime and Security Survey conducted by the Computer
Security Institute and the FBI, the average instance of
unauthorized access cost corporations or organizations $303,234 in
2005.
Worst-case scenarios
Such numbers should give planners pause, even as the
hospitality industry boosts security measures regarding
registration data and Wi-Fi access.
“Hotel companies recognize that taking
guest privacy seriously and doing it well is good business,” says
the AH&LA’s Joseph McInerney.
Nevertheless, mistakes can happen. So
can neglect or criminal activity. If a breach of data privacy is
confirmed, the Federal Trade Commission recommends that businesses
notify law enforcement such as local police, the FBI or the U.S.
Secret Service. Also, businesses should contact other firms or
organizations that could be affected. If credit card or Social
Security numbers are compromised, the FTC advises contacting credit
bureaus (Equifax, Experian and TransUnion). Lastly, but not least
in terms of importance, businesses should reach out to individuals
whose identity or credit might have been compromised by the
electronic security breakdown. (More information and sample letters
are available at www.consumer.gov/idtheft.)
Remember, meeting planners can make
certain that due diligence and caution have been exercised, that
the hotel property is electronically secure and that attendees have
been made aware of any electronic security risks, like a wide-open
wireless system at a property. According to the ID Theft Resource
Center, a San Diego-based nonprofit agency helping people prevent
and recover from ID theft, planners also should advise attendees to
use the hotel’s safe for laptops, personal digital assistants,
Social Security cards, passports, bills and other items containing
personal identifying data.
We can only be so secure. Ultimately,
hotels do need information about their guests, attendees do need to
use their laptops to access Wi-Fi, and many will be prone to losing
their hotel key cards. While it pays to be safe, experts warn not
to become consumed with electronic security fears.
“There’s always the danger of becoming
a privacy survivalist,” warns EPIC’s Rotenberg. “But you can’t sit
at home with the shades pulled down.”