Partner Doron Goldstein, co-head of the firm's Privacy, Data and Cybersecurity practice, spoke with Hospitality Technology regarding GDPR fines for hotels in light of recent actions taken by the UK Information Commissioner's Office (ICO).

In response to the publication's inquiry regarding the need for hotels to worry about GDPR fines, Doron agreed that this is quickly becoming a global issue, as is evidenced by the laws under discussion or already enacted in South America, Asia and elsewhere.

"It is important to note that each regulator has its own independent right to enforce within its jurisdiction," said Doron, "so in the event of a data protection failure that impacts residents of multiple jurisdictions, the regulators in each of those jurisdictions can launch their own investigations and impose their own fines under their laws."

He continued: "The United States is not immune to this practice either with several states imposing privacy laws similar to GDPR with heavy penalties. The California Consumer Privacy Act (CCPA) is one such law."

Read "Wake Up Hospitality: Marriott Fine Proves GDPR Legislation Has Teeth" in its entirety.

Also read "Is the ICO's Fine on Marriott Unreasonable?," Hospitality Technology, July 11, 2019.