A recent article in Hospitality Technology discussed the effects of the California Consumer Privacy Act (CCPA) on the hospitality industry. The topic was examined in-depth during an educational session at the Hospitality Industry Technology Exposition and Conference (HITEC) in Minneapolis, MN, which was co-hosted by Katten New York partner, Doron Goldstein, co-head of the firm's Privacy, Data and Cybersecurity practice.

Hospitality Technology summarizes how the CCPA, which will go into effect in January 2020, will influence the way hotels think about managing large volumes of personal data, who has access to the data and with whom it is shared.

The CCPA includes a number of rights, such as the "right to deletion," for example, which allows consumers to request that businesses delete all information they have on file about them, with certain exceptions. "You'll likely get [some] requests that are absurd. Understand that it will happen and put a process in place to address those types of requests," Doron said. There's also the "right to opt out," under which consumers can opt out of the "sale" of their personal information, and the "right to discrimination," which prohibits businesses from denying goods or services to consumers who exercise their right to privacy. The combination of the "right to opt out" and the "right to discrimination," according to Doron, make it almost impossible for hotel loyalty programs to operate.

The HITEC session also discussed how the CCPA will address data breaches and provided 10 steps hospitality companies can take to minimize risk under the CCPA, including training employees, completing CCPA assessments, enabling reporting and metrics and mapping the flow of personal data (among others).

Read "The California Consumer Privacy Act & Its Implications for Hospitality" in its entirety.