Consumer Protection (2007)

Hotel Chains

The BigBrotherAward 2007 in the “Consumer Protection” category goes to the international hotel chains in Germany, Marriott, Hyatt and Intercontinental (representing many others), for their collection and centralised storing of critical personal information of customers without their knowledge. This includes drinking and eating habits, use of pay TV, allergies, all private and professional addresses, credit card data, complaints, all kinds of preferences – everything is kept.
Rena Tangens am Redner.innenpult der BigBrotherAwards 2021.
Rena Tangens, Digitalcourage

The BigBrotherAward 2007 in the “Consumer Protection” category goes to the international hotel chains in Germany Marriott, Hyatt and Intercontinental (representing many others) for their collection and centralised storing of critical personal information of customers without their knowledge.

“Would like a second pillow? Prefer to take your meals in your room? Want some champagne? Or a second breakfast?”

You believe that hotel staff can read your wishes by taking a deep look into your eyes? – Wrong: They know about all your details, mannerisms and special wishes not from intuition, but mostly from the information stored in the hotel computer system. The real surprise would be if you saw exactly what is stored there.

Among other details, there are your private and professional addresses, telephone numbers, credit card data, date of birth, nationality, passport number, complete bills, use of pay TV, telephone calls. Personnel is urged to note down further details about customers in the system, like family situation, drinking and eating habits, allergies, hobbies, complaints, all kinds of preferences, etc. Once registered in the system, all this information will remain there, even after the customer has left – and, in fact, for times indefinite. This kind of procedure approaches and indeed sometimes crosses the limits of legality1.

“Non-smoker? Allergic to peanuts? Only rooms on the ground floor?”

But, after all, this information is collected for the good of the customers, to be able to offer them the best service possible!

Or is it? – No, not quite. Valuing every customer and offering him or her the best possible service has always been part of the good tradition of hospitality. But – at least with the big hotel chains – this tradition is a thing of the past. Here, all you get instead of the promise of hospitality is “customer relationship management”2, (abb. CRM). Most important item: “Ranking and discrimination”3. Here, it is precisely not the aim to offer all customers the best possible service. Because some customers are worth more than others, and it is the former that need to be targeted. And in order to pick out the lucrative customers from among the riffraff, and be able to make better offers to them, one has to collect as much information as possible4.

Nearly every hotel chain nowadays has its own computerised “customer relation” system in which all these data are centrally stored – a veritable bonanza for data miners.

And since all this information is there anyway, other interested parties will easily be found.

If you watch “Attack of the Killer Tomatoes” or perhaps a film titled “Annie Blow His Gun” or other likewise embarrassing items on the hotel-owned pay-TV channel, this will be discreetly shown as “other services” or some such on your actual bill. But the computer system of the hotel will know precisely whether you watched the worst film of all times or a porn movie.

Many hotels are directly connected to online booking systems like “Amadeus” or “Sabre”5. There, as well, customers details are being stored. The booking system “Amadeus” advertises a service to travel agencies, for an extra fee, which enables them to import the customer’s complete booking history, including personal details and hobbies, at a click. “Existing and timely customer information from the Amadeus Customer Profiles (air / car / hotel) are always readily available. (...) Besides, the customer information is active for a long time – no matter how long ago the last booking was made.”6)

In Germany, you have registration forms that have to be filled in by every customer, but these will at least stay in the hotel to be checked by the authorities only if necessary. In some European countries, France for instance, such details are directly transferred from the hotel to the police. The hotel administration software “Opera”, from the leading software provider “Micros Fidelio” boasts an automated “Police Interface” for these purposes.

But it might not only be the local police who are interested in information about hotel customers, but also foreign secret services.

After all, the guests’ details will not only be stored – as guests assume  – on the computer of the hotel they actually stayed at, but on centralised servers accessible to all the hotels of the chain. And these servers, in turn, at least for the biggest hotel chains are located – guess what – in the USA. So far, data protection hasn’t exactly been all the rage there, anyway. And since 2001 there is also the “USA PATRIOT Act”7. Under the pretence of “fighting against terrorism”, this act allows intelligence agencies access to business data, even without a court order.

“No pork? Internet access? Telephone calls to Saudi Arabia from the hotel room?”

What, would you believe, are the conclusions that could be drawn from this?

We can imagine quite a lot of rather unpleasant results for guests. For example: Identity theft is a rather easy game when there is detailed personal information about a customer, readily collected. And once these details hit the yellow press, or come into the hands of competitors, or are being used for blackmail …

Late in 2005, a vast amount of sensitive data the “Marriott” chain had collected got lost from their data-processing centre in Orlando, Florida. Just vanished – that’s what happened to a backup tape with data (including addresses and credit card details) of about 200,000 members of the “Marriott Vacation Club”8. The tape is still lost. In the end Marriott had to own up to the loss and notify their customers.

But the real scandal is not this specific case but the normal business of data collection in hotels. Because customers know nothing about these activities.

We got curious and asked an employee of a “Hyatt” what would happen if a customer told the receptionist that he did not wish all this information about him to be stored. The employee had to think a while, then answered that this never happened – because the customers had no idea that all this information was being stored about them, anyway. – “But if he did?!” – “Then we would enter a remark that the customer doesn’t want personal information to be stored …”

To say it in the words of our own Friedrich Schiller:

Hier wendet sich der Gast mit Grausen. „So kann ich hier nicht ferner hausen.“9

(roughly: “The guest averts his face with fear: ‘I’d rather not sojourn in here!’”)

Our heartfelt congratulations, dear managers of Marriott, Hyatt, Intercontinental and others!


Rena Tangens am Redner.innenpult der BigBrotherAwards 2021.
Rena Tangens, Digitalcourage

1 German source: BDSG (German Data Protection Act ) § 4.3 and BDSG § 4b and c.

2 "Consider the Value of the Customer. Successful CRM is not about providing the best service on the block; rather, the key to effective relations with your customers is in providing appropriate service. We all know that customers are not equal." Quoted from: “Effective Customer Relationship Management (CRM) Implementations”

3 "Ranking and Discrimination:Some customers are worth more to your business than others and you need to invest more of your scarce resources in the most valuable customers, and less in the others. This strategy is perhaps the most difficult element of CRM for hoteliers to accept, but it is absolutely essential. While the grand tradition of hospitality is to value every guest and deliver outstanding service to all of them, in practice it simply isn’t possible." Quoted from “The ABCs of CRM” (Link 1 and Link 2)

4 "In addition to being a frequency program driven by personalized communications, guest recognition and service (rather than points, points and more points), ByRequest captures a detailed set of reported preferences, augmented by analysis of observed behaviors." Quoted from: The ABCs of CRM

5 Sabre (acronym for “Semi-Automatic Business Research Environment”) is one of four major computer-based reservation systems (CRSs). Connected via a terminal, one can check worldwide availability of flights, hotel beds, train tickets and other services, and book them directly.

6 German source: Datenschutz Nachrichten 1/2007

7 Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001

8 German source: on 29-12-2005: „Hotelkette Marriott vermisst Backup-Bänder mit umfangreichen Kundendaten“ (Hotel chain Marriott missing backup tapes with substantial amounts of customer data) (Web-Archive-Link), USA Today on 28-12-2005: „Marriott time share unit says customer data is missing” [Content no longer available] and Computerwoche on 04-04-2006: „Secret Service gibt Suche nach verlorenen Daten auf“ (“Secret Service gives up search for lost data”) (Web-Archive-Link)

9 Friedrich Schiller, Der Ring des Polykrates

About BigBrotherAwards

In a compelling, entertaining and accessible format, we present these negative awards to companies, organisations, and politicians. The BigBrotherAwards highlight privacy and data protection offenders in business and politics, or as the French paper Le Monde once put it, they are the “Oscars for data leeches”.

Organised by (among others):

BigBrother Awards International (Logo)

BigBrotherAwards International

The BigBrotherAwards are an international project: Questionable practices have been decorated with these awards in 19 countries so far.