Category: Blog

Introduction

This paper will explore the legal and constitutional issues surrounding data breaches within the field of hospitality. By discussing three cases in which the identities of millions of unsuspecting guests’ identities were compromised due to the neglectful maintenance of databases on the behalf of three major hoteliers. Outlining causal factors ranging from weak security practices, malware, and the use of fraudulent instruments to either steal directly from customer accounts or to gain access to sensitive data from customer profiles to bypass banking or credit identity verification processes. Consequently, leaving patrons under imminent threat of identity theft due to the failure to install the proper security systems to shield against the intrusion of cybercriminals.

Subsequently, contributing negligence is the major theme of the case study portion of this paper. A section dedicated to the discussion of the legal precedents set by Dugas v. Starwood Hotels & Resorts Worldwide., 2016 U.S. Dist. LEXIS 152838, In re Marriot Int’l, Inc.,440 F. Supp. 3d 447 United States District Court for the District of Maryland Southern Division, and Sandra Smith v. Sabre Corporation. Cases used to highlight how the lack of preparedness against cybercrimes can be interpreted by courts as a breach of duty.

History

Prior to listing the reasons that courts will find a property to be negligent for not installing the necessary fail safes to protect customers, it is important to understand why hotels are highly targeted by cybercriminals. Industry insider and author of Why Do Cybercriminals & Identity Thieves Target the Hospitality Industry, Holly McCulloh asserts that hackers do so because hotels maintain systems that contain millions of guests records which are highly valuable on the dark web.

Hence, hackers will seek to find easily accessed vulnerabilities within a hotel’s network infrastructure, which they can easily exploit to access customer data. Generally, using phishing attacks to infiltrate hotel Wi-Fi networks to steal passwords and other sensitive data. An evolving technique which will grow in its sophistication as travelers demand more complete technology experiences while staying at hotels. (Advanced Hospitality Technologies)

Additionally, the entire hospitality industry has been noted for having some of the highest rates of security scams. According to the Report to the Nations on Occupational Fraud & Abuse approximately “one-third of all credit card fraud cases originate in hotels.” (Shah 2018) Resulting in an estimated loss of 5% to 6% of annual revenue from fraud perpetrated by hotel employees and guests. (Shah 2018) Therefore, it is imperative that hotels find ways to secure their network infrastructures to maintain their profitability, brand reputation, and to reduce all subsequent legal and financial penalties.

The article, Data Security in Hospitality – Why Is It So Important, offered another compelling reason as to why data breaches are a relatively common occurrence within hospitality. When it stated that “businesses in the hospitality sector such as hotels, and restaurants, often have a complex ownership structures consisting of a management company which runs the business, a separate owner or group of owners, and a franchisor.

These entities may store important data in computer systems and such information may be moved around frequently and such complex ownership structures could result in breaches.” (hospitalitynet.com) Structures that enable hackers to access a customer profiles and credit information through a property’s virtual private network (VPN) using the hotel’s public Wi-Fi networks.

Cybercriminals also access hotel networks by using malware to scrape card information from infected POS systems. As hotels increasingly rely on POS systems to streamline processes it is becoming more important that they “implement stringent measures to ensure user security.” Using an all -encompassing approach that ensures “user security, guest device security, network security, and personal security across their properties.” (Advanced Hospitality Technologies)

Other pervasive forms of fraud involve the use of false account credits, skimming devices, and fraudulent credit cards. Although much work has been done industry wide to document the use of these instruments, several large hotel chains have still managed to fall prey to scams incorporating their use. Due to their lack of preparedness, which courts have deemed to be a form of negligence.

In re Marriott Int’l, Inc. 440 F. Supp. 3d 447 United States District Court for the District of Maryland, Southern Division

One of the most well- known data breaches in hospitality is In Re: Marriott International, Inc., Customer Data Security Breach Litigation, Consumer Actions. A lawsuit brought the United States District Court for the District of Maryland, Southern Division against Marriott and Starwood Hotel’s Resorts Worldwide for the failure to protect its guests’ personal data.

On November 20,2018 Marriott announced that it suffered one of the largest data breaches in history. For a cybercrime gang, named Fin 7, was able to “infiltrate 383 million guest records, 24 million passport numbers, and a million credit and debit cards.” (In Re: Marriott International, Inc., Customer Data Security Breach Litigation, Consumer Actions) During its announcement the public was made aware that Marriott and Starwood were targeted because Fin 7 knew that its guest reservations system required the collection of sensitive customer data upon guest check-in requiring guests to provide their name, address, email address, phone number, and payment card information. In addition, it was known throughout the industry that Marriott and Starwood’s reservation’s system possessed the capability of storing patrons room preferences, travel destinations, and other personal information as a means of offering a greater level of customizable service. Arguably, one of the most valuable features of its reservations system, but what was readily accessed by hackers to steal data.

A fact worsened by Marriott & Starwood’s failure to immediately notify patrons of the data breach. For upon later discovery, it was revealed that Marriott executives were made aware of Fin 7 offenses on September 8, 2018 and withheld this critical information from the public until November 30,2018. It was also noted that if Marriott’s clientele were informed of the data security problems the brand was facing that guests “would have chosen to stay at other hotels, purchase, products or services at other properties, and/or would have paid less” for their stays. Depriving unsuspecting guests of the right to chose uncompromised hotels for their travel accommodations.

Marriott and Starwood’s failure to protect its customers’ data was deemed by the courts to be a breach of duty. Under Georgia Law, the lawsuit brought against both parties was defined as a Negligence per se claim. It also violated the Internet Business, Data Protection in E-commerce Environments Act, Maryland Personal Information Privacy Act, and the Michigan Identity Theft Protection Act. Laws requiring businesses to “implement and maintain reasonable security practices and procedures based on the personal information collected. Requiring businesses to conduct quick investigations and to provide immediate notification of security breaches without reasonable delay if a client’s unencrypted and unredacted personal information was accessed by an unauthorized person.” (In Re: Marriott International, Inc., Customer Data Security Breach Litigation, Consumer Actions)

For the plaintiffs’ argument stated compromised guests were under imminent threat of identity theft. Subsequently, leaving victims to manage “all costs related to the data breach and the loss of the value of their personal information.” The reported damages incurred by the plaintiffs included the loss of the benefit-of -the bargain, loss of time and money spent mitigating harms, and as previously mentioned the loss of value of personal information.

The courts ruled to partially grant Marriott’s motion to dismiss the claims brought against it by the plaintiffs. And the requirement of “plaintiffs to bring individual cases against Marriott proving the damages that they incurred because of the data breach.”

Dugas v. Starwood Hotels & Resorts Worldwide, Inc., 2016 U.S. Dist. LEXIS 152838 United States District Court for the Southern District of California

In 2016, a case was filed against Starwood for similar reasons. Plaintiff, Paul Dugas, filed a lawsuit against Starwood Hotels & Resorts Worldwide, Inc. for damages he incurred after his credit card was compromised after purchasing spa services at a Sheraton San Diego Hotel Marina. Stating that his credit card was later used by an unauthorized third party for multiple purchases.

Additionally, had it not been for the provision of his personal data his credit card would not have been compromised by the third party who used his account for “unauthorized purchases, unnecessarily exposing him to losses, frustration, and on-going requirements to protect himself from identity theft.” Leading Paul Dugas to file a grievance within the United States District Court for the Southern District of California courts stating that Starwood violated the California Customer Records Act, California’s Unfair Competition Law. Defined as such because under the California Customer Records Act when a business that “owns, licenses, or maintains personal information about a California resident it shall implement and maintain reasonable security procedures and practices appropriate to the nature of the information, to protect the personal information from unauthorized access, destruction, use, modification, or disclosure.” (Dugas v. Starwood Hotels & Resorts Worldwide, Inc., 2016 U.S. Dist. LEXIS 152838)

Starwood’s actions were also considered an invasion of privacy and to fit the definitions of two forms of negligence. First, under the general definition of negligence because Starwood failed implement “adequate security measures to protect the information they obtained from customers.” Secondly, Dugas’ case fit the definition of negligence per se because he had a reasonable expectation of privacy under the circumstances, a legally protected privacy interest, and that third party’s actions were a serious invasion of the privacy interest.

In its ruling, the courts determined that the plaintiff, Paul Dugas, was not entitled to damages for the fraudulent charges because in his initial complaint “he did not allege out of pocket losses or monetary damages resulting from the data breach due to the defendant’s negligence or failure to maintain reasonable security procedures.” (Dugas v. Starwood Hotels & Resorts Worldwide, Inc., 2016 U.S. Dist. LEXIS 152838)

The plaintiff’s motion to dismiss was granted and denied in part. Stating that Mr. Dugas’ “failure to meet the twenty-day deadline to amend the complaint or failure to cure the deficiencies identified within the case would result in the dismissal of his case with prejudice.” (Dugas v. Starwood Hotels & Resorts Worldwide, Inc., 2016 U.S. Dist. LEXIS 152838)

Sandra Smith v. Sabre Corporation United States District Court for the Central District of California

Unlike Dugas v. Starwood Hotels & Resorts Worldwide, Inc., 2016 U.S. Dist. LEXIS 152838 and In re Marriott Int’l, Inc., 440 F. Supp. 3d 447 United States District Court for the District of Maryland, Southern Division , Sandra Smith v. Sabre Corporation United States District Court for the Central District of California is a frivolous case brought to the Central District of California by Sandra Smith to exploit the Sabre corporation for illegitimate damages.

On May 2, 2017 she filed a claim stating that her identity was compromised and that she suffered damages when she did not. Conveniently, timed after Sabre made public that its new SynXis system was breached by hackers. In her complaint she stated that because she was a frequent guest of “hotels that were known to use Sabre’s system.” The courts immediately dismissed her complaint without prejudice because it was a frivolous case that failed to rise to the level of a legitimate identity theft claim.

Analysis & Management Suggestions

In closing, it is imperative that hoteliers find strategic means of securing hotel networking systems, to circumvent avoidable lawsuits. Hotel management can achieve this objective by using firewalls, networking monitoring, traffic filtering, and anti-malware security systems. Also, by encrypting credit card information and creating a detailed response plan if a data breach should occur.

Identity Theft in Hospitality Industry

Identity theft is continuously growing in the USA, primarily due to the increased use of technology in transactions, e-marketing, and international communication. Identity theft and related fraud affect businesses, governments, individuals, and communities considerably (Sow et al., 2018). Its effects are traumatizing to the victims. They devastate the victims with long-lasting financial effects. The hospitality industry should keep its eyes wide open for the growing concern of identity fraud, especially since it is the most susceptible industry because it deals directly with clients (Bjorke & May, 2016). Thus, it stores chunks of its customers’ sensitive data (Sow et al., 2018). The hospitality industry should be cautious of this growing concern, since the services they offer precipitate the necessary elements for a successful data breach. This paper analyzes issues arising from identity theft in the hospitality industry. The paper majorly focuses on identity fraud cases, the legal implications of identity theft, and the measures implemented to prevent identity theft in the hospitality industry. It also includes recommendations for businesses in the hospitality industry to help secure clients’ data from hackers and other criminals.

Background of the Problem

The hospitality industry attributes some of its revenue losses to identity theft (Sow et al., 2018). Identity theft refers to a fast-growing social crime that includes all types of crimes that involve individuals fraudulently acquiring and using other people’s data for economic gain. The Federal Trade Commission (FTC) (2018) identifies employment or tax-related fraud, credit card fraud, and phone or utility fraud as the top three identity thefts reported by victims. Companies in the hospitality industry, such as casinos, restaurants, hotels, theme parks, movie theaters, and bars, suffer significant financial losses since the data breaches remain undetected for months or years (Bjorke & May, 2016).

In addition to financial losses, data breaches in the hospitality industry result in loss of trust in the brand, reduced consumer loyalty to a business, and increased cost to customers. Furthermore, a company’s insurance also rises after a data breach to cover cybersecurity expenses that arise after the threat (Bjorke & May, 2016). Additionally, the firm’s cost of debt increases due to reduced creditworthiness caused by data breaches. The company further faces financial losses due to the additional cost to compensate for the investigation of the fraudulent activities (Bjorke & May, 2016). The customers can also sue the business and its employees after a data breach to compensate them for the damages experienced (Bjorke & May, 2016). Consequently, the adverse effects of identity theft result in the failure of some businesses.

Technology use in the hospitality industry perpetuates identity theft, especially since it is getting more advanced every day with new technologies being introduced. Even though advancements in information technology have improved the hospitality industry’s quality of services, they have also created an avenue for identity theft (Shabani & Munir, 2020). The increased usage of e-commerce, communication technology, and computers is instrumental in exponential data breaches due to cyber theft. Information technology contributes to data breach and information loss when the employees gather guest information when offering services and during payments. The hospitality industry is a consumer-centric business; hence, it relies on consumer loyalty to generate substantial revenue. Therefore, companies in the hospitality industry should aim to maintain clients’ trust by implementing security measures that prevent cyber-attacks and data breaches. Ensuring cybersecurity of the technologies that increase the efficiency of services is of paramount significance in the hospitality industry (Hahn et al., 2019).

Companies affected by commercial and consumer identity theft faced more significant financial losses than companies with countermeasures to deal with identity theft (ACFE, 2018). Price Waterhouse Cooper presented data in their 2014 Global Economic Crime Survey that showed 78% of businesses in the hospitality industry faced challenges of identity fraud, which resulted in asset misappropriation (Jirsa, 2020). Iwejor (2017) also indicated that most managers failed to execute the required internal controls and safeguards due to insufficient funds and inadequate knowledge. Consequently, there is a need for additional research regarding the techniques that managers in the hospitality industry should apply to lessen crimes of identity theft and fraud.

Legal Issues

Seven Sentenced in Chicago Restaurant ID Theft Scheme

Joseph Woods, Britain E. Woods, Alex Houston, Jenette Farrar, Essence S. Houston, Kenyetta Davis, and William Washington were the defendants that skimmed personal financial data from consumers in restaurants and attractions sites in the Chicago area (Claims Journal, 2013). The ringleaders paid the employees of various establishments such as Wrigley Field, RL Restaurant, a Chicago Taco Bell location, and a McDonald’s restaurant in Berwyn to steal the credit card information when the customers were paying their bills (Claims Journal, 2013). The employees used a credit card reader device to steal approximately 175 credit cards and banking information (Claims Journal, 2013). The ringleaders used the stolen information to reproduce counterfeit credit cards and make purchases of more than $200,000.

All the defendants pled guilty and were sentenced in Cook County Criminal Court. According to Illinois Attorney General Lisa Madigan, the banks with the accounts of customers whose identities were stolen included Citibank, US Bank, American Express, Fifth Third Bank, Chase, Harris Bank, and Bank of America (Claims Journal, 2013). The compromised financial institutions notified the affected clients to secure their personal information during the investigation (Claims Journal, 2013). The Illinois Attorney General stated that identity theft posed a tremendous threat to Illinois credit card users, primarily since she received approximately 2500 identity theft complaints in 2012 only (Claims Journal, 2013). The complaints included incidents of fraudulent withdrawals from consumers’ financial accounts, fraudulent charges on consumers’ financial accounts, the fraudulent opening of accounts using consumers’ information, and stolen checks (Claims Journal, 2013). Madigan stated that the seven identity thieves’ case proved that identity theft is prevalent in everyday transactions. Therefore, people should be consistent in checking their financial statements and credit card bills for any unauthorized billing and report any unknown and dubious activity early on to prevent extensive damages (Claims Journal, 2013).

Eric Larson Charged with Defrauding Hotels

Eric Larson, the defendant, allegedly stole credit card numbers to book rooms in Newport Beach, Laguna Beach, and Costa Mesa (Parker, 2012). The defendant allegedly paid for his hotel charges at the montage with an illegally acquired credit card. The fraudulent activity was discovered after two days when the bill accrued to $2,134, as reported by the Laguna Beach Police Department (Parker, 2012). Eric Larson used a laptop to obtain the credit card information used to acquire information to book the room from clients who accessed their accounts or made credit card purchases. Apparently, the defendant stole other people’s identities over open Wi-Fi networks by illegally acquiring their credit card account information (Parker, 2012).

The police tracked Eric Larsonto when he left without paying the $2,134 bill at Montage Laguna Beach (Parker, 2012). He was arrested on several identity theft charges reported in Newport Beach, Costa Mesa, and Laguna Beach. He allegedly used the stolen information to rent out for himself and his friends (Parker, 2012). Sgt. Louise Callus arrested one of his counterparts, Edward Richard York, allegedly for possessing methamphetamine and marijuana after receiving a complaint about clients that were abusing drugs in a room at Laguna Cliffs Inn. Upon arresting him, the officers discovered that the hotel room was booked with Larson’s illegally acquired credit card number (Parker, 2012). Larson was charged with 23 felony counts of fraud and theft due to the illegal use of stolen credit card information to book rooms in hotels (Parker, 2012). He was found guilty of the mentioned charges and was sentenced to one year in jail, three years’ probation, and restitution.

Analysis

Under a variety of federal statutes, the Department of Justice takes legal action against cases of fraud and identity theft. Congress passed the Identity Theft and Assumption Deterrence Act in 1998 and made identity theft a new offense (Hill & Marion, 2016). According to the USA Department of Justice, the legislation prohibits knowingly using or transferring an individual’s means of identification without lawful authority. It prohibits the use of the illegally acquired personal information to aid or to abet or commit any violation that comprises of misconduct under any applicable local or state law (18 USC § 1028(a)(7)) (Hill & Marion, 2016). The Act also enabled the Federal Trade Commission to monitor complaints and offer amenities to consumers whose identities were stolen. Failure to comply with the legislation usually results in a maximum sentence of 15 years’ imprisonment, criminal forfeiture of any personal possession used or intended to be used to commit the offense, and a fine (Hill & Marion, 2016).

According to the USA Department of Justice, plans to execute crimes of identity fraud also constitutes violating other statutes such as credit card fraud (18 USC § 1029), wire fraud (18 USC § 1343), mail fraud (18 USC § 1341), financial institution fraud (18 USC § 1344), identification fraud (18 USC § 1028), and computer fraud (18 USC § 1030) (Hill & Marion, 2016). All the federal offenses mentioned above have significant penalties that reach up to 30 years imprisonment, fines, and criminal forfeiture. Furthermore, federal investigative agencies such as the Federal Bureau of Investigation and the United States Postal Inspection Service collaborate with Federal prosecutors to take legal action against identity theft and fraud cases (Hill & Marion, 2016).

Identity theft statutes vary by state, although federal and state criminal regulations govern it (USLegal.com, 2020). The crime does not include falsifying identification to enter into adult business establishments or purchase tobacco or liquor. Information such as Social Security numbers, personal identification numbers (PIN), name, credit or debit card numbers, and date of birth, among others, are protected from misuse by identity theft statutes (USLegal.com, 2020) Hence, an individual who uses another person’s identity with the intent to engage in illegal activities of identity theft may be legally punished (USLegal.com, 2020). This explains why the defendants in the case scenarios provided above were found guilty by the court. However, punishment depends on the number of victims and the total combined loss experienced directly or indirectly by the victim(s) (USLegal.com, 2020). Thus, the defendants may have had different punishments.

Management Suggestions

Managers of companies should be consistent in updating and incorporating cybersecurity tools and techniques to prevent and control data breaches. Besides, all executive and low-level employees should have basic knowledge about cybersecurity tools and techniques in case of any detected fraudulent activities to protect its clients from identity theft cases (Shabani & Munir, 2020). Managers should encourage employees to be careful of the emails and websites they access while at work to prevent data from being breached. For instance, identity thieves can easily steal client information if an employee opens an unsecured email or website due to the lack of knowledge in such regard (Shabani & Munir, 2020). As a result, clients’ data recorded by the hospitality company, such as credit card information and personal details, can be stolen, causing a big disaster for the company. Furthermore, hospitality managers should inform their subordinates not to hand out any sensitive information about their clients and educate them on the repercussions of doing so (Shabani & Munir, 2020). Managers should also establish security measures that restrict access to sensitive files and ensure safe credit card transactions.

Management should also provide secured Wi-Fi instead of unsecured Wi-Fi. The latter is highly liable to attacks from fraudsters. Most hospitality businesses, such as restaurants and coffee shops nowadays provide free Wi-Fi for their customers, which can be accessed in every area in the facilities. The free accessible Wi-Fi enables hackers to monitor clients’ traffic on the Wi-Fi and use it to access the clients’ personal data (Shabani & Munir, 2020). The hackers can also take advantage of the unsecured Wi-Fi to trick customers with malicious “updates” for widely-known software, such as Flash Player, so that they undoubtedly click on the updates that contain malware (Shabani & Munir, 2020). The hackers then use the opportunity to acquire the customers’ passwords, full names, and other vital information from their technological devices. Managers’ negligence to update an organization’s systems makes it easy for hackers to obtain access, mainly since they use ancient programs to acquire confidential information from hospitality businesses.

Fake booking is the most common way hackers acquire guest information in the hospitality industry (Shabani & Munir, 2020). The attackers create a phony website with features of the main hotel’s website that consumers access when booking hotel rooms. When the guests access the phishing websites, identity thieves use the opportunity to collect their personal and financial information. Hotel managers should encourage face-to-face check-ins with the provision of identification documents instead of online check-ins to reduce cases of fraudulent bookings. Identity thieves usually use stolen credit card information to rent hotel rooms; hence, face-to-face check-ins will reduce such crimes. In addition to face-to-face check-ins, hotels can encourage their clients to confirm their identity by using fingerprints to avoid identity theft. This can facilitate this by updating their systems to require their clients and customers to use the feature when accessing their accounts with the business. Besides, hotels can acquire fingerprints of their regular clients to reduce the long process of providing identification documents each time they visit the hotel and store them in their database.

Hospitality companies can also use a web application firewall (WAF) to prevent data breach attacks. The firewall prevents attacks coming from web security flaws, such as security misconfigurations, SQL injections, and buffer overflow by filtering the content of specific web applications (Clincy & Shahriar, 2018). WAF also prevents data theft by detecting and blocking the credit card database when attackers access it (Clincy & Shahriar, 2018). Hotel managers can also secure client data by employing digital certificates since they help provide non-repudiation security service by binding a message to the sender. Digital certificates can also be used by other businesses in the hospitality industry to curb identity fraud since they help to establish the truth by challenging false claims (Clincy & Shahriar, 2018). Businesses can also use digital certificates to ensure the authenticity of their websites to customers. Besides, according to Hathaway et al. (2012), individuals and organizations can curb identity theft by implementing and enforcing cyber-attack laws.

As much as organizations implement measures to prevent the identity theft of their clients, the clients should also be vigilant in protecting themselves. Customers should be careful of the links and updates they click when using public Wi-Fi to prevent hackers from accessing their private information. They should also secure their technological devices with passwords at all times to prevent fraudulent activities. They should also check their bank statements often to keep track of their credit card activities and notify the authorities if there are any irregularities. They should also be careful about the sites they offer personal information and contacts because they might not be legitimate. Consumers should also be careful of the amount of data they post on social media since social media has made it easy for fraudsters to commit identity theft. Individuals’ information such as names, location, personal details, and contact info are available online, which is all the fraudsters need to commit identity theft. Conclusively, customers should secure their financial and banking details to prevent hackers from stealing them.

Introduction

This paper seeks to provide a brief history of some of the key concepts of innkeeper’s laws and as such there is no intent here to provide an exhaustive account of the history of innkeeper’s laws as this would require a much more robust study. The legal subjects affecting hoteliers in the year 2020 are multifaceted and each area has its own history and precedents. This essay is divided into three parts. The first part offers readers an abbreviated history of commercial lodging going back into antiquity and medieval England. This is important in order to help set the stage on why innkeeper’s laws were needed. The second part of the report focuses on the history of innkeeper’s laws which gained traction in Rome and then in post-Roman Britain and eventually migrated to the United States. The basic concept of the duty of care of guests and their possessions will be introduced to readers, a concept which still forms the backbone of innkeeper’s laws to this day. In the last section, several cases from the 1700’s to more recent times will be shared to provide some additional context of existing innkeeper’s laws.

Brief History of Innkeeping and the First Innkeeping Laws

Although it is not possible to determine a precise date when the first commercial lodging establishments appeared, the predecessor of future restaurants and inns, were likely the taverns in ancient Egypt that were popular places to socialize, drink, and eat, and perhaps even places to spend the night¹. Visiting Greeks described in vivid details some these gathering places where much flocking took place along the Nile. The Egyptians were certainly the inventors of beer and were some of the first to cultivate wine as well

Contemporaries to the ancient Egyptians were the Babylonians and there we see the first written instance of innkeeper’s laws, albeit on the food and beverage side. In the Codes of Hammurabi circa 2,000 B.C., inscribed are regulations on the proper management of taverns and inns and strict penalties for the proper preparation of beer.

The popularity of these types of taverns and precursors to inns gained even more traction in Ancient Greece and in Homer’s The Odyssey we first learn in some detail the concept of the lesches (also referred to as leschai), which in Ionic Greek, describes a place where various types of merchants and other tradesmen relaxed and socialized. These places were akin to social clubs and also served as a resting place for travelers and poor people that needed shelter¹. Although these were not inns per se, they were a prelude to future types of businesses which soon evolved into taverns that also provided lodging. Still, the concept of hospitality, irrespective of any commercial enterprise, was a deep-rooted concept in the culture of Ancient Greece. Philoxenia, in ancient Greek signifies acting as a “friend to a stranger” and this concept of being friendly and hosting of strangers was especially important culturally and persists to this day.³ As travel became more common even during the Hellenic Age, providing shelter to strangers in their own home was considered an honorable act and this concept is not foreign to us in modern times.

Having said that, commercial lodging establishments up across Ancient Greece as travel and commerce between city-states intensified. Pandokos Xenostasis was an inn where only guests found lodging, and the phatne or stathmos were dwellings where humans and animals slept in the same place³. Thus, it is in Greece that we may have seen the first commercial inns, but it was not until the Romans conquered much known world at the time that inns became commonplace. However, it is important to note that these establishments were mostly frequented by the lower classes and merchants, and rarely did upper classes or nobility frequent them unless they were on the road and an official imperial lodging was not available.

Overall, Inns and taverns had terrible reputations, and perhaps worst of all was that of the innkeeper. To put it mildly, the concept of a responsible duty of care did not come about for centuries later. Most Inns at the time were notoriously dirty and disease-prone, and furthermore dangerous places where one could either be mugged and killed⁴. As a result, it was in Rome’s bureaucratic world that we see some of the first laws specifically aimed at innkeepers that deal with the care of the guest or their goods. Roman law dictated that innkeepers could refuse to host whom they chose to with the practical reason being that they could be held liable to secure a guest’s possessions and if something happened to those possessions, the innkeeper would have to reimburse those possessions at twice the original value. Thus, innkeepers had to be weary of whom to host for the night as they could be victims of fraud themselves.

Although Ancient Greece and Rome get most of the credit to be forerunners of the inns of the middle ages in Europe, it is important to note that various types of inns were popping all over the world in Asia and the Middle East that predate some of the lodging in Rome

The Medieval English Inn and Beaubeck V. Waltham

Inns were common throughout Europe in the Middle Ages. In the 1300s in Florence, Italy, for example, we find the first innkeeper’s guild. However, it was in Medieval England that we see the development of some of the first innkeeper’s laws that would eventually make their way across the Atlantic to us. According to the Merriam-Webster Dictionary, the word “inn” refers to “an establishment for the lodging and entertainment of travelers” and the lexicology is from the Middle English and Norse signifying a “dwelling” ⁶ These inns were commonly found by the side of the roads throughout the countryside, but also could be found in London. The closest thing we have in modern times to a medieval inn are bed and breakfast establishments. As previously established and it was also the case at the time in England, the primary reason for the establishment of inns was to provide shelter for the night for travelers traveling long distances by foot or horse and especially as travel conditions were difficult and dangerous, especially at night, where travelers risked their lives as they could be robbed and killed. Medieval inns were still comparatively humble establishments and certainly comfort and privacy were not the main priorities. Rather, shelter, warmth, food, and safety were the priorities. Travelers often had to share their rooms and beds with total strangers. In Chaucer’s Canterbury Tales, he describes with some delight the occurrences at the Tabard Inn which housed both humans and their animals on their journey.

The Tabard’s innkeeper, Herry Bailly, was described as a gracious host and his inn as an incredible gathering place for all kinds of people across social classes and although the inn itself no longer exists, the description of the inn is similar to other contemporary accounts of inns in Medieval England⁷. It is during these medieval times in England that we begin to see a clear distinction emerge between taverns and inns. Taverns emerged as establishments mostly for locals to drink and eat and rarely offered an overnight shelter and in fact, after a certain time of night turned out these guests into the street.

On the other hand, in English public houses, or inns, which evolved from private homes, were created specifically to shelter wary and vulnerable travelers and therefore it became understood that the duties of the innkeeper were vastly different than those of a tavern. It is precisely this understanding of the vital responsibility of the innkeeper that we see emerging the first laws in England which would form the pillars of innkeeper’s laws. This heavy burden of having to protect guests and their goods from dangers from the outside of the premises and within is what turned innkeeping into a public calling.

In 1345, William Beaubek brought a suit against John of Waltham, an innkeeper, with the complaint that his belongings were stolen from his room. The facts of the case were generally not in dispute and Beaubek did not recover his goods⁵. The importance of case was vital to the future of innkeeper’s laws because it helped establish a duty of care of the innkeeper for the guest’s goods when they are accepted by the innkeeper for safekeeping and they are aware of the location of the goods. The statement in the suit brought by Beaubeck which would resonate in the centuries to come is “”that every innkeeper is bound to answer to his guests for goods placed under his control.”  The case established a precedent for others to follow in the sense that the innkeeper can be held liable for the guest’s personal belonging when he accepts them into his care. Obviously “into his care” can have a number of meanings and this concept would be litigated throughout the years, but there a clear thread here from the year 1345 to the present whereas an innkeeper can be held liable for the loss of a guest’s items when they are placed in the hotel’s safe, for example.

It is in England and France in the 1750’s that we see the emergence of a new commercial lodging, the hotel, which was considered more sophisticated than an inn and provided more comfort and services⁸. The emergence of these types of accommodations which were being built in city centers as opposed to the side of the road or in small towns also differentiated them from the inns referenced in this essay thus far.

Inns and Hotels in the Americas and Early Innkeeper Court Cases

Some of the first inns in the pre-Revolutionary War period in the Americas were built in the New England and South Carolina areas and were quite similar to the ones in existence the country inns in Britain and were referenced as colonial inns⁶. Although the service and accommodations of these early colonial inns and taverns were sparce and uncomfortable, they improved rather quickly. Innkeepers were considered important leaders of their communities and this made sense since these inns and eventually hotels, were places where important people met and conducted their business.

Hotels soon emerged and were built in the 1760’s and 1770’s in New York, Boston, and other major cities. The industrial revolution both in United states saw an explosion of hotels and with this and increasing number of cases going to court especially in the 1800’s which reiterated some of the common law concepts regarding the duties of the innkeeper to guests and their property. In some of the cases as we shall see below, what constituted and inn, and innkeeper, and a hotel, were important to help settle negligence and even tax cases. Interestingly, US courts based a lot of their legal reasons as it related to innkeeper’s laws on English common law.

Three early cases worth mentioning here are Kisten V. Hildebrand^, Howth V. Franklin, and Cromwell V. Stephens. These cases were important because they helped define some basic terminology related to our inns and hotels which were later cited by other cases in the future. In the Kisten V. Hildebrand case from 1848 which made it to the Kentucky Supreme Court, the innkeeper was sued for negligence for the possessions of the guest which were stolen⁸. The outcome of the actual case (was remanded to the lower court for retrial) is less important than some of the key concepts imparted by Chief Justice Marshall. In his opinion, Marshall begins by defining what an innkeeper was: “A common inn keeper is defined to be a person who makes it his business to entertain travelers and passengers and provide lodging and necessaries for them and their horses and attendants.”⁸ Marshall is unequivocal in his opinion that innkeepers are indeed liable for the loss of the guest possessions while in his direct care and that this indeed because the profession of innkeeping serves an important public function and therefore the duty of care is higher than that of other business owners. Similarly, in 1858 case of Howth v. Franklin⁹ which was at heart a negligence case where the plaintiff was suing for recover for damages of a stolen horse and some other possessions. In the case, the issue of what exactly constituted a person being an innkeeper was important to help determine if the innkeeper’s liability. The court in Texas defined an innkeeper as “An innkeeper is one who holds himself out to the public as engaged in the business of keeping a house for the lodging and entertainment of travelers and passengers, their horses and attendants, for reasonable compensation.” Judge Roberts went on to say that being classified as an innkeeper was a “matter of law” in the sense that if the owner of the establishment comported himself as an innkeeper and frequently accepted travelers to his establishment and made this fact known to the public, then in fact, he should be classified as an innkeeper9. Last, in the 1867 Cromwell V. Stephens Case¹⁰, at issue was whether a building should be classified as hotel or boarding house for tax purposes as the plaintiff did not want to pay the higher taxes associated with the purchases of the property if classified as a hotel. This afforded the court an opportunity to define at length what a hotel is and this definition is similar to the one previously provided earlier in the essay. The case was important as it set some parameters under the law of what constitutes a hotel versus other forms of lodging.

Selected Innkeeper’s Law Cases

In this last section, six historical cases involving inns and hotels were selected as they are often cited cases in the law and the issues are ones that hoteliers still come across in the 21^st Century. The cases are arranged below in chronological order.

The first selected case is Elcox V. Hill¹¹, a US Supreme Court Case from the year 1878. In the facts of the case, the plaintiff, Elcox, who was traveling with some jewelry, checked into the defendant’s hotel in Chicago. A room was not available at the time of check-in, and as he needed to go out to run some errands, decided to leave his two bags, one of which contained jewelry worth $6,300, in the hotel’s coat check area with the attendant. Later on, the plaintiff returned collect his two bags when his room was ready for check-in. The jewelry had been stolen. Elcox sued the innkeeper, Hill, and the jury in the district found in favor of the defendant, but the Appeals Court in Northern Illinois found in favor of the plaintiff. The Supreme Court ruled concurred with the original jury and overturned the decision in favor of the defendant¹¹. On one hand, the court explained that if an innkeeper that knowingly accepts a guest’s valuables for safekeeping, then they would be rightfully be held liable for the loss of the items. However, in this case, the Court found that the plaintiff was negligent themselves because they did not choose to make use the hotel safe to store the jewelry as it was clearly noted on the registration form at the time of check-in. Furthermore, the hotel’s staff was not informed that the guest’s jewelry was inside the bags which were left at the coat check area. Thus, if the hotel did not know they were in possession of the valuables, they could not reasonably be held liable. Having worked in the hotel business for more than 25 years, I can definitely relate to this case. The hotel can not be help liable for these types of valuables when the guest should store them in the hotel safe.

In the case of Curtis V. Murphy¹², a guest checked into the hotel for illegal purposes and engaged in prostitution. Prior to the illegal acts, the guest gave some money for safekeeping to the hotel’s desk clerk which was subsequently stolen. The guest sued the innkeeper to recover the value of the stolen money. The Court decided that ordinarily the guest would be entitled to recover the money from the hotel based on the duty of care afforded to guests by innkeepers, but in this case, since the guest registered under false pretenses and engaged in illegal conduct, they were therefore no longer entitled to the guest/innkeeper relationship and thus the guest was judged not to be entitled to recovering the money he gave the hotel for safekeeping.

In the Nebraska 1905 case of Clancy V. Burke¹³, a guest’s child was injured by an employee’s gun which discharged by accident. This was an important case in furtherance of to the concept that innkeepers owe guests a high level of care while they are on the premises of the hotel. The Court found that even though the injury was indeed an accident and that the child should not have been wandering about the hotel away from the parents, the hotel was still found to be liable as they owed the guest a higher level of safety¹³. This case was subsequently cited on numerous occasions in the future in innkeeper negligence cases.

The potential liability of a hotel in a case where the employee acts negligently was litigated in Lehnen V. E.J. Hines Co.¹⁴. In this horrifying case, as a result of some mishaps, a hotel employee insulted and physically assaulted a guest of a hotel in their room when they were under the mistaken belief that the guest was a trespasser and did not belong in the room¹⁴. Under normal circumstances, a hotel may not be held liable when their employee acts in gross negligence outside the scope of their duties, standard training, or normal job functions. However, in this seminal Kansas case, the Court did find the hotel liable for the employee’s grotesque conduct because at this time of the incident, the employee was acting on behalf of the hotel when they went up to the guest room to evict the supposed trespasser. Thus, although it is generally true that innkeeper is generally held liable for employee’s poor conduct such as theft or beating a guest up outside of the scope of their normal duties, the Lehnen V. E.J. Hines case demonstrates that there are instances clearly where Courts will hold the innkeeper liable for their team’s poor conduct.

In the 1915 US Supreme Court Case of Miller V. Strahl¹⁵, the safety of the guest and the innkeeper’s duty to ensure they are safe when they are under their case was the central matter. In this case, a guest was injured when they were evacuating a hotel that was on fire. The Court found that even though the hotel did not cause the fire per se and not negligent per for the fire occurring, the hotel was nonetheless liable for the injuries sustained by the guest because it was found they did not do everything they could to evacuate the guest safely without injury. In the case, apparently, two hours passed between the time the fire was discovered by a hotel employee and the time the guest awoke (on their own) and tried to evacuate the hotel¹⁵. The hotel’s duty of care especially towards guest safety is delved into by the Court and this case once more affirms the innkeeper’s quasi virtual sacred duty to the safety and well being of their guests. This case brings to mind all of the procedures a modern hotel has to follow (alarms, fire detectors, fire drills, speakers in guest hallways, automated calls to guest rooms, fire exit signs on the back of guest room doors, etc) in order to ensure the safety of their guests in case of a hotel fire.

The last case we will examine for this paper is the case of Hoffa V. United States. In the case, the renowned teamster’s union boss, Jimmy Hoffa, was confiding some illegal acts (the bribing of a juror among other illegal acts) he committed to his associate while in his guest room. It later turned out that this associate was an informant and Mr. Hoffa was arrested based on the evidence provided by the informant¹⁶. Mr. Hoffa contested the charges and demanded to be released under the contention that these 4^th Amendment rights were violated. The 4^th Amendment protects a person’s right to privacy in their home and prevents the government’s unreasonable search and seizure of their home or items in their home without probable cause or a legal warrant¹⁷. So, in most cases, a hotel guest room, which is considered the guests, home away from home, would protect a guest’s 4^th Amendment right insofar as his privacy is concerned and the government would need to present a warrant in order to search the room and legally obtain said information from the guest. However, in this case, the Court ruled that at issue was not really Mr. Hoffa’s 4^th Amendment and instead his poor decision and confide in someone that turned out to be a government informant. The Court visited the topic of guest privacy in the case and the 4^th Amendment and the Supreme Court did affirm the guest room would constitute a valid substitute of a person’s home, thus respecting the guest’s privacy while they are in the guest room insofar as the government is concerned. Other cases deal with the reasonable access that innkeepers must have to the guest room during the guest stay while being mindful of their privacy, but this case demonstrates that if the guest is committing or confessing to illegal acts, that an argument against government intrusion could fall flat.

Conclusions

Innkeeper’s laws are varied as they are old. The subjects not covered in this report range from real estate law, discrimination laws, food and beverage statutes, and many, many more areas of the law. The seminal work by Dr. John H. Sherry in the Innkeeper’s Laws, then revised by his son, John E.H. Sherry provides a good introduction (up to 1981) to all of the different types of areas of the law which can affect a hospitality manager. Having said, the goal as stated previously was to provide a brief introduction and to focus mostly on the innkeeper’s duty of care which forms the foundation of law on this subject. In particular, understanding the innkeeper’s duties of care and when they do apply and when they do not, which may seem instinctive to a good hotelier, is worth understanding in more detail. In a way, there is a long straight line from Roman and Babylonian times to the Middle Ages and finally to the 21^st Century where Courts (real-life) where this duty to care for strangers and take care of them is as relevant to day as it was over thousands of years ago. Some of the key concepts insofar as the law have of course evolved as hospitality products and services have become more varied and sophisticated, but at the root of it all, remains the fundamentals of the innkeeping taking care of people when they are away from home.

One of the most popular USA trends in the Food Industry currently is Non-GMO and Organic Foods. These production techniques and food items are spreading rapidly, not only in the retail markets but also in food service areas. This trend is expanding the customer’s desire to have healthier options to eat, with few ingredients and any items that are considered not natural. There are many guidelines to be followed by the USDA and Federal government to properly sell products as Organic or Non-GMO.

Background on Organic and GMO Food Products

When companies are growing and/or selling Organic products, there is a process they must follow according to federal guidelines. There are many different factors for considering something “organic”. This includes soil quantity, animal raising practices, pest and weed control, and of course the use of additives. Organic producers always rely on using natural substances and physical, mechanical, or biologically based farming methods to the most full extent. Produce can be considered organic if it is certified to have grown on soil that has had no prohibited chemicals or substances applied for three years prior to the harvest. Organic meat regulations require that animals are raised in living conditions that allow their natural behaviors, fed has to be 100% organic, and they cannot be administered antibiotics or hormones.

GMO stands for Genetically Modified Organisms. These are living organisms whose genetic material has been artificially manipulated in a laboratory through genetic engineering. Some concerns overeating foods with GMO are nutritional content, allergic response, side effects of toxicity, organ damage, or gene transfer. Scientifically in the United States, it has been proven that GMO food items do not have a negative effect on the body, but the chemicals can cause an issue for the environment. Non-GMO foods are considered to be more eco-friendly. It has become more of a personal preference that people do not like eating foods that have been genetically modified. They do not feel the need to add extra products into their bodies that they have not added before.

The Organic and non-GMO food market is projected to accelerate over 17% in the upcoming years. Companies are planning on producing more items like non- GMO cereals, liquor, meat, poultry, bakery products, and edible oils. The market is expanding and is expected to see in over 30% of North America due to the competitive market. With schools feeling that GMO based foods are not healthy for children, they are even offering food items that are NON-GMO. A lot of schools and parents label GMO with junk food or decreased nutritional value, so they feel it is better for the students to ban the use of GMO products and junk food, and offer all natural or organic healthy options.

GRAHAM FORSHER, Plaintiff, v. THE J.M. SMUCKER CO., Defendant.

The Plaintiff decided to peruse a class action against the company Smucker because they labeled a peanut butter spread as “all natural”, even though the product contained items that were not “natural”. Natural items are described as products that only contain items derived from ingredients that are not bioengineered or genetically modified. In this case the label on the peanut butter states the products “may contain sugar derived from bioengineered or GMO (genetically modified) beets.” Which can be very confusing for customers when the front label states the product is all natural. The case was dismissed due to the FDA noting that “the new techniques are extensions at the molecular level of traditional methods and will be used to achieve the same goals as pursued with traditional plant breeding”. The beets did contain GMO products but when testing was done, it did not meet the standard of detectable genetic material, therefore it could still be considered natural peanutbutter.

Quesada v. Herb Thyme Farms, Inc., 62 Cal. 4th 298

Quesada filed a class action Lawsuit against Herb Thyme Farms because, they were selling their herb products under an organic label that violated the state consumer protection laws. Indeed, the item they were selling was not actually kept under “organic” circumstances. There are many USDA guidelines to follow if a company is going to sell their products as organic. The federal guidelines include, soil quality, animal raising practices, pest and weed control, and use of additives. Organic Producers rely solely on natural substances and physical, mechanical, or biologically based farming methods to the fullest extent Possible. The case was preempted. Herb Thyme Farms did keep their organic herbs grown separately from their non-organic products, until it came to packaging. During the packaging process everything was brought into one area. The judge felt that it didn’t completely violate the organic food policy but it did indeed limit state organic certification programs. They did tell Herb Thyme Farms that they indeed needed to perform uniform national standard packaging procedures.

Management Suggestions

From the management standpoint there are a lot of things that can be done when selling products that are considered Organic or Non-GMO. Organic products cannot be cooked or prepared in the same un-sanitized work area. If it is, it’s considered contaminated and no longer organic. It would be a very important precaution to take and ensure all cooks, chefs and employees know that standard. Chefs will have to make sure that all products are properly labeled, stored, and cooked in the certified manner of the FDA. If managing a growing or packaging company, that rule would still apply, so when producing or labeling the products, they must not be contaminated with non-organic products.

Introduction

This paper examines the legal issues and how they influence the future prospects for investors in Cuba’s hospitality business. As discussed in the essay, investors wishing to carry out operations in Cuba must consider the relevant issues that relate to at least four critical areas including finance, personnel, government partnership, and dispute resolution. This study highlights the legal issues that could potentially shape the future of the hotel industry in the country by drawing from two major sources. Most of the other resources used in the research are recent – not older than 5 years – and have a direct relation to the current topic of interest.

This note is organized in a way that it tackles a number of key issues specific to the hospitality industry by analyzing the opportunities and growth prospects to provide a general outlook of the Cuban hospitality business environment. From there, the obstacles and challenges in the industry are discussed in brief after which the paper analyzes the legal issues in the industry from the laws and governance issues that need resolution, to the codes and regulations. In this way, it is possible to make recommendations on holistically addressing the future growth opportunities that stand to result from the lifting of the embargo and ending the isolation, in a manner that is both fruitful and effective for the two countries and the international market.

Historical Background

The history of trade between Cuba and the United States dates back to long in the pre-1960 when the United States held major interests in Cuba. However, with the emergence of the Cold War, the Red Scare, and America’s general disregard for communism, this relationship was strained and eventually severed when the United States imposed the trade embargo on Cuba. The embargo and isolation between the two nations were mainly spurred by Cuba’s alliance with the then USSR and other communist countries and events such as the Cuban Missile Crisis. Since then, the two countries have largely remained isolated, the negligible geographical distance between them notwithstanding. In 2015, however, United States President Barrack Obama and Cuban President Raul Castro re-opened diplomatic relations. America still maintains its economic, commercial, and financial embargo. Such restrictions have continued to inhibit free political, economic, and cultural interaction between the two countries.

But while the United States has maintained the blockade with Cuba for over 50 years, the rest of the world continued to interact freely with the country, yet the once vibrant hospitality industry dwindled. The hospitality industry is hailed as one of the industries with the most potential for uplifting and upholding Cuba’s economy. The industry also holds the largest upside for private sector investors looking to tap into the full potential of the business. Determining the legal issues that the hospitality industry faces and analyzing them in the context of their potential impact for the future of the business are fundamental in providing parties involved with insight into the potential future economic benefits for both Cuba, America, and the international markets². The legal frameworks and subsequent challenges for the industry are deeply embedded in the historically tumultuous relations between the two countries.

In hindsight, many authors have provided roadmaps on the possible ways in which the normal relationship between the two nations can be resumed even before the diplomatic changes took effect. These recommendations have also incorporated possible frameworks for building bridges, especially in the Cuban tourism industry. Needless to say, the prospects of the renewed diplomatic relations between the two countries will do little to cushion the hurdles for foreign hospitality and tourism businesses looking to tap into the Cuban market.

Hospitality and Tourism Industry Outlook: Growth and Opportunities

In part, Cuba’s potential for growth can be attributed to the fact that the country is still in the early stages of exploration and development. The country has focused on developing foreign investment and its tourism industry since the 1990s. Currently, tourism is the country’s largest foreign exchange earner after the export of technical and professional services. In 2013, Cuba earned an excess of 1.8 billion CUC from both the domestic and international tourism industry. The country’s hotels and private accommodations (known as casas particulares) offer a wide variety of facilities ranging from pools, hot tubs, spas, dining to massage services, and private chauffeurs. There have been plans to increase the hotel capacity by creating up to 78,000 rooms by 2020. In an attempt to attract more tourists, the country has been diversifying its appeal to various markets. For instance, six golf courses were constructed in an effort to bring in more U.S visitors, high-income tourists from Japan and China, and boost the spending by regular visitors.

The Chamber of Commerce has attempted to appeal to more foreign investors by offering joint venture projects in the past. Melia Hotels International which is a Spanish hotel chain is the largest in the country. The hotel lists 28 Cuban properties owned by either the government or Cuba has lots of opportunities for hospitality with a growing tourism demand. The country is the third most popular tourist destination in the Caribbean after the Dominican Republic and Puerto Rico. The prospective opening of the United States market could lead to significant growth for the hospitality and tourism industry in Cuba. Regardless of the embargo, it remains to be seen whether U.S companies will successfully set up and operate within the legally and politically inhibitive framework of the Cuban market. It is however safe to say that as long as the relationship is built on a foundation of mutual economic benefit, the Cuban legislative framework will evolve to accommodate the new businesses for economic prosperity.

Similarly, the enthusiasm by American businesses and professionals to re-enter the Cuban market will significantly prop development in the country when the opportunity comes. In the same manner, Cuba has a highly literate and educated population that is both enterprising and accommodating to new opportunities. Altogether, these factors play a major role in posing Cuba as a hub of opportunities for the hospitality industry with an enormous potential for future growth and development.

Challenges and Legal Issues

Despite Cuba’s outstanding potential, a majority of foreign companies seeking to do business in the country are still confronted with five major challenges. These challenges include the dual currency system; Cuba’s credit situation; the rampant corruption among the Cuban government officials; infrastructure; and government regulations. Government regulations as a challenge is a broad area and will form the basis of the legal issues as it is closely related to the Foreign Investment Law No. 118; which in turn relates to all the five challenges in the Cuban business environment.

To begin with, Cuba currently operates two different types of currencies in its monetary system: the Cuban Convertible peso (CUC) and the Cuban peso (CUP or Peso).⁵ This system has been criticized as being inefficient and divisive and will likely trouble corporations looking to invest the same way it is both confusing and frustrating to tourists. Secondly, Cuba’s credit crisis and its poor loan system have resulted from its ban from the International Monetary Fund (IMF), World Bank, and Inter-America Bank due to the embargo. The poor structuring of the system has led to transactions being carried out mostly in cash, making it worrisome for foreign investors. The lack of security in the international banking market has deterred foreign investors from conducting business in Cuba.

Thirdly, Cuba, like Brazil, Russia, India, and China (BRIC), has a strong and far-reaching grasp on all industries in the country. BRIC countries are among the most corrupt in the world and Cuba is no stranger to issues of bribery and corruption in the whole government. This situation has kept investors at bay and the prospect of working with state-owned enterprises (SOE) would frustrate foreigners looking for investment opportunities especially in the hospitality industry. Lastly, thriving infrastructure is fundamental to the success of any hospitality industry and Cuba’s infrastructure is dated and decaying. There is a serious need for improvement for tourism and investment to expand into the hinterlands, which will also ensure wealth is distributed throughout the country. Critical areas that will need upgrades include airports, roads, buildings, telecommunications, and internet access.

Cuba has long ranked as one of the world’s most repressive environments for information and communication technologies (ICTs). High prices, exceptionally slow connectivity, and extensive government regulation have resulted in a pronounced lack of access to applications and services other than email. Most users can access only a government-controlled intranet rather than the global internet, with hourly connection costs amounting to 10 percent of the minimum monthly wage. The Cuban government has made commendable steps in expanding the opportunity for international corporations looking to invest in the country through the passage of Foreign Investment Law 118 (hereinafter Law 118). Although the Cuban government has taken several measures to integrate into the current international market, there are several hurdles that still hinder the full success of these efforts. Nowhere is this more evident than in the hospitality industry. The hold that the government has on private institutions is a major and the sector as a whole is the cause of concern. As it is presently constituted, a Cuban citizen is not permitted to start a corporation and as such, any foreign investor looking to do business in the country has to almost deal exclusively with the government. Law 118 permits for three business models namely: joint ventures; international economic association agreements; or capital companies that are completely foreign.

While this law does not in any way explicitly state that hotels will only have the option of international economic association agreements as an avenue of entry, it is the only clause of the three agreeable models that contain the terms “Hotel” and “Service Management.” This particular model is primarily targeted towards improving the general quality of the service industry by allowing internationally acclaimed institutions to expand into the local market. Consequently, this arrangement helps the country to create a name for itself in the international hospitality markets.⁹ In the agreement, the foreign investor acts as a representative of the national investor in the global market.

Pertinent to Law 118, as opposed to sharing profits, foreign investors shall be paid depending on the manner in which they perform. All terms considered including the management agreement, the relationship between the national and foreign investor is seemingly that of a principle and agent respectively. This arrangement is not particularly favorable for foreign investors who would under normal circumstances prefer to have total control and operation/management rights over their businesses. While this model has its fair share of drawbacks, it is clearly the model of choice for investors presently operating in Cuba. Notably, investors that choose this model are accorded several tax exemptions compared to those that operate using the totally foreign capital institution. Even as the prospects of the possible entry of American investors into the Cuban market are increasingly clear, there is a general fear from local people over possible cultural erosion from these foreigners.

Foreign investors entering the Cuban market also have to contend with the strong labor force and the government’s control of the labor. A corporation set up in the country, more particularly the hospitality industry, would not only have to contend with the dual currency issue but also have no autonomy over the hiring, firing, and compensation of its employees. The system curtails the existence of a proper employer-employee relationship from the very onset, which could affect productivity and employee contentment. New corporations will have to deal with a unionized workforce, making it impracticable for American hospitality corporations to hire American nationals to work in Cuba. Besides the cost implications, the primal reason why this arrangement would not work is that the Cuban law requires that foreign business have a direct and positive impact on Cuba and its nationals.

Another significant consideration in the Law 118 is the tax considerations. As compared to law 77, Law 118 completely eliminates the labor tax requirement. The old tax law required investors to part with a 11% and an additional 14% for Social Security contributions, bringing the total labor force tax to a combined 25%. The revocation of the tax is more so beneficial to potential investors in the tourism and hospitality industry which employs about 63% pf the total labor force. Similarly, foreign investors are exempted from paying income tax on their net profits under Law 118’s Article 35. This should be a generous attraction for foreign investors entering the country’s hospitality industry as it allows the corporations to receive all their earnings and dividends which would otherwise be reduced by tax. The income tax exemption should be an attractive offer to expediate and multiply investment in the country if the investors can overcome the current fear and insecurity of doing business in Cuba. In the same manner, Law 118 sets the profits tax of net profits at 15%, which is a 50% reduction from the previously existing regulation. This is in addition to a an initial eight-year exemption period. These provisions combine to present a better return on investment for hoteliers and other service providers in the industry.

In a nutshell, although Cuba has a great potential for future growth in the hospitality industry, its is not possible to immediately gauge the probability of success. The opacity of the country’s economy and political atmosphere makes it difficult to assess success or failure of its foreign investments. However, Melia Hotels International serves as a prospective yardstick of successful foreign corporation in the country with four brands operating under joint ventures and international economic association agreements. In an example of foreign companies running into legal headwinds in Cuba, a suit filed before a U.S labor court alleged abuses in a Cuban shipping and repair company where three Cuban laborers were allegedly forced to work virtual slaves with tedious tasks in the shipyard.¹⁷ The defendant was a foreign company that was operating in Cuba through a contract with the government. Another case of a foreign business gone bad was with Tokmakjian Group, a Canadian company that deals in transportation services and engine repairs. The foreign entity was convicted in a Cuban court on accounts of corruption resulting in jail terms for its top management.

Conclusion

Tourism and hospitality industry opportunities are vital to the improvement of Cuba’s economy and its relationship with America. The hospitality industry in particular is the most critical area in bringing Cuba back into the worldwide business community and developing the nation. Notwithstanding the numerous issues to be resolved, it is obvious that Cuba offers extraordinary potential for future development of global hospitality and the travel industry organizations. Foreign investors must, notwithstanding, think about the legal issues for organizations and determine whether the conditions set by the Cuban government are favorable for their setting and operation. It is envisioned that business regulations will advance as private investors negotiate agreements to give an alluring economic turn of events, however, there is currently no history of steady business development in Cuba. Some of the legal establishments such as the tax provisions in Law 118 are favorable for future growth prospects.

U.S. organizations who wish to do business in Cuba have drastically expanded their activities since the ongoing relations by the two nations’ heads toward setting up normalized relations. Meetings between invested individuals are regular, including lawyers, agents, and developers, in spite of the fact that there is a lack of such private meetings in Cuba. Possibilities for participating in the hospitality and tourism industry businesses in Cuba keep on improving, however, the result is not yet clear. There is a great deal of limitations most of which are based on the legal frameworks that will hamper the hospitality industry from realizing its maximum potential in Cuba. America needs to venture out progressively in restoring the relationship and permitting the hotel businesses the capacity to work in Cuba. Many restrictions have to be relaxed and sanctions lifted through executive order. Ultimately, there is both extraordinary potential and serious pitfalls for entrepreneurs willing to take the risk.