Technology, Information Protection, and Privacy Risks

A failure to keep pace with developments in technology could impair our operations or competitive position. The lodging industry continues to demand the use of sophisticated technology and systems, including those used for our reservation, revenue management and property management systems, our Marriott Rewards and The Ritz-Carlton Rewards programs, and technologies we make available to our guests. These technologies and systems must be refined, updated, and/or replaced with more advanced systems on a regular basis. If we are unable to do so as quickly as our competitors or within budgeted costs and time frames, our business could suffer. We also may not achieve the benefits that we anticipate from any new technology or system, and a failure to do so could result in higher than anticipated costs or could impair our operating results.

An increase in the use of third-party Internet services to book online hotel reservations could adversely impact our business. Some of our hotel rooms are booked through Internet travel intermediaries such as Expedia.com^®, Travelocity.com^®, and Orbitz.com^®, as well as lesser-known online travel service providers. These intermediaries initially focused on leisure travel, but now also provide offerings for corporate travel and group meetings. Although Marriott’s Look No Further^® Best Rate Guarantee has greatly reduced the ability of intermediaries to undercut the published rates at our hotels, intermediaries continue to use a variety of aggressive online marketing methods to attract customers, including the purchase, by certain companies, of trademarked online keywords such as “Marriott” from Internet search engines such as Google^®, Bing^® and Yahoo^® to steer customers toward their websites (a practice currently being challenged by various trademark owners in federal court). Although Marriott has successfully limited these practices through contracts with key online intermediaries, the number of intermediaries and related companies that drive traffic to intermediaries’ websites is too large to permit us to eliminate this risk entirely. Our business and profitability could be harmed if online intermediaries succeed in significantly shifting loyalties from our lodging brands to their travel services, diverting bookings away from Marriott.com, or through their fees increasing the overall cost of Internet bookings for our hotels.

Failure to maintain the integrity of internal or customer data could result in faulty business decisions, operational inefficiencies, damage of reputation and/or subject us to costs, fines, or lawsuits. Our businesses require collection and retention of large volumes of internal and customer data, including credit card numbers and other personally identifiable information of our customers in various information systems that we maintain and in those maintained by third parties with whom we contract to provide services, including in areas such as human resources outsourcing, website hosting, and email marketing. We also maintain personally identifiable information about our employees. The integrity and protection of that customer, employee, and company data is critical to us. If that data is inaccurate or incomplete, we could make faulty decisions. Our customers and employees also have a high expectation that we and our service providers will adequately protect their personal information. The regulatory environment as well as the requirements imposed on us by the payment card industry surrounding information, security and privacy is also increasingly demanding, in both the United States and other jurisdictions in which we operate. Our systems may be unable to satisfy changing regulatory and payment card industry requirements and employee and customer expectations, or may require significant additional investments or time in order to do so. Our information systems and records, including those we maintain with our service providers, may be subject to security breaches, system failures, viruses, operator error or inadvertent releases of data. A significant theft, loss, or fraudulent use of customer, employee, or company data maintained by us or by a service provider could adversely impact our reputation and could result in remedial and other expenses, fines, or litigation. A breach in the security of our information systems or those of our service providers could lead to an interruption in the operation of our systems, resulting in operational inefficiencies and a loss of profits.

Early in 2011, we were notified by Epsilon, a marketing vendor used by the Company to manage customer emails, that an unauthorized third party gained access to a number of Epsilon’s accounts including the Company’s email list. Epsilon has stated that the unauthorized person(s) had access only to names and email addresses of the Company’s customers and did not have access to other customer information, such as physical addresses, loyalty program point balances, account logins and passwords, credit card information or other personal data. We have informed our affected customers of the breach and that it may result in receiving unsolicited emails.

Changes in privacy law could adversely affect our ability to market our products effectively. We rely on a variety of direct marketing techniques, including email marketing, online advertising, and postal mailings. Any further restrictions in laws such as the CANSPAM Act, and various U.S. state laws, or new federal laws, regarding marketing and solicitation or international data protection laws that govern these activities could adversely affect the continuing effectiveness of email, online advertising, and postal mailing techniques and could force further changes in our marketing strategy. If this occurs, we may not be able to develop adequate alternative marketing strategies, which could impact the amount and timing of our sales of certain products. We also obtain access to potential customers from travel service providers or other companies with whom we have substantial relationships and market to some individuals on these lists directly or by including our marketing message in the other company’s marketing materials. If access to these lists was prohibited or otherwise restricted, our ability to develop new customers and introduce them to our products could be impaired.

Next page  >