In December 2012, the DePaul Business & Commercial Law Journal published an article, “Private Ordering in Light of the Law: Achieving Consumer Protection through Payment Card Security Measures.”  The article examines the need for government intervention in payment card security or whether market solutions and private payment card security regimes, such as the PCI Data Security Standards (DSS), are sufficient.  Based on the findings in the article, the Hospitality Industry should strive to maintain a high level of payment card industry compliance, while also monitoring the potential for government regulation.

 The article recognizes that government actors struggle with the ongoing need to address changing technology within an industry, such as new technologies within the hospitality industry.  New threats and emerging vulnerabilities continue to surface as the capabilities of criminals advance to circumvent security measures.  The PCI Data Security Council is currently charged with the task of promulgating standards that take into account this technological dynamism.  However, hoteliers should respond with a similarly dynamic PCI compliance program to address threats to hospitality technology.  Hoteliers are well advised to include in such a program custom learning solutions, such as PCI compliance training modules and similar training on best practices for using hospitality technology.

Link: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2188511