Expedia 2012 Annual Report Download - page 31

Download and view the complete annual report

Please find page 31 of the 2012 Expedia annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 136

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136

We process, store and use personal information and other data, which subjects us to risks stemming
from possible failure to comply with governmental regulation and other legal obligations and potential
liability related to security breaches.
We may acquire personal or confidential information from users of our websites and mobile applications.
There are numerous laws regarding privacy and the storing, sharing, use, processing, disclosure and protection of
personal information and other consumer data, the scope of which are changing, subject to differing
interpretations, and may be inconsistent between countries or conflict with other rules. We strive to comply with
all applicable laws, policies, legal obligations and industry codes of conduct relating to privacy and data
protection. It is possible, however, that these obligations may be interpreted and applied in a manner that is
inconsistent from one jurisdiction to another and may conflict with other rules or the practices of the companies.
Any failure or perceived failure by us, or our service providers, to comply with the privacy policies, privacy-
related obligations to users or other third parties, or privacy related legal obligations, or any compromise of
security that results in the unauthorized release or transfer of personally identifiable information or other user
data, may result in governmental enforcement actions, litigation or public statements against the company by
consumer advocacy groups or others and could cause our customers and members to lose trust in the company,
which could have an adverse effect on our business.
The regulatory framework for privacy issues worldwide is currently in flux and is likely to remain so for the
foreseeable future. Practices regarding the collection, use, storage, transmission and security of personal
information by companies operating over the internet have recently come under increased public scrutiny. The
U.S. Congress and federal agencies, including the Federal Trade Commission and the Department of Commerce,
are reviewing the need for greater regulation for the collection and use of information concerning consumer
behavior on the internet, including regulation aimed at restricting certain targeted advertising practices. U.S.
courts are also considering the applicability of existing federal and state statutes, including computer trespass and
wiretapping laws, to the collection and exchange of information online. In addition, the European Union is in the
process of proposing reforms to its existing data protection legal framework, which may result in a greater
compliance burden for companies, including Expedia, with users in Europe and increased costs of compliance.
Potential security breaches to our systems or the systems of our service providers, whether resulting from
internal or external sources, could significantly harm our business. There can be no guarantee that our existing
security measures will prevent all possible security breaches or attacks. A party, whether internal or external, that
is able to circumvent our security systems could misappropriate user information or proprietary information or
cause significant interruptions in our operations. In the past, we have experienced “denial-of-service” type
attacks on our systems that have made portions of our websites unavailable for short periods of time as well as
unauthorized access of our systems and data. We may need to expend significant resources to protect against
security breaches or to address problems caused by breaches, and reductions in website availability could cause a
loss of substantial business volume during the occurrence of any such incident. Because the techniques used to
sabotage security change frequently, often are not recognized until launched against a target and may originate
from less regulated and remote areas around the world, we may be unable to proactively address these techniques
or to implement adequate preventive measures. Security breaches could result in negative publicity, damage to
reputation, exposure to risk of loss or litigation and possible liability due to regulatory penalties and sanctions.
Security breaches could also cause travelers and potential users to lose confidence in our security, which would
have a negative effect on the value of our brands. Failure to adequately protect against attacks or intrusions,
whether for their own systems or systems of vendors, could expose us to security breaches that could have an
adverse impact on financial performance.
Acquisitions and investments could result in operating and financial difficulties.
We have acquired or invested in a number of businesses in the past, and our future growth may depend, in
part, on future acquisitions and investments, any of which could be material to our financial condition and results
of operations. Certain financial and operational risks related to acquisitions and investments that may have a
material impact on our business are:
25