Priceline 2014 Annual Report Download - page 21

Download and view the complete annual report

Please find page 21 of the 2014 Priceline annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 160

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160

and adversely affect our ability to conduct our business, satisfy our commercial obligations or meet our public reporting requirements in a timely
fashion or at all. Security breaches could also result in negative publicity, damage our reputation, expose us to risk of loss or litigation and
possible liability, subject us to regulatory penalties and sanctions, or cause consumers to lose confidence in our security and choose to use the
services of our competitors, any of which would have a negative effect on the value of our brand, our market share and our results of operations.
Our insurance policies carry low coverage limits, and would likely not be adequate to reimburse us for losses caused by security breaches.
We also face risks associated with security breaches affecting third parties conducting business over the Internet. Consumers generally
are concerned with security and privacy on the Internet, and any publicized security problems could inhibit the growth of the Internet and
negatively affect consumers' willingness to provide private information or effect commercial transactions on the Internet generally, including
through our services. Some of our business is conducted with third party marketing affiliates, which may generate travel reservations through our
infrastructure or through other systems. Additionally, consumers using our services could be affected by security breaches at third parties such as
travel service providers, payroll providers, health plan providers, payment processors or global distribution systems ("GDSs") upon which we
rely. A security breach at any such third party marketing affiliate, travel service provider, GDS or other third party on which we rely could be
perceived by consumers as a security breach of our systems and in any event could result in negative publicity, damage our reputation, expose us
to risk of loss or litigation and possible liability and subject us to regulatory penalties and sanctions. In addition, such third parties may not
comply with applicable disclosure requirements, which could expose us to liability.
In our processing of travel transactions, we receive and store a large volume of personally identifiable data. This data is increasingly
subject to legislation and regulations in numerous jurisdictions around the world, including the European Union's Data Protection Directive and
variations and implementations of that directive in the member states of the European Union. In addition, the European Union is actively
considering a new General Data Protection Regulation designed to unify data protection with the European Union under a single law, which may
result in significantly greater compliance burdens for companies with users and operations in the European Union. Under the draft General Data
Protection Regulation fines of up to 100,000,000 Euros or up to 5% of the annual global turnover of the infringer could be imposed. This
government action is typically intended to protect the privacy of personal data that is collected, processed and transmitted in or from the
governing jurisdiction. In many cases, these laws apply not only to third-party transactions, but also to transfers of information between us and
our subsidiaries, including employee information. These laws continue to develop and may be inconsistent from jurisdiction to jurisdiction. Non-
compliance with these laws could result in penalties or significant legal liability. We could be adversely affected if legislation or regulations are
expanded to require changes in our business practices or if governing jurisdictions interpret or implement their legislation or regulations in ways
that negatively affect our business, results of operations or financial condition.
We are also subject to payment card association rules and obligations under our contracts with payment card processors. Under these
rules and obligations, if information is compromised, we could be liable to payment card issuers for associated expenses and penalties. In
addition, if we fail to follow payment card industry security standards, even if no customer information is compromised, we could incur
significant fines or experience a significant increase in payment card transaction costs.
System capacity constraints, system failures or "denial-of-service" or other attacks could harm our business.
We have experienced rapid growth in consumer traffic to our websites and through our mobile apps, the number of accommodations on
our extranets and the geographic breadth of our operations. If our systems cannot be expanded to cope with increased demand or fail to perform,
we could experience unanticipated disruptions in service, slower response times, decreased customer service and customer satisfaction and
delays in the introduction of new services, any of which could impair our reputation, damage our brands and materially and adversely affect our
results of operations. Further, as an online business, we are dependent on the Internet and maintaining connectivity between ourselves and
consumers, sources of Internet traffic, such as Google, and our travel service providers. As consumers increasingly turn to mobile devices, we
also become dependent on consumers' access to the Internet through mobile carriers and their systems. Disruptions in Internet access, whether
generally, in a specific market or otherwise, especially if widespread or prolonged, could materially adversely affect our business and results of
operations. While we do maintain redundant systems and hosting services, it is possible that we could experience an interruption in our business,
and we do not carry business interruption insurance sufficient to compensate us for all losses that may occur.
Our computer hardware for operating our services is currently located at hosting facilities around the world. These systems and
operations are vulnerable to damage or interruption from human error, floods, fires, power loss, telecommunication failures and similar events.
They are also subject to break-ins, sabotage, intentional acts of vandalism, terrorism and similar misconduct. Despite any precautions we may
take, the occurrence of any disruption of service due to any
17