Priceline 2015 Annual Report Download - page 21

Download and view the complete annual report

Please find page 21 of the 2015 Priceline annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 145

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145

search results. To the extent Apple or Google use their mobile operating systems or app distribution channels to favor their own travel service offerings, our
business and results of operations could be harmed.
Our processing, storage, use and disclosure of personal data exposes us to risks of internal or external security breaches and could give rise to liabilities.
The security of data when engaging in electronic commerce is essential to maintaining consumer and travel service provider confidence in our services.
Any security breach whether instigated internally or externally on our systems or other Internet-based systems could significantly harm our reputation and
therefore our business, brand, market share and results of operations. We currently require consumers who use certain of our services to guarantee their offers with
their credit card, either online or, in some instances, through our toll-free telephone service. We require user names and passwords in order to access our
information technology systems. We also use encryption and authentication technologies to secure the transmission and storage of data and prevent unauthorized
access to our data or accounts. It is possible that computer circumvention capabilities, new discoveries or advances or other developments, including our own acts
or omissions, could result in a compromise or breach of consumer data. For example, third parties may attempt to fraudulently induce employees or customers to
disclose user names, passwords or other sensitive information ("phishing"), which may in turn be used to access our information technology systems or to defraud
our customers. We have experienced targeted and organized phishing attacks and may experience more in the future. Our efforts to protect information from
unauthorized access may be unsuccessful or may result in the rejection of legitimate attempts to book reservations through our services, any of which could result
in lost business and materially adversely affect our business, reputation and results of operations.
Our existing security measures may not be successful in preventing security breaches. A party (whether internal, external, an affiliate or unrelated third
party) that is able to circumvent our security systems could steal consumer information or transaction data or other proprietary information. In the last few years,
several major companies, including Sony, Home Depot, JPMorgan, Target, Zappos, Apple, AOL, LinkedIn, Google and Yahoo! experienced high-profile security
breaches that exposed their customers' and employees' personal information. We expend significant resources to protect against security breaches, and we may
need to increase our security-related expenditures to maintain or increase our systems' security or to address problems caused and liabilities incurred by breaches.
These issues are likely to become more difficult to manage as we expand the number of places where we operate and as the tools and techniques used in such
attacks become more advanced. As recently experienced by Sony, security breaches could result in severe damage to our information technology infrastructure,
including damage that could impair our ability to offer our services or the ability of consumers to make reservations or conduct searches through our services, as
well as loss of customer, financial or other data that could materially and adversely affect our ability to conduct our business, satisfy our commercial obligations or
meet our public reporting requirements in a timely fashion or at all. Security breaches could also result in negative publicity, damage our reputation, expose us to
risk of loss or litigation and possible liability, subject us to regulatory penalties and sanctions, or cause consumers to lose confidence in our security and choose to
use the services of our competitors, any of which would have a negative effect on the value of our brand, our market share and our results of operations. Our
insurance policies carry low coverage limits, and would likely not be adequate to reimburse us for losses caused by security breaches.
We also face risks associated with security breaches affecting third parties conducting business over the Internet. Consumers generally are concerned with
security and privacy on the Internet, and any publicized security problems could inhibit the growth of the Internet and negatively affect consumers' willingness to
provide private information or effect commercial transactions on the Internet generally, including through our services. Some of our business is conducted with
third-party marketing affiliates, which may generate travel reservations through our infrastructure or through other systems. Additionally, consumers using our
services could be affected by security breaches at third parties such as travel service providers, payroll providers, health plan providers, payment processors or
global distribution systems ("GDSs") upon which we rely. A security breach at any such third-party marketing affiliate, travel service provider, GDS or other third
party on which we rely could be perceived by consumers as a security breach of our systems and in any event could result in negative publicity, damage our
reputation, expose us to risk of loss or litigation and possible liability and subject us to regulatory penalties and sanctions. In addition, such third parties may not
comply with applicable disclosure requirements, which could expose us to liability.
In our processing of travel transactions, we receive and store a large volume of personally identifiable data. This data is increasingly subject to legislation
and regulations in numerous jurisdictions around the world, such as the European Union's Data Protection Directive and variations and implementations of that
directive in the member states of the European Union. In addition, the European Union is actively considering a new General Data Protection Regulation designed
to unify data protection within the European Union under a single law, which may result in significantly greater compliance burdens for companies with users and
operations in the European Union. Under the draft General Data Protection Regulation fines of up to 20,000,000 Euros or up to 4% of the annual global turnover
of the infringer, whichever is greater, could be imposed. This
18