TripAdvisor 2011 Annual Report Download - page 31

Download and view the complete annual report

Please find page 31 of the 2011 TripAdvisor annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 125

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125

Table of Contents
period of time. Remediation may be costly and we may not have adequate insurance to cover such costs. Moreover, the costs of enhancing
infrastructure to attain improved stability and redundancy may be time consuming and expensive and may require resources and expertise that
are difficult to obtain.
We process, store and use personal information and other data, which subjects us to risks stemming from possible failure to comply with
governmental regulation and other legal obligations and potential liability related to security breaches.
We may acquire personal or confidential information from users of our websites and mobile applications. There are numerous laws
regarding privacy and the storing, sharing, use, processing, disclosure and protection of personal information and other consumer data, the scope
of which are changing, subject to differing interpretations, and may be inconsistent between countries or conflict with other rules. We strive to
comply with all applicable laws, policies, legal obligations and industry codes of conduct relating to privacy and data protection. It is possible,
however, that these obligations may be interpreted and applied in a manner that is inconsistent from one jurisdiction to another and may conflict
with other rules or our practices. Any failure or perceived failure by us to comply with our privacy policies, privacy-related obligations to users
or other third parties, or privacy-related legal obligations, or any compromise of security that results in the unauthorized release or transfer of
personally identifiable information or other user data, may result in governmental enforcement actions, litigation or public statements against the
relevant company by consumer advocacy groups or others and could cause our customers and members to lose trust in us, which could have an
adverse effect on our business.
The regulatory framework for privacy issues worldwide is currently in flux and is likely to remain so for the foreseeable future. Practices
regarding the collection, use, storage, transmission and security of personal information by companies operating over the Internet have recently
come under increased public scrutiny. The U.S. Congress and federal agencies, including the Federal Trade Commission and the Department of
Commerce, are reviewing the need for greater regulation for the collection and use of information concerning consumer behavior on the Internet,
including regulation aimed at restricting certain targeted advertising practices. U.S. courts are also considering the applicability of existing
federal and state statutes, including computer trespass and wiretapping laws, to the collection and exchange of information online. In addition,
the European Union is in the process of proposing reforms to its existing data protection legal framework, which may result in a greater
compliance burden for companies, including us, with users in Europe and increased costs of compliance. We have collaborations with other
online service providers that involve exchanges of user information, and these practices may attract increased regulatory scrutiny in the United
States and Europe in the future.
Potential security breaches to our systems, whether resulting from internal or external sources, could significantly harm our business. There
can be no guarantee that our existing security measures will prevent all possible security breaches or attacks. A party, whether internal or
external, that is able to circumvent our security systems could misappropriate user information or proprietary information or cause significant
interruptions in our operations. In the past, we have experienced “denial-of-service” type attacks on our systems that have made portions of our
websites unavailable for short periods of time as well as unauthorized access of our systems and data. We may need to expend significant
resources to protect against security breaches or to address problems caused by breaches, and reductions in website availability could cause a
loss of substantial business volume during the occurrence of any such incident. Because the techniques used to sabotage security change
frequently, often are not recognized until launched against a target and may originate from less regulated and remote areas around the world, we
may be unable to proactively address these techniques or to implement adequate preventive measures. Security breaches could result in negative
publicity, damage to reputation, exposure to risk of loss or litigation and possible liability due to regulatory penalties and sanctions. Security
breaches could also cause travelers and potential users to lose confidence in our security, which would have a negative effect on the value of our
brand. Failure to adequately protect against attacks or intrusions, whether for our own systems or systems of vendors, could expose us to security
breaches that could have an adverse impact on financial performance.
27