The question is probably if it is state of the art to encrypt passport numbers. If yes, then Marriot could be fine with a similiar argument of "the company knowingly violated its duty to ensure data security".
The question is probably if it is state of the art to encrypt passport numbers. If yes, then Marriot could be fine with a similiar argument of "the company knowingly violated its duty to ensure data security".