The European tourism sector calls for urgent modifications due to the impact of Royal Decree 933/2021 of October 26, which establishes documentation registration and information obligations for individuals or legal entities engaged in lodging and motor vehicle rental activities.
The European tourism sector has requested urgent adjustments and a delay in the enforcement of Royal Decree 933/2021, dated October 26, which imposes documentation and information-sharing obligations on individuals or legal entities involved in lodging and motor vehicle rental activities. This new appeal to the Spanish government comes after a first communication in September went unanswered, in which the sector highlighted the difficulties of implementing the regulation in its current form.
The Royal Decree mandates detailed registration of travelers' data to enhance control and security within the tourism sector. However, industry associations have indicated that the regulation's requirements pose numerous obstacles for companies. Industry representatives have emphasized that the current version of the decree requires the collection of data that is complex to manage and could expose companies to penalties for unintentional non-compliance. These concerns were raised both in the initial letter in September and the more recent one, noting that implementation without significant changes is "unfeasible."
The decree stipulates that obligated entities must maintain a digital record of the collected data, which must be preserved for three years after the completion of the service or contract. Non-professional lodging activities are exempt from this obligation.
Before beginning their activities, operators must submit the required data to the competent authorities, which vary depending on the type of activity and are detailed in the decree’s annexes. Traveler and transaction data, both in lodging and vehicle rentals, must be communicated within 24 hours after booking or contract signing and must be transmitted electronically. Non-professional lodging activities may use other procedures.
The personal data collected under this regulation will be stored in two files managed by the Secretary of State for Security: one for lodging and another for vehicles. Only Security Forces, the judicial authority, and the Public Prosecutor's Office will have access to this data for investigations within the framework of crime prevention and detection.
Beyond the legitimate concerns of the tourism sector, the Royal Decree reflects an interventionist policy by the current government. The similarities with the total control described in George Orwell's novel 1984 are evident, as the regulation requires storing personal data of millions of people who do not necessarily pose a risk to public safety.
This shift in Spanish tourism policy contrasts with its traditional approach of attracting visitors, which is vital to the country's economy. Businesses, many of which are small and medium-sized enterprises, bear the burden of increased bureaucracy, raising questions about the effectiveness of such an intrusive measure. If the goal is to enhance security, it might be more efficient to allocate additional resources to hiring and equipping security forces. In other advanced tourist destinations like Switzerland, data is collected in a simpler and more practical way, with a friendly concierge filling out a brief form on behalf of tourists.
The Ministry of the Interior has again postponed the decree’s effective date to December 2, following an initial delay from October 1. This was justified by the need to resolve technical issues related to data transmission between establishments and regional authorities, especially in autonomous communities like Catalonia and the Basque Country, where security responsibilities lie with local police forces.
This decision has been a relief for tourism companies, which have requested that data collection and management be automated to avoid operational disruptions.
Among the most notable criticisms are potential incompatibility with the General Data Protection Regulation, legal uncertainty, competitive disadvantage in the market, disproportionate administrative burden, and lack of technological adequacy, especially for SMEs, which make up 95% of the sector.
The European tourism sector's call is clear: urgent modification and postponement of Royal Decree 933/2021 are needed to develop measures that allow for practical and secure compliance. It is hoped that the Spanish government will heed this request and review the regulation to support.