Expedia Group legal and compliance interviews test whether candidates understand the regulatory frameworks that govern an online travel marketplace operating across 190-plus countries – consumer protection regulations for travel bookings, EU rate parity antitrust enforcement that has reshaped OTA hotel contracting, privacy regulations including GDPR and CCPA that apply to the traveler data Expedia collects, and the short-term rental regulatory landscape that affects Vrbo's vacation rental business in cities worldwide. Legal at Expedia spans travel consumer protection compliance (where US DOT regulations require specific refund and disclosure obligations for airline bookings, EU Regulation 261/2004 mandates airline passenger rights for delayed and cancelled flights that OTAs must communicate accurately to travelers, and EU Package Travel Directive creates liability for OTAs that sell package travel arrangements combining flights and hotels), rate parity and antitrust compliance (where EU competition authorities have required OTAs to narrow their rate parity clauses with hotels – from broad parity covering all channels to narrow parity covering only the OTA's own website – and where the ongoing competitive sensitivity of OTA-hotel commercial relationships creates antitrust risk that legal must monitor in contract negotiations), privacy regulation compliance (where Expedia's travel data – search history, booking history, payment data, location data, and travel preferences – is subject to GDPR in Europe and CCPA in California, with data subject rights, consent requirements, and data breach notification obligations that apply to one of the largest consumer travel data sets in the world), and short-term rental regulatory compliance for Vrbo (where cities including New York, Barcelona, Amsterdam, and others have enacted short-term rental regulations – registration requirements, host licensing, night limits, and outright bans in some areas – that affect the legality of vacation rentals listed on Vrbo and create compliance obligations for both hosts and the platform). Interviewers evaluate whether candidates understand travel consumer protection law, rate parity antitrust history, travel data privacy obligations, and short-term rental regulatory compliance across global markets.
Start your free Expedia Legal & Compliance practice session.
What interviewers actually evaluate
Travel Consumer Protection, Rate Parity Antitrust, and STR Regulatory Compliance for OTA
Expedia Group legal interviews probe whether candidates understand how legal practice at an OTA differs from general e-commerce legal work in the travel consumer protection complexity (Expedia's role as an intermediary between travelers and travel suppliers creates consumer protection obligations that are distinct from direct suppliers – when an airline cancels a flight, the airline's passenger protection obligations differ from Expedia's obligations to the traveler as the booking intermediary, and the legal team must define what disclosures Expedia must make, what assistance it must provide, and what refund obligations apply to OTA-mediated bookings under regulations like DOT's requirements and EU261), the rate parity antitrust history (European competition authorities in Germany, France, the UK, Italy, and Sweden have required Expedia and other OTAs to eliminate broad rate parity clauses in their hotel contracts following investigations that found these clauses restricted hotels' ability to offer lower prices through other channels – and legal teams who understand this history and the current narrow parity framework that permits can advise commercial teams on the compliance boundaries of hotel contracting), and the GDPR travel data complexity (Expedia's traveler data – where people travel, with whom, how often, at what price sensitivity – is uniquely sensitive personal data about individuals' movements and social connections, and GDPR's requirements for lawful basis, purpose limitation, data subject rights, and breach notification apply to data that Expedia both uses for its own personalization and monetizes through advertising partnerships that require careful consent architecture).
Vrbo's short-term rental regulatory exposure creates legal work that hotel OTA businesses don't face: monitoring and responding to local STR regulations in dozens of major markets, advising on Vrbo's platform compliance obligations when hosts list properties in jurisdictions that require registration or licensing, and engaging in regulatory advocacy processes where Vrbo's interests in maintaining a legal hosting environment intersect with the policy debate about short-term rentals' effect on housing availability.
What gets scored in every session
Specific, sentence-level feedback.
| Dimension | What it measures | How to answer |
|---|---|---|
| Travel consumer protection compliance | Do you understand the consumer protection obligations applicable to OTA-mediated travel bookings – DOT refund requirements for US flights, EU261 passenger rights communication obligations, and EU Package Travel Directive liability for package arrangements – and how these obligations differ from the supplier's own obligations? We flag legal answers that conflate OTA and supplier consumer protection obligations. | OTA vs supplier obligation distinction, EU261 traveler communication, Package Travel Directive applicability |
| Rate parity antitrust compliance | Can you explain the history of European rate parity enforcement – what broad rate parity required, what competition authorities found problematic, and what the narrow parity framework that is now permitted allows – and advise on the compliance boundaries of current hotel contracting? We score whether your rate parity analysis engages with the specific EU enforcement history. | Broad vs narrow rate parity distinction, EU competition authority enforcement history, current contracting compliance guidance |
| GDPR and travel privacy compliance | Do you understand how GDPR applies to Expedia's travel data – what lawful basis applies to different uses, how data subject rights work for traveler booking history, and how consent architecture for advertising partnerships must be structured to comply with GDPR's requirements? We detect legal answers that treat GDPR compliance as generic privacy policy management. | Lawful basis analysis for travel data, data subject rights in booking context, advertising consent architecture |
| Short-term rental regulatory compliance | Can you analyze how Vrbo's platform operates in jurisdictions with STR registration requirements, hosting licensing, and night limits – what Vrbo's compliance obligations are as a platform, what obligations rest with hosts, and how Vrbo navigates markets where regulatory enforcement creates listing legality questions? We flag legal answers that treat STR regulation as a host-only compliance issue. | Platform vs host obligation distinction, registration requirement compliance approach, enforcement risk management |
How a session works
Step 1: Choose an Expedia legal and compliance scenario – travel consumer protection and airline/hotel booking refund obligations, rate parity antitrust compliance for hotel contracting, GDPR and travel data privacy compliance, or Vrbo short-term rental regulatory compliance across global markets.
Step 2: The AI interviewer asks realistic Expedia-style questions: how you would advise on Expedia's legal obligations when a major airline partner has cancelled 500 flights affecting Expedia customers and the airline's own customer service is overwhelmed with a 72-hour wait time, while European travelers are asking Expedia directly for the EU261 compensation they are entitled to, how you would evaluate the compliance risk of an Expedia proposal to include a clause in hotel contracts requiring that hotels offer Expedia rates at least as favorable as those offered through any other third-party channel including other OTAs, or how you would design Vrbo's compliance program for operating in New York City after the city enacted regulations requiring that short-term rental hosts be present during guest stays.
Step 3: You respond as you would in the actual interview. The system scores your answer on travel consumer protection compliance, rate parity antitrust compliance, GDPR and travel privacy compliance, and short-term rental regulatory compliance.
Step 4: You get sentence-level feedback on what demonstrated genuine OTA legal expertise and what needs stronger rate parity history understanding or STR regulatory analysis.
Frequently Asked Questions
What are OTA consumer protection obligations for airline booking refunds?
US DOT regulations require that airlines refund passengers for cancelled flights regardless of fare class – a non-refundable fare must be refunded when the airline cancels. Expedia's obligation as an OTA is to facilitate this refund, but the refund originates with the airline under DOT rules. Expedia's disclosure obligation is to clearly communicate the airline's refund policy at the time of booking and to facilitate the refund process when cancellations occur. Under the EU Package Travel Directive, when Expedia sells a package combining a flight and hotel, Expedia takes on greater liability as the package organizer – including the obligation to provide alternative arrangements or refunds when the package cannot be delivered as described. Legal must ensure that Expedia's marketing and booking flows accurately characterize which bookings are packages with organizer liability vs component bookings where supplier liability applies.
What is the history of rate parity enforcement against OTAs in Europe?
Rate parity clauses in OTA-hotel contracts historically required hotels to offer OTAs rates at least as favorable as those offered through any other channel – including the hotel's own website, other OTAs, and offline channels. European competition authorities found that broad rate parity clauses restricted hotels from offering lower prices to attract direct bookings, reducing competition between hotels and OTAs and between OTAs for the best rates. Following investigations in multiple EU countries, Booking.com and Expedia agreed to narrow their rate parity clauses to cover only their own website and direct channels rather than all channels. This means hotels can now offer lower rates through competitor OTAs or through their own direct loyalty programs without violating their Expedia contract – a significant change that affects the commercial dynamics of hotel-OTA relationships.
How does GDPR apply to Expedia's traveler data?
Expedia collects substantial personal data about travelers: search queries that reveal travel preferences and intentions, booking history that reveals travel patterns and destinations, payment data, and in some cases biometric data through travel document verification. GDPR requires that Expedia identify the lawful basis for each data processing purpose: booking data processing is necessary for contract performance, personalization may rely on legitimate interest or consent depending on the nature of the processing, and advertising targeting requires explicit consent under GDPR's requirements. Data subject rights – the right to access, correct, delete, and port personal data – apply to Expedia's traveler database, requiring legal and technical infrastructure to fulfill rights requests from EU travelers. Breach notification obligations require Expedia to notify the relevant supervisory authority within 72 hours of discovering a breach involving EU personal data.
What are Vrbo's compliance obligations in cities with STR regulations?
Short-term rental regulations vary significantly by market: New York City requires that hosts be present during guest stays in most residential buildings, effectively prohibiting whole-apartment rentals that Vrbo hosts in New York offered. Barcelona, Amsterdam, and other European cities have registration requirements, night limits, or zoning restrictions that vary by neighborhood. Vrbo's legal compliance analysis must determine what obligations fall on the platform vs what obligations fall on individual hosts. EU Digital Services Act requirements for online platforms include obligations to take reasonable measures to detect illegal listings and to cooperate with authorities investigating illegal content. Vrbo's compliance program must design listing verification processes that check host registration compliance in regulated markets, which may involve geolocation-based compliance checks, registration number verification, or market-specific listing restrictions.
How does Expedia manage privacy compliance for its advertising business?
Expedia's media solutions business sells advertising inventory to travel companies who want to reach high-intent travel planners. The targeting capabilities that make this advertising valuable – reaching people who have searched for specific destinations or shown purchase intent – are subject to GDPR consent requirements when the traveler is in the EU and CCPA disclosure requirements when the traveler is in California. Expedia's advertising consent architecture must obtain valid consent before using traveler behavioral data for advertising targeting, which means the consent collection mechanism must be specific (not bundled with booking terms), granular (separate consent for different advertising purposes), and freely given (refusing consent must not prevent the traveler from using Expedia's service). Maintaining compliance while sustaining the advertising targeting capabilities that advertisers pay for requires legal design of the consent framework that preserves data access sufficient for advertising targeting within the boundaries of valid consent.
Also practice
One full session free. No account required. Real, specific feedback.
