The hotel that cannot sell a ski weekend
A hotel in the Japanese Alps wants to offer its guests a complete ski weekend. Not just a room. The whole experience: hotel accommodation, ski school lesson, equipment rental, transfer from the station, a table at a local izakaya on Saturday evening.
It cannot do this legally.
Under Japan's Travel Agency Act, only a licensed travel agency can package hotel accommodation together with an off-premise activity and sell the bundle to the general public. The hotel is not a licensed travel agency. To offer the package, it must either send guests to find the ski school themselves — destroying the experience — or create a travel agency subsidiary whose sole purpose is to hold a licence it would not otherwise need.
Most hotels create the subsidiary. It works, just about. But it costs money, adds legal overhead, and solves nothing for the underlying problem: a law written in 1952, last revised in 2019, is creating enormous friction in one of Japan's most strategically important inbound tourism sectors.
That is the everyday friction. There is a far more serious gap — one that no travel regulation in any jurisdiction has yet addressed.
In March 2026, over 200 Japanese travellers found themselves stranded at Dubai International Airport as the Iran conflict escalated suddenly and airspace closures cascaded across the region. In 2011, the Tohoku earthquake and tsunami claimed nearly 20,000 lives, including foreign travellers, and left inbound tourists stranded across northern Japan with no coordinated mechanism to account for them, communicate with their families, or organise safe passage home.
The gap that regulation has not yet closed
The everyday gap and the catastrophic gap share the same root: travel regulation was designed for a world of single-entity products, predictable operations, and disruptions that individual businesses could manage.
The EU Package Travel Directive was designed in 1990 and updated in 2015 for the tour operator era: one licensed organiser, one pre-packaged holiday, one consumer. But the AI-era booking involves an AI orchestration agent, a protocol layer, a hotel, a ski school, a taxi company, and an activity guide — assembled dynamically on the traveller's request, across multiple jurisdictions, in real time. No single entity in that chain maps cleanly to the Directive's concept of an organiser.
| Old model: single-entity regulation | New reality: multi-party AI-era booking |
|---|---|
| One licensed travel agency | AI orchestration agent |
| One package, assembled in advance | Itinerary assembled dynamically at booking |
| One jurisdiction | Multiple jurisdictions simultaneously |
| One responsible party | Hotel + ski school + taxi + guide + protocol |
| Liability: clear (the organiser) | Liability: unclear — no single organiser exists |
| Disruption: rare, handled by organiser | Disruption: may be geopolitical or natural disaster — beyond any single business |
| Regulation: designed for this | Regulation: not designed for any of this |
The protocol as accountability infrastructure
Both gaps share the same underlying problem: the accountability infrastructure that consumer protection law was designed to enforce is simply not visible to regulators under current frameworks.
The Activity Travel Protocol addresses this directly. Its Booking Object maintains a documented, machine-readable record of every state transition, every duty of care transfer, every supplier handoff, from the moment a traveller's request is received to the moment they arrive home safely. Its Human Escalation Manager architecture ensures that a qualified human is in the loop at every decision point that has significant welfare consequences.
But the protocol's architecture was also designed with the catastrophic scenario in mind. The same Booking Object that tracks a ski weekend in Nagano can, in a mass disruption event, become the data source that tells an emergency coordination authority: how many travellers are in the affected area, which suppliers hold duty of care over them, which travellers are uncontactable, and which have already been safely evacuated.
Three reform directions
Regulators signal that cross-border interoperability matters and encourage industry to converge on open standards — as ICAO and IATA did for aviation.
When war, earthquake, or mass disruption strands travellers at scale, governments need a shared protocol to coordinate. Industry alone cannot build this.
If the industry widely adopts a common technical standard, most cross-border regulatory friction resolves through interoperability. Conformance testing — not certification — validates compatibility.
The Activity Travel Protocol is a working reference implementation of the infrastructure all three directions require. It was designed from the ground up to make the AI-era booking visible, accountable, and auditable — not just to the parties involved, but to the regulatory authorities and governments who need to reach travellers when it matters most.