Hotels--and I think it's unfair to pick on the Hilton hotels--in general have to balance their interest in protecting consumer information. The Hilton, or any other hotel, probably has no real interest in owning the personal information or exercising that sort of power. They have to balance, though, the language they use in their contracts against the practical realities of protecting their own interest.
What happens, for example, if you have a guest who is using the hotel's resources, the computer, to access illicit or illegal websites and is perhaps engaging in illegal transactions? They have to have the recourse to go to that individual and say they looked at this and it's not right. Whether it's legal or not, they have to balance a whole variety of interests, not only the interests in Canada but also the interests internationally. There may be requirements in the United States with which they are complying or requirements in Europe they have to consider.
My experience is that many organizations are trying their best to put together terms of use and privacy policies. They have to balance a whole variety of obligations and compliance issues, and privacy is only one of them. Maybe someone hasn't looked that carefully at the privacy language. But I bet if you asked Hilton, or other organizations that have similar policies, whether they really intend to use personal information for those purposes, I'm sure the answer would be no. Really, their only interest is in protecting themselves and making sure they are able to comply with the variety of obligations they have in front of them.