Fingerprint scanners at Disney World concern privacy advocates

Looks to me like an awful lot of concern over very little.

The ticket has an identification number on it.
The person has a finger pattern.

At worst, the park will identify a group of tickets as a "family" and link all of the fingerprints in that group to all of the tickets in that group.

As a general rule, though, the ticket ID is anonymous data, and the fingerprint is anonymous. It doesn't provide any more information than, say, putting a bar-coded wristband on the customer and scanning that on each entry. In fact, if the privacy people want to get upset about something, they ought to get upset about Disney making people put signatures on their multi-day tickets. Because unlike the finger scan, that actually associates the ticket with a *name*, which, unlike a fingerprint, is a *readily accessible* source of personal information.

--Dave Althoff, Jr.

As I understand it, the change was made solely to improve turnstile throughput, and these are still only verification, not identification devices. The readings are not unique to an individual, because they are abstracted down too far. The chances that any two people will end up with "the same" reading are low, but the chances that there will be any duplicates at all in a given day are reasonably high. Yes, they *could* reconfigure them to store the image, but that would require both more storage space, and more sophistication and processing time to detect a match---neither likely with a cost-sensitive theme park operation worried about getting people through the gates.

If privacy advocates are worried about something, they should worry a lot more about Disney's Customer Relations Management system. If you ever disclose your phone number and your credit card in the same transaction (and you do if you buy tickets, make hotel reservations, or have something shipped to you), and you use that credit card anywhere else in the entire Disney empire (including ABC, ESPN, ...) then they've got you.

---

At worst, the park will identify a group of tickets as a "family" and link all of the fingerprints in that group to all of the tickets in that group.

---

This is in fact exactly what they do. Tickets purchased in a single transaction are freely interchangeable with one another.

I don't have a problem with it, but I do think they need to very publicly and in signage at the park explain what they do with the data. If you don't have anything to hide, then come out and explain it.

I do think you're being a little naive, Dave, to think that they can't link back the ticket's serial number with the actual transaction from your credit card. This ultimately isn't that different from what grocery stores do with their "bonus cards" or whatever though, and I don't care that Giant Eagle knows I buy condoms, Chinese cookies and Coke with lime.

I don't get the concern either.

They can have my CC numbers, my phone number, my middle name, my bank account numbers, my IP and my D.O.B. - I'm not doing anything that I need to hide.

Hell, bring the frozen head of Walt Disney to my home and let it snoop around my drawers.

I thought the 'old' system was getting my fingerprints anyway. Shows how much I care. I'm more concerned with putting my fingers on the scanner after the kid in front of me just spent 2 full minutes picking his nose and/or ass.

Here's a twist. Maybe they'll use the scanned print for FBI/police Dept purposes. It would be a great way to catch or track down people. I'm no genius at how these scanners work, but if the computers are tied in, it might work.just a thought.

I have no worries about this.
*** This post was edited by FLYINGSCOOTER 9/1/2006 3:04:01 PM ***

Isn't BGT already using this technology?

Jeff: Actually, logically, they probably can't trace the ticket back to the original transaction. I say that because while it would be trivial to keep that kind of a record, there is no requirement that the ticket be purchased with a credit card. So the cash sales are not going to be linked to a particular customer. More important are the group sales tickets sold through authorized outlets (travel agencies, for instance) where even if the ticket is bought with a credit card, it isn't tied to Disney's computer system. So it's very possible, perhaps even likely, that personal information is not tied to the ticket purchase. Why would it be?

The opposite extreme, of course, are the Will-Call tickets purchased on the Internet where they get not only your credit card number, but also your entire life story...

But Professor Noble has an excellent point up there. Just because they *can* collect and store certain information on people (and as I just pointed out, sometimes they can't...) does not mean that they *do*. I remember the old sysop's signature comment: "Yes, as sysop, I can read your email. No, I don't get *that* bored." If they have no need for the data, there is no reason for them to collect it...and a whole lot of reasons not to.

--Dave Althoff, Jr.

The old system at WDW used 2 fingers that you squeezed and it measured the bone structure of your fingers. Not fingerprints... but, it was hard to use for people not used to it. At first, cast members and annual passholders were the ones who had to do it.

---

The opposite extreme, of course, are the Will-Call tickets purchased on the Internet where they get not only your credit card number, but also your entire life story...

---

You aren't kidding. The last time I called WDW to book a resort, as soon as I gave them my phone number, they just verified the rest---names and ages of kids, etc.

That CRM software is really pretty good.*** This post was edited by Brian Noble 9/1/2006 8:09:59 PM ***

I just came back from a day trip to WDW and I personally used the fingerprint scanner at the Magic Kingdom and think it is a lot better than a hand stamp. I think this is a great way to keep the tickets in the hands of the original owner. I have no problem with the way they are doing it. I think that it is pretty cool.

We were all implanted with computer chips at bith anyway.

This type of technology will show up more and more. One of our grocery store chains in Iowa gives people the option of signing up for a Fingerprint Recognition Debit system. You just put your finger on the sensor and your purchase it debited to whatever account you have linked to the service.

Granted that is more of a voluntary application but I suspect we're going to see more of the system like Disney is using in more parks. There's even an application in the works for hotel check-in that alows you to access your room this way, instead of using a key.

Come on, Dave, who buys anything with cash? All I sell is coaster club memberships and I can tell you all kinds of things about someone just by their membership number. There are plenty of commercial services that can get your car VIN and drivers license number with no more than your name and the state you live in.

It's trivial to connect data points about you. The question is, what will a company do with it? Frankly, as long as they're keeping it for their own use, I could care less.

Ironic that the ACLU is harping about privacy issues and people's personal information being bandied about. Doesn't stop them from sending unsolicited requests for donations to me. How did THEY get my information anyway?

Jeff, I do use cash when I can do so. Jeff, I also use a debit card when I am buying anything on-line. I am also worried about the info that can be gathered by the fingerprint scan. They could get your criminal history and then use that knowledge to access your credit history through the info on the history report. Think about it, anyone in WDW who wanted to scam you, can do it just doing it one step at a time. Who knows WDW might be doing this for the good. It's funny how this is going to happen and think of the lines waiting to be fingerprinted and scanned into the system. The fingerprint will have to be on the ticket and in the system to verify that it belongs to the ticket holder.

You can't access credit history without consent from the consumer. You also aren't listening to how the system works. The time it takes to get in is not any longer than the current situation, and both are faster than requiring a human to look at an ID.

Jeff, if you have a criminal history then your social security number will be on it. Also the first thing that credit reporting companies will ask for is the social secruity number. Yes Jeff, anyone can get a credit history report on with your social security number which will list every credit card you have out, the balance, your home address and phone number. It can be done just by your fingerprint. with each step taken as I have mentioned. It could happen

No, you can't get someone's credit report without their consent. I do this for a living. You don't know what you're talking about. I can't call up Trans-Union and say, "Hey, I want Dave Althoff's credit report."