Six Flags Great America has settled a class-action lawsuit by agreeing to pay $36 million over the use of fingerprint scanners at its Illinois theme park. Six Flags was accused of violating an Illinois law that requires companies to get permission before using certain technologies to identify customers. The company denied that it was collecting biometric identifiers and claimed visitors had given consent.
Read more from USA Today.
I feel like they should have fought this, because I think the court got it wrong. These scans result in a cryptographic hash, which is completely useless outside of the context of the system that contains it. The intent of the law is to protect PII, which this is not.
We were frequenting SFSTL when this system started and I was fine with it but it didn’t work very well little kid fingers.
I was never bothered by the fingerprint scan. However, for up to $60 times four people I will gladly fill out the class action lawsuit and pay for our memberships for the year.
I think you're right about it not being PII (and thus probably consistent with the spirit of the law) but the letter of the law does seem to cover storing a hash of the biometric identifier:
"Biometric information" means any information, regardless of how it is captured, converted, stored, or shared, based on an individual's biometric identifier used to identify an individual.
Seems like hashing would fall under that "converted" part but I could be wrong!
Regardless, I seem to remember visiting SFGAm in 2018 a couple of times and having to scan my finger a few times to get it to work so I'm not upset it's gone.
You must be logged in to post