Why is privacy an issue at WDW?

[Orangelake555]

And that's the power of PR spin - I've heard that argument elsewhere. I've taken the computer science classes in this area. You don't need to record the whole fingerprint, pixel for pixel. You measure key features that give you a good probability recognition and low probability of two fingerprints being within the same tolerance. It's like a ZIP file contains all the data in a file losslessly, but using less space. They may not measure as many data points as say the FBI, but who are we to know? And just how many points - they won't disclose it.

This is how a fingerpint scan is conducted too. A government agency like the FBI will keep the entire print plus a record of the key measurements. A search works against the key measurements, and this alone may yield a result, but it is much faster and will narrow the results considerably. If it doesn't yield an exact match, the <1% remaining potentials are measured with the full data.

Fingerprints are fairly easily forged too. Look up the Mythbusters episode on it - they pretty much used the techniques from the movies and it's scary the success rate they had at hacking it.

Fingerscans at Disney are ridiculous - we can't trust them with that data, there's no security reason for it (except a small percentage of their pocketbook), and it's simply data that a theme park doesn't need.

Have you ever been fingerprinted recently? They use a scanner similar to what disney uses. But when i was printed at the police station there were all these steps they had to do to get it recognizable for just 3 points on the print. 3 points, thats all. It took the person 45 minutes to do all 10 fingers properly. After EACH attempt the officer had to thoroughly cleans the screen where my finger was. There is no way that the disney scanner is in any way taking a finger print based off of the way the police do it. It can only measure legnth, width, and amount of lift from the sides of your finger.

Don't believe me? Go to a police station that doesn't take finger prints the old way (Ink on paper) and ask to watch them finger print someone. As long as they aren't busy or anything they should accomidate you.

After all of this there has to be someone who works for the company that makes the scanners that can clarify and give a non Disney PR spin

 

[mkt]

RFID = Some bad things can happen, but awesome tool

And easy to defeat. One swing of a hammer on my passport and the RFID chip is no more.

 

[Syntho_Magnetic]

Have you ever been fingerprinted recently? They use a scanner similar to what disney uses. But when i was printed at the police station there were all these steps they had to do to get it recognizable for just 3 points on the print. 3 points, thats all. It took the person 45 minutes to do all 10 fingers properly. After EACH attempt the officer had to thoroughly cleans the screen where my finger was. There is no way that the disney scanner is in any way taking a finger print based off of the way the police do it. It can only measure legnth, width, and amount of lift from the sides of your finger.

I was 3 years ago for a NAC (national agency check) so I could do contract work on DoD systems. The guy in charge of handling the local paperwork and such fingerprinted me and another employee, and had us fill out some forms, in about 20 minutes. We didn't directly use a scanner though, he took each finger and methodically rolled them firmly onto the designated paper. He'd learned over the years how to do it and didn't allow people to do it themselves, because they'd had numerous cases of 2-3 attempts before the prints were clean enough to be scanned properly with no smudging on the paper.

Keep in mind that was the full 10-finger thing, both rolled and pressed prints, in pristine condition.

Yeah, it's complicated, but it all comes down to the fact that Disney DOES need to ensure that when YOU use your ticket, YOU are the only person to use it until it expires. ID checks won't work, because you could be holding Suzy's ticket, and it works, and the CM sees your ID and approves you....but there's nothing tying your ID to that ticket.

I understand the marketing issue - like letting someone else use your grocery discount card. And of course it wouldn't be fair to let someone else use your AP. So you put their photo on the AP instead of the fingerprint database ID.

As someone who uses IAFIS-based fingerprinting scanners on a very regular basis, it always makes me laugh when I hear people claim that their fingerprints are actually being scanned by those biometric scanners at WDW. If they were really scanning your full fingerprint, & not simply capturing very basic info, it would take hours to get through the front gates because of looooong, backed up lines. Not to mention, the scanners would require constant cleaning. I just wonder if the moonbats realize how many people are laughing at them, lol?? :wave:

I know it may not be directed at my particular post, but I looked up some info just to be sure, and I pretty much described an optical scanner + minutia algorithm. I'll admit I don't know much of the fingerprint scanner industry, exactly how much data commercial USB drive password keys or USB fingerprint scanners use currently, so if you have some info I'd like to hear more.
http://en.wikipedia.org/wiki/Fingerprint_recognition

But are you using these to create a master set of prints, like when I applied for my NAC? If that's the case, they're going to make sure the prints are perfect. But for day-to-day use in a scanner or for use at crime scene, the prints are going to be far from perfect, right? And less data is needed to make a match of a reasonable level - especially if it's just to check an AP identity?

If it is some laughable amount of data being taken from the prints, I still kind of think it sets a bad precedent. It was only a few years ago that you couldn't stick your thumb on a USB drive and have it automatically log you in or emit a password. It won't be long before full fingerprint scans with a more robust ultrasonic scan are cheaply commercialized. Then the amount of data won't be laughable anymore.

 

[Syntho_Magnetic]

And easy to defeat. One swing of a hammer on my passport and the RFID chip is no more.

And also a felony in the U.S. Just saying.

I don't think they belong in there either!

 

[Pumbas Nakasak]

Because the scanners are a means to harvest your soul and inject alien baby eggs into host females disrupting the brain and its control over muscles and speech, young Brazilians and cheer leaders are particularly prone to insemination.

And someone somewhere will always be paying for freedom.

 

[Philo]

The problem with monitoring on any level is that the wrong people might be using the informatio for the wrong reasons. I don't really care if Disney want to know when I went into which park or even where I travelled during the day. I do however care if due to lax security, my fingerprint data or location were obtained with ill intent.

I also don't want to be roped into an investigation because a bit of data implies I was rougly in the area of a crime at the right time of day.

I'm not suggesting for a second that this has happened, but it is a possibility.

Esentially, as long as companies collect only the information they need to provide a service we want, I don't have a problem

 

[Monty]

Because the scanners are a means to harvest your soul and inject alien baby eggs into host females disrupting the brain and its control over muscles and speech, young Brazilians and cheer leaders are particularly prone to insemination.

And someone somewhere will always be paying for freedom.

Ah-HA!

I knew it!

**Swears to never allow WDW to have any idea who I might be - no scans, no ID and never tell them anything**

Thanks Tam, I needed a bit of humour injected here [pun intended]. The great paranoid unwashed were starting to get to me! :brick:

 

[Phonedave]

Personally I would think those that have been fingerprinted by law enforcement would have more to be concerned about. I've never been formally fingerprinted. Only Disney and Busch Gardens have digital records of my finger. And what good it is to them? I don't care.

The day the metal detectors show up is the day I become most concerned. Because that means there is a need.

I have been fingerprinted by law enforcement (federal and local) - for firearms licenses.

I have no problem with WDW biometric scanners.

The truth is, there is a LOT of intellegence gathering out there by both governemnt and private industry, but the one way hash of finger geometry at WDW is nothing to worry about.

-dave

 

[dreamfinder]

The hash alone isn't worth much, and I don't mind that portion at all. (Assuming it truly is a hash as everyone says) The real data mine is from the user tracking. IF they can indeed track everyone through the park, and get it fairly accurate, then they could have something. So what you say? Disney knows I waited for 20 mins to see Mickey for his picture. Big deal. As long as the data stays within Disney, and in completely anonymous it's not a big deal. It's when the data can be linked to a guest, and make its way out of Disney that a problem occurs.

Say the tracking is linked to your ID. And say that Disney inks a sponsorship deal with "Great Big Insurance Company" to sponsor a new ride. What is to say that Disney doesn't include sharing your data with "Great Big Insurance Company" as part of the deal? (Completely commonplace) Now say that Disney's tracking stuff notices that you spend some time at the smoking areas while you are at the park. And when you go to apply for insurance with "Great Big Insurance Company" they dig through their piles of data, and notice you spend a lot of time at the smoking areas, they assume you are a smoker and charge you more for your policy. Even though you are a non smoker and were just keeping your friend company, they don't care. Or they notice that you ride roller coasters all the time and decide you are high risk since you like thrills. This is completely within the realm of possibility. Many promotions for free Zippo's and cigarettes make their money by selling the info to insurance companies who then raise the rates of the people who take the freebies.

Will this happen? Hard to say. But don't tie the data to something that is tied to me, namely my room key or annual pass. Give me the option of including my data on something else, like a new Pal Mickey. I can buy Mickey, tell Mickey my name is John, and then they can track Mickey, without knowing my real name is Tom. I can pass Mickey on to my family, and Disney still get's its data. Admittedly when they mine the data they may see 2 different sets of habits, (I tend to visit the mountains, and my family tends to visit BBB and Fantasyland) but they don't know enough to link that back to me in real life.

We could give Disney the benefit of the doubt, but as other people have mentioned in this thread, many places that SHOULD keep the data safe, don't. Disney has no obligation to do so. Give me something I can be confident in when they start tracking me, cause darn it, where I went is my data. Let me know what it is being used for and give me the option to opt out, and a recourse if you do something wrong with it. My grocery store card is worth some monetary value to me (even though I have a handful from various family members just to screw with their data mining out of spite), having Peter Pan say my name in a robotic voice has no monetary value, and isn't worth my personal info.

I don't think I'm overly paranoid, but I know the value of data and what can be done with it. Heck, I've even maintained some databases of personal data as part of a job. But they were told up front what the data was for, and what could and couldn't be done with it, and signed a release form. I can't see Disney doing the same when you get your tickets.

 

[Monty]

The hash alone isn't worth much, and I don't mind that portion at all. (Assuming it truly is a hash as everyone says) The real data mine is from the user tracking. IF they can indeed track everyone through the park, and get it fairly accurate, then they could have something. So what you say? Disney knows I waited for 20 mins to see Mickey for his picture. Big deal. As long as the data stays within Disney, and in completely anonymous it's not a big deal. It's when the data can be linked to a guest, and make its way out of Disney that a problem occurs.

Say the tracking is linked to your ID. And say that Disney inks a sponsorship deal with "Great Big Insurance Company" to sponsor a new ride. What is to say that Disney doesn't include sharing your data with "Great Big Insurance Company" as part of the deal? (Completely commonplace) Now say that Disney's tracking stuff notices that you spend some time at the smoking areas while you are at the park. And when you go to apply for insurance with "Great Big Insurance Company" they dig through their piles of data, and notice you spend a lot of time at the smoking areas, they assume you are a smoker and charge you more for your policy. Even though you are a non smoker and were just keeping your friend company, they don't care. Or they notice that you ride roller coasters all the time and decide you are high risk since you like thrills. This is completely within the realm of possibility. Many promotions for free Zippo's and cigarettes make their money by selling the info to insurance companies who then raise the rates of the people who take the freebies.

Will this happen? Hard to say. But don't tie the data to something that is tied to me, namely my room key or annual pass. Give me the option of including my data on something else, like a new Pal Mickey. I can buy Mickey, tell Mickey my name is John, and then they can track Mickey, without knowing my real name is Tom. I can pass Mickey on to my family, and Disney still get's its data. Admittedly when they mine the data they may see 2 different sets of habits, (I tend to visit the mountains, and my family tends to visit BBB and Fantasyland) but they don't know enough to link that back to me in real life.

We could give Disney the benefit of the doubt, but as other people have mentioned in this thread, many places that SHOULD keep the data safe, don't. Disney has no obligation to do so. Give me something I can be confident in when they start tracking me, cause darn it, where I went is my data. Let me know what it is being used for and give me the option to opt out, and a recourse if you do something wrong with it. My grocery store card is worth some monetary value to me (even though I have a handful from various family members just to screw with their data mining out of spite), having Peter Pan say my name in a robotic voice has no monetary value, and isn't worth my personal info.

I don't think I'm overly paranoid, but I know the value of data and what can be done with it. Heck, I've even maintained some databases of personal data as part of a job. But they were told up front what the data was for, and what could and couldn't be done with it, and signed a release form. I can't see Disney doing the same when you get your tickets.

You use the internet... There is more personal data compiled on you on a daily basis based on that than Disney could ever hope to amass. If you also use a cell phone, the personal data and locational information available on you increases significantly. Almost all of that data is readily available to anyone who knows how to get it. :shrug:

The only way to avoid data mining entirely is to eschew all forms of electronic commerce and live in a tent without electricity or connectivity of any kind and under sufficient top cover foliage to avoid detection by aircraft or satellites.

A more realistic approach is to accept that it is going to happen and mitigate any instances that come to light that have potential negative impact. If your insurance rates go up because of incorrect tracking information indicating risky behaviours, challenge the increase.

 

[dreamfinder]

You use the internet... There is more personal data compiled on you on a daily basis based on that than Disney could ever hope to amass. If you also use a cell phone, the personal data and locational information available on you increases significantly. Almost all of that data is readily available to anyone who knows how to get it. :shrug:

I agree with you, but only to a point. The location data on a cell cannot be turned over without a court order. (Unless our mighty leaders changed that law) The people who can "get" my cell habits, either have the law on their side, or have broken the law and that is different than Disney monetizing my data in the parks.

I do use the internet, however I do use aliases. Almost no one has the accounts that I care about. My normal browsing is linked to several garbage accounts. They get too full of spam? I toss em and start over anew. And I have fought against, and changed providers when they start to monetize my data usage. All my accounts had Terms of Use I had to agree to that may have covered sharing my data. Either I didnt care enough about the data on that site, or I walked away and went elsewhere. If Disney provides the guest with a ToS for the data, thats great and how I think it should be.

The only way to avoid data mining entirely is to eschew all forms of electronic commerce and live in a tent without electricity or connectivity of any kind and under sufficient top cover foliage to avoid detection by aircraft or satellites.

Thought about living off grid, more so for the ecological/health benefits than paranoia, but then my sanity kicks in.

A more realistic approach is to accept that it is going to happen and mitigate any instances that come to light that have potential negative impact. If your insurance rates go up because of incorrect tracking information indicating risky behaviours, challenge the increase.

As I said, I do accept that Disney might start tracking us. Fine, but tell us what it would be used for and a way to hold them to it, or give us an out, or track us anonymously. In that case, it's fine by me.

Unfortunately, in most cases people don't know why the costs for something went up. People tend to see new insurance rates, as part of doing business, most rates go up yearly. I don't know that they went up because of association with something else. Like how credit card companies change rates because you shop at discount stores more often, or start buying your own auto parts. It's not right, but at this point nothing can be done. They don't want your business enough to keep you and have no problems with you walking. :shrug:

 

[sublimesting]

The bio scan is NOT a fingerprint. If "they" really wanted to you can be tracked all day long. Security cameras are EVERYWHERE and there is nothing you can do about it. People unwittingly give away identity secrets all day long and then blow up at having the length and width of their finger taken at Disney and scream their Constitutional rights are being violated. If youre that worried stay home, close the blinds, line your walls with foil and sit in the middle of the room with your shotgun before the government comes and takes that away too.

 

[scottnj1966]

Identy theft

No one wants a chance to get their identy stolen.
WDw has a large database of actualy fingerprints, they say bimetrics, doubt it.
If Chase or Bank of America can be hacked, why cant Disney.

 

[Monty]

No one wants a chance to get their identy stolen.
WDw has a large database of actualy fingerprints, they say bimetrics, doubt it.
If Chase or Bank of America can be hacked, why cant Disney.

**Worries for the future of mankind**

:brick:

 

[Master Yoda]

**Worries for the future of mankind**

:brick:

Don't worry too much Monty. They are always easy to spot.

 

[krankenstein]

No one wants a chance to get their identy stolen.
WDw has a large database of actualy fingerprints, they say bimetrics, doubt it.
If Chase or Bank of America can be hacked, why cant Disney.

:lol:

You're funny!

 

[Phonedave]

No one wants a chance to get their identy stolen.
WDw has a large database of actualy fingerprints, they say bimetrics, doubt it.
If Chase or Bank of America can be hacked, why cant Disney.

I used sombody elses pass, and got in.

No I didn't match the size and shape, I just stuck it in there and broke it.


Thats a loose rip off of a Family Guy episode for all you fans out there. Here is a hint, it was not originaly about a finger, and Quagmire said it

-dave

 

[mkt]

And also a felony in the U.S. Just saying.

I'll take my chances with the state department. With how often I've been using it lately, maybe the chip just wore out because of use

 

[Phonedave]

On a personal note, I have a gun permit and am in the process of becoming a Reserve Sheriff Deputy - my fingerprints and ID are in my "permanent record". I'm not scared of Disney having them. Heck, anyone could lift one of mine easily off of a drinking glass, handrail, ride vehicle, or bus rail. Some powder and scotch tape, and your fingerprint belongs to someone else.

I love the fact that not only are my fingerprints on file for my gun permits, but my fingerprint is actualy on my Firearms Card. My picture is not on there, but my fingerprint is.

I guess that way the clerk I am buying a gun from can look at the card, and look at my finger, and go "yep, thats you"

-dave

 

[unkadug]

I love the fact that not only are my fingerprints on file for my gun permits, but my fingerprint is actualy on my Firearms Card. My picture is not on there, but my fingerprint is.

I guess that way the clerk I am buying a gun from can look at the card, and look at my finger, and go "yep, thats you"

-dave

Nah, he'll just scan it through his biometric data scanner that he bought from MouseSurplus and match it to the hacked Disney Database to verify your identity.