Disney World Collecting Fingerprints

cvd6262 writes "Disney World is now requiring all visitors to have their index and middle fingers scanned to gain entrance to the park. This started for season pass holders, but is now required for everyone." From the article: "'I think it's a step in the wrong direction,' Civil Liberties Union spokesman George Crossley said. 'I think it is a step toward collection of personal information on people regardless of what Disney says.'"

Wrong.

[Anonymous Coward]

Way to RTFA:

Disney officials said the finger scans do not take an actual fingerprint

It's a hand geometry scanner, not a finger print scanner, and they have been doing this for YEARS.

With that aside, WHO CARES. You cannot be uniquely identified by your hand geometry, it simply reduces the chance that you are using someone elses pass.

Parent is not troll, makes good point

[Anonymous Coward]

As a resident near Orlando, FL, I remember when Disney World first started using these biometric systems for Florida resident passholders. Prior to the finger scans, the passes had an ID photo which made the lines go much slower while a ticket attendant checked to make sure the picture matched you. The long and short of it is, the privacy concerns are no worse than having your picture taken was.

Yeah, you probably can't buy a park hopper ticket and give it to a terrorist now, but you shouldn't be doing that anyway. :-P

Re:Parent is not troll, makes good point

[facelessnumber]

I was going to post something about this being an outrage, and that if they want to verify someone's ID they should, well, ask them for ID. But I understand really that they already do that, and the fingerprint scans (Yes, I believe it probably scans and stores the actual fingerprint even if it only uses certain generic points for verification.) are just a way to do what they've always been doing, only faster. Cheaper. So cash-strapped Disney won't have to employ more human eyes to look at cards and move

Re:Parent is not troll, makes good point

[InvalidError]

If there is zero checking on season passes, many people will setup pass pools and rent-a-pass style things... for pools, people put down a pass' worth in cash and get a pro-rata refund minus processing fees after an amount of time equivalent to a pass' validity period. For rent-a-pass, people would put down a safety deposit and the refund would be the pass's cost divided by the typical number of rentals per pass.

In large pools and rent-a-pass networks, there could be something like one pass per hundred users since not everybody goes to WDL every day of the week for the full day.

Re:Parent is not troll, makes good point

[facelessnumber]

not everybody goes to WDL every day of the week for the full day.

Yes, but they could if they wanted to. They shouldn't sell shit like that if they're counting on it not being used. This is like a web hosting company overselling its resources, and counting on the fact that the customers won't all decide to use what they bought.

This is their fault. Don't sell me a 6mbps cable modem on an "unlimited usage" plan and bitch at me or shut me off when I max it out. And so what if I share it with my neighbor? The bandwidth has been paid for. If my subscription is a net loss to you, then you should have sold me less or charged me more.

If they want to reward and encourage people who go to Disney parks regularly, maybe they should do it differently. I don't buy some kind of personalized, reduced-rate sandwich card at Subway. They give me these little stamps, that I can redeem later when I have several of them. Maybe they could do some kind of "frequent flyer" style program. Hell, I don't know. There are a hundred other ways to do this that don't involve personal surveillance.

And I'm not even saying that the passes should go unchecked. Maybe their current model is fine. There are other ways to check ID. Maybe instead of machines to scan your hand and get people through lines quicker, they should have more people looking at IDs. (And I mean looking. That's it. That's all that's neccessary. Not writing down what's on it or keying it into a database. That's right, more wage-earnging human beings. Disney can afford it.

Re:Wrong.

[NormalVisual]

+5 to the parent poster. Last I heard, they were less than 80% accurate (meaning one out of every five people couldn't get a good scan), and if you can't get your fingers to verify, the front entrance people will generally auto-rotate the turnstile and let you in anyway.

I do think it's pretty cheesy that they require it of tickets other than seasonal/annual passes now, but I expect it's because A.) they're attempting to enforce the official non-transferability policy printed on the ticket to prevent peo

Re:Wrong.

[kg4gyt]

Busch Gardens Williamsburg has been using the hand geometry scanner for years as well, cuts down on the cost to produce season passes.

Re:Wrong.

[44BSD]

One thing that the scanner vendors often say when confronted by privacy zealots is "Come on! It is impossible to reconstruct a real fingerprint from the stuff we scan, so your police-state fears are mathematically impossible." Turns out this is untrue [emergentchaos.com]

Re:Wrong.

[saitoh]

bingo, the other thing is, you dont associate your name with the individual pass, so they are only pinpointing "pass 106 has this finger structure with it", outside of that, they know that the first person who uses the pass has those fingers, not their name/age/gender/etc. Creditcard holder information could probably be gleaned, but not the actual person's info (at least not by this).

I've been to Disney a batch, and one thing I noticed was that the park hopper passes arn't restricted like this, only single park passes and season passes (which makes sense on the seasonal ones so you cant loan out your pass and let the entire neighborhood go for free)

To me the logic is to prevent/deter theft on the individual passes, or at least give that illusion (which seems to be a key element in America many times now). If you had to provide a name, or some other actual record, say an eye scan or an actual finger print, then yeah, I'd be a tad more concerned, but this I'll conceed in the proverbial war on privacy so that I may pick my key battles another day.

From out at the turnstiles...

[Anonymous Coward]

Have to post anonymously, here... I've got a lot of first-hand knowledge of the Disney admission control (turnstile) system, including the biometric readers that are the subject of this article. I'm basically going to make one longer post instead of trying to respond to misinformation throughout the comments.

• You have a choice: use the biometrics or don't go to Walt Disney World. This is actually incorrect - you have a third option. Put your name on the pass and show valid identification. You never

Re:Wrong.

[AstroDrabb]

I live in central Florida and have been getting annual passes for my family for a few years now. My wife and I always have to put our fingers in the little scanners, however our small children (3 and 1) obviously do not.

I personally do not see the device as a finger print scanner. The devices are just a little too crude looking (and don't take very long to do) to actually scan your finger print and compare that to a massive database of other prints in the 2 - 3 seconds it takes. I agree with the GP, they seem to just grab some non-unique hand geometry and compare that to the first record that was created the first time the ticket was used. The device seems only "good enough" to prevent me from giving my annual ticket to my friend so he can get a free day at one of the parks. I am sure that enough people tried my pass, one of them would have similar enough hand geometry to get in.

In Other News

[MightyMartian]

Los Angeles, California - Mickey Mouse and Goofy have announced they will appear in a series of US government-sponsored short films entitled "Liberty Is For Chumps" and "Do You Know What Your Parents Are Saying When The Door Is Locked".

Snidley Frux-Disney, adopted great-grand nephew of Walt Disney's mentally handicapped half-brother Edgar "See What I Do On A Steamboat" Disney said "This is a positive move, we believe it's time for Mickey and Goofy to learn the goose step".

"Liberty Is For Chumps" will feature Mickey and Goofy in a moral dilemna as they discover that Minnie votes Democrat and donates to the ACLU. "We thought this was the perfect time to retire the character of Minnie, with some real snazzy shots of the Disney Prison, Disney Riot Squad and the Disney Execution Chamber."

"In Do You Know What Your Parents Are Saying When The Door Is Locked", Goofy discovers that his mother and father are actually distressed that the Patriot Act may be giving away far too freedoms. Mickey sings a brand new Disney hit "Those Little Birds Will Shut Up If They Know What's Good For Them". Naturally, there's some rousing fun as Goofy arrests his parents for thought treason.

A third film, entitled "Your DNA Belongs To Us" is scheduled for release next year.

Re:Missing the point

[AstroDrabb]

IANAL but for Disney to hold a customer to such terms I would think they would need to disclose the details at the time of sale especially since its different than I think the average person would expect the terms to be.

They do. I am looking at my annual pass right now and it states:

Nontransferable; must be used by the same person on any and all days

Disney is not responsible for misplaced, lost or stolen tickets

Parks or attractions may change operating hours; close temporarily due to refurbishin

Re:I call bullshit

[IgnoramusMaximus]

Are there that many passholders with friends?

You are confusing common-sense business with the activities of mega-corporations. Once corporations become as large as some small countries, they too develop an unquenchable thirst for power and control over others, the sheep known as "consumers" in particular.

So they deploy police-state mesures, even if they are actually losing money on the specifics. The general idea however is that enslaving "consumers" will in the long-term result in an uninterruptible (regardles of economics) income. Disney (like many other corporate nation-states) has been engaged in these activities for a very long time.

You did not think DMCA was about piracy, now, did you?

Re:I call bullshit

[AstroDrabb]

Or, rather, is the amount that they make by preventing pass sharing greater than or at least equal to the cost to deploy such a system?

Have you ever worked for a fortune 500 and deployed multi-million dollar systems? I have (three different fortune 500's). When an expensive system is deployed you don't look to make your money back in one year. It might take 5 years or 10 years to see the full potential. If the system lowers the amount of people "stealing" their way into the park without paying by 80

Re:Wrong.

[ag-gvts-inc]

I shouldn't reply, but you had me nodding my head in sympathetic agreement, until your last paragraph. Now, I'm thinking: wtf dude?

Re:Wrong.

[adamjaskie]

Yeah, same here.

I couldn't agree more

[soft_guy]

Disney is one of the most hipocritical and anti-freedom companies in existance. I for one would not visit their parks for any reason, but this is simply ridiculous.

I fucking hate Disney for what they have done to our laws. I hate them for using this hand scanner. They are bastards.

Re:I couldn't agree more

[Tassach]

I concur completely. Disney represents the epitomy of corporate greed and hipocricy, as well as the mediocrity of pop culture. If it were up to me, they would get none of my money; unfortunately my wife and kids have different ideas.

That said, I won't be visiting any of their parks in the forseeable future. The only finger of mine they'll be seeing is the middle one.

Re:Wrong.

[LordBodak]

Actually it's an imminent threat. Eminent has an entirely different meaning.

What's scary is that people who can't even figure out the difference are voting.

Fix it by blowing it up.

[TapeCutter]

You know, you had a reasonable (if somewhat rambling) argument in your post right up until the last sentance...

"I hope a nuke goes off in NYC, or should I say NYX."

...why, because the Iraq war is unjustified, or because the cops stole your fingerprints? I have no idea where you live but it is irrelevant. I know people born and bred in my country who would also recommend nuking cities as a political tool.

Your kind are of no particular colour, you cover the spectrum of politcs and privlage. You need not worry about Disney or the cops, you are easy to recognise from your advocacy of a "final solution" that makes the rest of us want to puke!

Re:Wrong.

[Torville]

As always, nobody is forcing you to go to Disney World. If you don't want to get your finger scanned, then don't enter the park.

Yeah, and if you don't want to get your fingers scanned, don't fly, or go to the mall, or use a bank... it's not like it's going to be mandatory or anything... Hello! This is the Microsoft approach to civil liberty reduction. Make optional content dependent on onerous restrictions, then desirable content, then... should I use ASCII to draw you a picture here?

Re:Wrong.

[takeya]

It's hard for me to be a libertarian and stand by my principles when I hear news like this, but I have to stick to my guns, even when I fervently personally disagree with something.

Disney is not a part of your government. They are free to exist as a theme park, just as Six Flags and Alton Towers (in the UK) are. They are entitled to set whichever requirements they like for you to enter their park. Just as you are allowed to place retina scanners at the front door of your house if you so please.

I believe in monopoly regulation, so as long as Disney is not the ONLY theme park available (and Windows isn't the only usable OS), they are free to set their own rules, on their own property.

I also believe, however, that they must disclose what they will be doing with any information they collect, so that you can be informed in your decision to surrender or not surrender your finger-scans and such.

Using your Microsoft example, they currently don't quite have a monopoly on the desktop OS market. There are 2 usable alternatives (*nix and MacOS), and plenty of other hobby OSes that work to an extent. If they set DRM requirements for music and videos, etc. and the market starts to play along, producing hardware that supports this and cripples other OSes, then they develop a monopoly. This is not healthy for the market and really takes away from personal choice of OS, so it must be stopped. That is the only time I support public (government) intervention into such corporate affairs.

You see what I mean? Right now, you can always take the kids to Six Flags if you don't like Disney's rules. You can always petition Disney to change as well.

Re:Wrong.

[owlstead]

This is such a wrong way of looking at things... What will happen is that they can do whatever pleases them - and not the general public. What happens if every theme park would implement biometric access? It's in their interest, so if one has it...

Should I be banned from themeparks? What about grocery stores? Privately owned markets? This is the same kind of argument most liberals use for employers. They can do whatever they please - if you don't like it, look for another job.

Society is there for the people that live in it. Putting any company interests in front of those of the people is plain stupid. I've got nothing against a free market place, but in every playground there should be rules.

One should be against collecting (uniquely) identifing biometrics.

Re:No no no you've got it all wrong.

[RabidOverYou]

> it sets a very bad precident

I believe that misspelling precedent sets a very bad precedent. Soon enough you're misspelling you're, and they're messing up they're. It's a short skid to it's, and before long no one can spell no one.

Indeed, First Hand Account

[LiNKz]

I recently went there for the 4th of July (well, arrived around the second). After buying the tickets we decided to go to Disney Quest (Arcade).. We waited in line for quite awhile waiting for a number of people in front of us to do the whole two finger scan deal. Usually, it wouldn't work the first time, and they would need to do it over, and over.. One group in front of us couldn't get in because the girl's fingers didn't match her card. Nothing about how it wasn't a valid card, just the fingers didn't match.

What I was told was the first time you use the system they take a shot of your fingers, this is used across the parks afterwards. My group of friends laughed when I raised an eyebrow at the fact that they were collecting fingerprints (though apparently not, generally it would be taken as that).. I was a bit annoyed at the fact that my prints were then on record with Disney. What exactly is the point? Keeping people from reusing the pass? Ok, that is fair, but it would have seemed better to use something like "It was used twice in minutes? That makes no sense!" Or perhaps "They haven't left the building yet, how has it been used elsewhere?"

It just seems like they've put way too much work into making it harder.

Re:Indeed, First Hand Account

[The Only Druid]

I believe the point is that - if something happens - they have a better record of who came in, etc. I'm not saying it's worth what some people would call an "invasion of privacy" (since it's voluntary, I refuse to call it that), but I believe that's the point.

What will be really interesting is how they use this to make more money. Undoubtedly, the installation of this system cost money, without any obvious profit as a result. Will they sell this database of prints? Will they track the size-shift in y

Re:Indeed, First Hand Account

[AstroDrabb]

What will be really interesting is how they use this to make more money. Undoubtedly, the installation of this system cost money, without any obvious profit as a result.

Without any obvious profit? How do you figure? The system is designed to stop people from using tickets that they didn't pay for. That results in either those people not going to the parks or those people _paying_ for tickets. Should I be allowed to give my families annual passes to another family so that Disney is cheated out of tho

Re:Indeed, First Hand Account

[NormalVisual]

Because it DOES cost them money when people aren't tied to a specific ticket, but you have to understand how they sell tickets to see why. Disney sells single-day and multiple-day tickets, as well as seasonal and annual passes. If Disney sells you a five-day ticket and has the technical means to prevent someone else from using it, then that means that you can't use only two days (let's say you got bored and decided to go somewhere else), then sell the remaining three days on the ticket to someone else. I

Re:Indeed, First Hand Account

[NormalVisual]

What will be really interesting is how they use this to make more money. Undoubtedly, the installation of this system cost money, without any obvious profit as a result. Will they sell this database of prints? Will they track the size-shift in your prints and correlate it to age data? Will they track how often you come to the parks and extrapolate what attractions you're interested in?

No, it's not that complex. They've already been using the system for years to prevent multiple people from using a sing

lost ticket sales?

[bezuwork's friend]

... as it represents a substantial cost in lost ticket sales.

Dude, this is called arbitration. A buys something, but doesn't use it up, so A sells it to B. Disney hasn't lost anything - they were already paid for the days A couldn't use.

If they prevent B from buying A's unused tickets and force B to buy a new ticket that means they're double dipping.

Not a moral thing to do. But of course, in the good old USA, this is not only legal, it's the thing to do. Profits uber alles.

Re:lost ticket sales?

[sigma]

Actually, reselling most multiday amusement park tickets is not legal in Florida.

See for yourself:
http://199.44.254.194/statutes/index.cfm?mode=Vie w %20Statutes&SubMenu=1&App_mode=Display_Statute&Sea rch_String=817.361&URL=CH0817/Sec361.HTM [199.44.254.194]

Re:lost ticket sales?

[patio11]

Dude, the ticket is priced on the assumption that A will only be in the park consuming resources a limited number of days in the year. If you assume A has the write to sublet his season ticket ("arbitration", by the way, is a dispute-settlement via reference to a neutral mediation. "Arbitrage" is buying a commodity in one place and selling it in another at a higher price. Neither has anything to do with what you're talking about.), then they'll price the pass at expected use of 365 days a year instead of

Re:Indeed, First Hand Account

[The Only Druid]

"So you are 'claiming' that Disney is doing this for the next 9/11? I know that is an over simplification of your comment but that is the logical conclusion..."

No, I'm not saying that, and I don't appreciate that you knowingly "oversimplified" my comment in that way. I was suggesting that if something happened, e.g. a mundane crime, a lost kid, a kidnapped kid, etc. they'd be able to have a better idea who was in which park. If they had the scanners (or at least card scanners) at each ride, you'd be ab

Re:Indeed, First Hand Account

[NormalVisual]

If you don't research your trip, it's your own damn fault. If I want to go to Disneyworld but I don't bother to look up when it's open, it's my own damn fault if I get there and it's closed.

God damn, I wish every guest had been like you when I worked there. Never mind that park schedules are generally available no less than a month in advance, people will still whine about early park hours or something else that a little research would have told them. My favorites were all of the people that got upset

Re:Indeed, First Hand Account

[yuri benjamin]

Same thing here: if you don't bother to look up the basic admission requirements to a private theme park before buying your tickets, then you've just paid for a valuable life lesson.

So this requirement is clearly stated when you buy the tickets?

Re:Indeed, First Hand Account

[NanoGator]

"Ok, that is fair, but it would have seemed better to use something like "It was used twice in minutes? That makes no sense!" Or perhaps "They haven't left the building yet, how has it been used elsewhere?"

Those aren't the circumstances they're trying to put a stop to. What they're trying to do is prevent me from loaning you my season passport so you can get in for free.

Re:Indeed, First Hand Account

[lheal]

I have to hand it to you, you put your finger right on it. Disney has put way too much effort into making it harder to use their theme park.

It's just like copy protection and other license-enforcement schemes: they maximize the profit/user ratio by decreasing the denominator instead of by increasing the numerator.

Probably they will show a higher profit/user ratio, and the bean counters will declare a success. But they won't see the deadly effect on their image of treating their customers as criminals, nor will they ever see the profit they could have made by turning their energies to something park visitors would actually enjoy.

Re:Indeed, First Hand Account

[AstroDrabb]

Keeping people from reusing the pass? Ok, that is fair, but it would have seemed better to use something like "It was used twice in minutes? That makes no sense!" Or perhaps "They haven't left the building yet, how has it been used elsewhere?"

But that wouldn't stop me from giving my family annual passes to another family to use on a day my family and I don't plan on going to the park. The other family would get a free day at the Disny parks.

Re:Indeed, First Hand Account

[NormalVisual]

Ok, that is fair, but it would have seemed better to use something like "It was used twice in minutes? That makes no sense!" Or perhaps "They haven't left the building yet, how has it been used elsewhere?"

They've already been doing that for years - if you attempt to use a single pass more than once in an hour, the system flags it and won't let you in without the attendant overriding the system.

Re:Indeed, First Hand Account

[nunchux]

The first thing I think about when I hear this story is Big Brother is finally here, 666 and the Rapture and all that tinfoil stuff.

But the second is, how many times a day are those fingerprint scanners cleaned? Do I really want to stick my fingers in some machine that 5,000 snotty brats have just touched? Can you imagine what a disgusting petri dish of festering bio-germs from all over the world are growing on those things?

Exactly

[SuperKendall]

That is a major reason they do this - for only $500 (annual pass) a whole lot of people could get in.

They do make a significant amount of money on ticket sales, and once you're in you don't have to give them a cent if you dont want to.

Re:Indeed, First Hand Account

[NormalVisual]

But it's much better for them if every family member is forced to buy their own pass, regardless of whether any two people will be attempting to use it simultaneously.

Two fingers is cheap

[Jeremi]

Last time I went, they wanted an arm and a leg.

I don't know

[Xenkar]

I sort of got mixed feelings about this. On one hand, we have to give up our biometrics. On the other, at least we don't have to get rectal exams on entry to the park.

Re:I don't know

[Darth_brooks]

On the other, at least we don't have to get rectal exams on entry to the park.

You haven't looked at ticket prices lately have you?

They will see....

[WillRobinson]

My middle finger for sure.... before they see me.

Ya gotta give up something...

[greg_barton]

...either your civil liberties or your soul [sciencedaily.com], take your pick. (All on the taxpayer's dime, of course...)

Index and middle fingers scanned?

[britneys 9th husband]

Not sure about the index finger, but I'll certainly be giving Disney a chance to "scan" my middle finger after reading about this one.

Mixed Reaction

[Staplerh]

While agreeing with the ACLU that this is a step in the wrong direction, it is not as troubling as one thinks. We must keep it in mind that Disney is a private corporation and is able to set barriers to access to its parks. As long as they're not discriminating based on protected categories, their requirement for fingerprints must be protested with lack of patronage but little else. Ultimately, I think in overly security-concious America, we'll see that the public views this as a 'lesser evil' in the broader war on 'terror'. Indeed, they'll gladly surrender their fingerprints in order for the mirage of safety within Disney - perhaps they prefer it to a seemingly non-secure environment like ... oh Six Flags?

The only problem I could see is if this applies to season-ticket or regular-ticket owners who bought their tickets under circumstances that did notinvolve fingerprinting and are now faced with fingerprinting or being refused access to the park.

Re:Mixed Reaction

[LurkerXXX]

They need to let folks they are knowing this. If I had just shown up there and they had asked for my fingerprints I would refuse. But I would have already blown money for hotels and airfare to get there. I had no idea they were requiring this of season ticket holders or anyone before.

I certainly won't be giving any of them my cash in the future.

Re:Mixed Reaction

[v1]

There is one minor issue with that though - lets say burger king has pissed you off. "Don't eat at Burger King" - ok, that's reasonable, there's McDonalds, Wendy's, etc., you have the option to take your business elsewhere. There are other near-equivelent businesses to pick from.

Problem is when someone is offering a unique service or product. (and with the disgraceful state of our IP management laws nowadays this is happening a lot) Now say Disney pisses you off. Where else do you plan on taking the k

Re:Mixed Reaction

[MrPerfekt]

This doesn't have anything to do with security. They're not taking your fingerprint at all, and even if they were I don't think they'd be comparing it against fingerprints of known terrorists.

This is just a fuzzy form of authentication. Other people are bound to have the same hand measurements as you but it's unlikely they your friend or family member will have something close.

They've been using this for a while now. The point of it is to prevent other people from using your ticket, even if you're not eve

Re:Mixed Reaction

[SydShamino]

>> We must keep it in mind that Disney is a private corporation and is able to set barriers to access to its parks. As long as they're not discriminating based on protected categories, their requirement for fingerprints must be protested with lack of patronage but little else.

Errr.. but the government can and should set limitations on what data companies can or cannot collect about us.

What if Disney required your home address and social security number to enter their park? You know that some people would provide that, stupid as it may be. Instead, the government has laws that limit who can require your social security number.

Or, what if Disney asked for a list of all medications you take before you enter the park. They could, but there are laws that limit the extent to which they can force you to comply, and the limit to which they could share information provided.

In other words, the government can and should limit the abilites of private corporations to store and share personal information. That's one of the things I want it to do. They just don't do enough of it these days. And biometric data like fingerprints is one of the main things that should be protected.

---------

All that said, supposedly this is just a hand shape scanner anyway, so this is moot.

Clarification

[M$ Mole]

This isn't happening at Disneyland...it's happening at various part of Disney WORLD. Yes, it's splitting hairs, but they are two different places.

Identity?

[Skevin]

Is there any identity associated with your prints, in this case? What if you want to pay for your admission in cash, and you left your wallet back in the hotel room?

After all, the whole point of cash is to allow you to conduct anonymous financial transacations, is it not?

Solomon Kevin Chang

Hey!

[pair-a-noyd]

WTF is this Mickey Mouse bullshit?

The problem with biometrics...

[Sancho]

The reason I don't like biometrics for identification is that it's virtually impossible to get a new identification should the old one be compromised. Worse, with fingerprints at least, you're leaving copies of your ID everywhere you go on everything you touch.

Imagine someone gets ahold of your identity right now. Yes, it's going to be a pain, but you can get a new SSN, driver's license number, credit cards, etc. But what if a thief gets your fingerprint and creates a fake [www.ccc.de] ? How do you cancel that? Sure, in theory, a database of compromised biometrics could be created to prevent future unauthorized use, but now what about your legitimate use? If my fingerprints were compromised, would I no longer be allowed in to Disneyland? And in a more serious application, would I be denied credit? Be unable to use an ATM?

The obvious solution:

[raehl]

Cockprints.

Re:The obvious solution:

[pHatidic]

Then your mom would have a copy of my identity.

And one more time

[Sycraft-fu]

Seems like I go through this every time a biometric security thing comes up on /.

There are three fundimental ways to identify yourself for access:

Something you have.
Something you know.
Something you are.

Something you have would be a physical token that can't be copied, at least not easily. A smartcard would be a good example. Someone has to physically steal it from you to use it, and you are likely to notice it's absence and alert the proper people. However the problem is that it can be stolen, or lost and thus used.

Something you know would be a password or PIN code. It's an ID stored in your head. The advantage is you don't have to carry it around and can't lose it. The problem is if someone finds it out, they can use it without you ever knowing it's been compramised.

Something you are is of course a physical trait. The good thing is that can't be stolen or anything. Problem is what you are changes, and can't be measured precisely anyhow and thus can be spoofed.

Now, real security comes from using 2 or three of these. Since their problems are different, moving to more than one makes it much harder to compramise security. If all that is required to get on a system is a password, all an intruder needs to do is find out the password and they are in. If, however, it takes a password, smart card, and fingerprint they have to find out the password, steal the card, and obtain and make a fake finger, all before any of this is noticed and access can be revoked.

So, in the case of Disneyland, they are maoving from 1-factor (somthing you have) to 2 (something you have and something you are). Even if someone steals your card, they have to build a fake hand (it's checking hand geometry, not fingerprints) and use it unnoticed. However the real aim is to prevent peopel from shaing their cards. It's easy to give away a token, much harder to make a convincing fake hand and not get caught.

So biometrics are NOT worthless unless they are the only security. When used as an augmentation to one or both of the other methods of security they make it that much harder for someone unauthorized to gain access.

Re:And one more time

[Tim C]

So, in the case of Disneyland, they are maoving from 1-factor (somthing you have) to 2 (something you have and something you are). Even if someone steals your card, they have to build a fake hand (it's checking hand geometry, not fingerprints) and use it unnoticed. However the real aim is to prevent peopel from shaing their cards. It's easy to give away a token, much harder to make a convincing fake hand and not get caught.

That doesn't answer the question - if your biometric identifier is compromised and

Just wait

[mfloy]

Although it is clearly not fingerprints now, it makes me think like this is just a lead-up to actual fingerprinting. They get everyone use to the idea of biometrics at the park, well at the same time trying to keep privacy advocates slightly less angry.

Missleading title.

[stm2]

They are not collecting fingerprinting. They are scanning just fingerPOINTS o finger geometric information. It can't be used to match a fingerprint in any database.
Anyway, you can opt-out of being finger scanned, just showing any photo-ID where your name match the one printed in the ticket.
I prefer this than being stamped with a UV sensitive ink.

(English is not my first language!)

Disney WORLD, not Disneyland

[tabacco]

This story is about Walt Disney World in Florida. Disneyland, the park in California, still uses good old fashioned paper tickets.

Re:Disney WORLD, not Disneyland

[LiNKz]

You still use paper tickets here too. Pity they just don't use ID, or for these people who have seasonal passes, a photo id right on it. Seems cheaper then half-working finger scanners.

Mickey not subject to scan

[FerretFrottage]

...being that he only has four fingers and all and hence no real middle finger.

I showed 'em

[ag-gvts-inc]

Well I did my part: I clicked the "No, I don't like it" button on their survey. Twice!

What if...

[mendaliv]

What if you managed to get your index finger lopped off (or at least "slightly damaged") during your stay at the park?

Or what if you happened to break your hand at work, got a huge settlement, and are now taking time off... will this thing recognize bits of your cast?

Swelling due to a beesting or some allergy perhaps?

In any case, I wonder what Disney's policy is for these sorts of unusual cases.

Last time I was there

[jcnnghm]

They would do the finger scan, and if it didn't work the first time the attendant would usually just manually override the scanner and let you in without much hassle. Also, the person I was with and I have similiar hand sizes, and flip-flopped passes all week. It almost certainly isn't a fingerprint scanner, just a very rough check.

Additionally, it seemed that the biggest issue with the scanner was not getting your fingers all the way into the device. If they weren't pushed all the way in, with the webb

Re:Last time I was there

[Nogami_Saeko]

I was thinking about this and thinking that if you really objected to it, you could just screw around with the scanner and continaully move your fingers, not put your hand in far enough, plead that your fingers have a genetic defect that prevents them from going in far enough, and generally moan, wail, and bitch while tying up the line until they just let you in because there are 100 families with screaming kids behind you getting angry.

I can see why they'd use it for season pass holders, however using it

Here's mine, take it

[paiute]

They can take my prints off of Sleeping Beauty's voluptuous ass. Seriously, that bitch got back.

They did this last year, still news?

[Oz0ne]

They do it to allow a day pass to go in and out, without being used by multiple people.

Seems like a nicely elegant solution to me!

Respond to the poll

[Tetravus]

There's a poll in the original story, a simple yes no maybe box with a submit button.
If every /.'er responded it would be easy to push the poll in the direction of individual liberties and defense of privacy.

Yes, I am aware it's not an official Disney poll but there's still a chance they'd pay attention to the results if they were overwhelmingly negative because the tv channel hosting the poll is neutral.

I'm all ears...

[mikael]

... if someone has a better way of solving this identity card problem...

That's fine.

[derEikopf]

Disney certainly has the right to do that. And we certainly have the right not to go to Disney. I'm sure Universal Studios will accept us with open arms.

Exactly

[CiXeL]

I hear that. My girlfriend and I just moved from los angeles to south florida. Its a shame cuz we were planning on visiting disneyworld but to hell with that now.

Re:That's fine.

[Boilermaker84]

Universal Studios and Sea World plan to do the same according to the local news. It's monkey see, monkey do with the three of them.

Simple Solution...

[DesScorp]

...don't go to DisneyWorld. End of problem. It's a private park, not government or public property. Don't like their policies? Don't do business with them.

Let's fix the problem

[It doesn't come easy]

All of you American citizens out there, listen up. Whether or not Disney is on the up and up about this, there's only one way to fix the problem once and for all. It's time for every good citizen to petition their political representitives for privacy laws that mean something. In my job, I deal with privacy laws from countries around the world. We plan what we have to do to comply with the local laws of each country. When we come to the US, more often than not it's "don't worry about it, the law doesn't mean a thing". Isn't it about time we make it mean something? Get politically active. It's the only way to make a difference. You can bet the RIAA, MPAA, Disney, Microsoft, even fair haired IBM are politically active.

The US used to have a government that was for its citizens. It's about time we had one again.

Why not use another high tech method?

[DaCool42]

Like, say, putting your picture on the pass.

Re:Fuck you, Disney

[Dachannien]

You want to force people to get down on all fours to get their anal probe.

You'd think that instead of all this finger scanning, they'd just scan the inside of your ass when they do the anal probe and get it over with in one easy step.

Re:Fuck you, Disney

[John Seminal]

And I hope a terrorists gets in and blows up tons of people. You will deserve it.

Even if Disney deserves it - do those people deserve it?

No, the people don't deserve getting hurt. The employees don't deserve getting hurt. Nobody does, not anywhere, not in the USA or anywhere. It is just so frustrating watching the America I love turn into a country where human rights and civil liberties no longer mean very much. It was frustrating being called unpatriotic for not supporting the war, like I am less of an American because I don't blindly follow, and question statements government makes, for example "we were fighting for WMD" then "No, it was never about WMD, it was about removing a dictator". Does anyone remember the presentation Powell gave at the UN showing drawings of mobile WMD factories on wheels driving around Iraq. Did my mind make that up? Do people remember any of it, or do they not care??

The government is supposed to protect all the people, to value democoracy, to gaurentee individual liberty so people can read whatever they want, work anywhere, and be free. Instead, there are libraries that require fingerprints, Disney World scanning fingerprints. It follows logic, as the price of these fingerprint machines goes down, more stores will be buying them. What will it be like, when in order to pump gas you first have to scan your fingerprints, to make sure you don't drive off. Then Hotels decide they like the idea of fingerprints scans, no more keys to rooms. Then the airplains and trains decide that in order to ride, they want a fingerprint. Then the stores in poorer neighborhoods want them, for fear of being robbed. Soon, it will be hard to find places that don't want your fingerprint.

And you know what is waiting in the shadows. Some large corporation that will buy this data and put it in some uber-large database. Your whole life will be in a computer somewhere. Your habits, where you shop, what you buy, how much you make, what you read, if you preffer coke to pepsi.

What if one day there is a government that wants a coup, to overthrow the democracy we have. Would it be easier if these people had large databases, to know exactly who to go after, the troublemakers who would make noise?

Now, take that information with what employeers are doing. Large companies convinced the USA to pass NAFTA, the companies promised it would be good for American workers. Instead, these same companies are building factories in Mexico, and firing people in the USA. Jobs that people need, that familes relied on. Watch Roger and Me, it is a good example of what can happen when a large factory closes its doors, how a community can turn from upscale into a poverty stricken ghost town. And don't get me wrong, if these companies paid the same wage to mexicans as they did to americans, I would not be complaining, but they are paying the mexicans an unlivable wage. It is slave labor, when people have to work their hearts out to make just enough to eat.

And employers are getting worse. A local computer store now requires applicants to take a drug test, then come back and take a personality test which they never tell you the results to, then the last step is agreeing for a credit check. This is for a $9.50 an hour job working the floor stocking hard drives, video cards, and anwsering customer questions. And after they hire the person, they still never tell them the results to those tests, or what they did with them. If they don't hire, you have no way of knowing if those tests were the reason they did not hire you.

What scares me is what I see comming down the pike. An America with limited jobs, most low paying, and all requiring going through databases to see everything about your life. Unlike in the 60's when anyone could get a job anywhere making good money, today it is hard to find a good job. Companies like Motorola lay off 11,000 people over three years, and then give their CEO a million dollar bonus. Sun Microsystems asked the government for permission

Re:Abuse

[John Seminal]

I think this has some potential for abuse - I hope they secure their data well.

Secure it?? They will sell it. Or government will force them to release ie.

Do you remember the airlines after 9/11. They were forced to send all their passengers data to the government. The airlines denied it. Then it came out as true. Then the airlines admitied it.

Can anyone imagine seeing a mom, pushing her 6 year old daughter and saying "honey, scan your hand so we can see Mickey".

Did anyone see the slashdot story a month ago about the Naperville library that requires fingerprints to use their library?

Or what about Boston and the thousands of cameras they put up? Then Chicago and the 3,000 cameras they put up?

When will everyone admit this is a police state? When you are not allowed to quit your job? When you are told you must work and have no overtime. When you have no health insurance. When the courts take away your rights, that your grandparents had? WHEN? WHEN!!!

Re:Abuse

[The Only Druid]

The installation of video cameras in public spaces is quite different from the collection and cataloguing of biometric data. Among other things, it's trivial (if it matters to you) to simply wear something like a burkha if you want to obscure your identity in public spaces where the cameras are present. You don't want to cover yourself head to toe in public spaces? Bummer for you.

This private company can do whatever it wants. That's the libertarian ideal. It would be very bad if the government could

Re:Abuse

[ag-gvts-inc]

What's needed is for the people to get together and (in a nice way) let congress know how they feel about these things. While I admit that that's not likely to happen, your histrionics make it seem like only those on the lunatic (sorry) fringe care about these things.

Re:Abuse

[ScentCone]

When will everyone admit this is a police state?

Hmm. For living in a police state, you sure are able to talk all you want about the evilness of the police state.

As for the article in question: if a private company wants to use a hand-geometry scanner to help eliminate abuse of their passes, well, that's their business. Just take the kids to one of those Linux-powered Open Source Anarchyworld Amusement Parks I've been hearing so much about.

Re:Abuse

[YrWrstNtmr]

Secure it?? They will sell it. Or government will force them to release ie.

Sell what? Your prints? Or the reams of data they already have, like so and so has visited there 5 times in the last 3 years, and spent an average of $275 each visit.
They already do that. No prints needed.

Or what about Boston and the thousands of cameras they put up? Then Chicago and the 3,000 cameras they put up?

You want cameras? Go to England.

Re:Abuse

[WindBourne]

They were forced to send all their passengers data to the government.
From what I heard, that is not quite true. Apparently, the feds told the airlines that they did not have to turn over the info. But if they did not, the US gov. would forbid ALL employees from flying the airline. In addition, they would not be eligible for the loan (did not help United, but I am not sure that United gave up the data). Finally, they might have a hard time making changes at airports, flights, etc.

Basically, GWB's admin guaranteed that if they did not cooperate, that the feds would sink them slowly.

Re:It's a free market

[eric76]

Those without arms will have to go to other amusement parks.

Re:It's a free market

[slittle]

Disney only admits armed patrons? I didn't know they moved to Texas....

Re:It's a free market

[jgerman]

Who the fuck modded this insightful. They don't explain any of that up front, once you've bought your tickets it's too late.

Hell I went through the gate without even thinking about what they were doing before I realized.

Re:It's a free market

[secolactico]

Too bad I don't have mod points or you'd be at least +1 Funny.

Re:dna

[KentoNET]

Hey, as long as the girls are hot...

Re:Anti-Capitalist Tin-Foil Wearing Nuts

[Anonymous Coward]

"The collecting of this fingertip information and how it is to be used and what the source of that information is as it relates to what it will show -- I don't like it and we will look into it," Crossley said.

Shut up. And stop drooling.

Don't like it, don't go to Disneyland.

Yeah, sure. Okay, it's creepy, but hey, it's just Disneyland. I don't have to go there. And tomorrow Blockbuster Video starts requiring a scan to rent a video, but hey, it's just video-rental. Soon the Mobil gas-station starts

Re:Terrorism!

[Zakabog]

Someone please think of the children!

Yes! Please think of the children and have Osama bomb a more annoying character, such as Barney or the Teletubbies. Although bombing Disney wouldn't be too bad, they are quite the evil empire.

Re:ACLU can shove it.

[trewornan]

That's idiotically simplistic - ownership doesn't give you the right to make up any rules you like. Or do you think Disney should be allowed to refuse entry to Black, Jews, etc? Maybe just Muslims would be alright?

Re:ACLU can shove it.

[Legion303]

"That's idiotically simplistic - ownership doesn't give you the right to make up any rules you like. Or do you think Disney should be allowed to refuse entry to Black, Jews, etc?"

I don't know about the person you're responding to, but that sounds reasonable to me.

Business owners free to be as idiotically bigoted as they want to be, and consumers free to give their money to companies that don't suck. It's better than the sort of concealed racism we have now.

At any rate, it's not as though this is the last

Re:ACLU can shove it.

[maxpublic]

ownership doesn't give you the right to make up any rules you like.

Funny, that's how it works on my property. I tell my guests they can either follow my rules or leave - and they can leave any time they like. But there is no third option available to them.

In the land of the free I'm free to make the rules that govern my property, and you're free to leave (or not enter the property in the first place) if you don't like the rules. Freedom all around, for everyone concerned.

Max

Re:captian hook

[EEBaum]

He will be declined, ejected from the resort area, and heavily sued. I think we're all familiar with Disney's views on piracy.