back to article Six Flags fingerprinted my son without consent, says mom. Y'know, this biometric case has teeth, say state supremes...

The Illinois Supreme Court on Friday ruled a family's lawsuit that claims downmarket-Disneyland Six Flags broke the US state's Biometric Privacy Act can proceed. The decision reverses an earlier appellate court ruling that threw out the legal action on the basis the plaintiffs did not allege any specific harm. The supreme …

  1. JohnFen Silver badge

    Thank you!

    I needed some good news today!

    1. Anonymous Coward
      Anonymous Coward

      Re: Thank you!

      I've scanned the docs linked, at it appears the park's crime was neglecting to get consent and not providing info on how the fingerprint would be handled. So going forward, companies will need to perform that much more paperwork to be in compliance, but only in the State of Illinois.

      How about they just have some text that says anyone, by the act of providing a fingerprint, is thereby consenting. Then they can just add their policy boilerplate text and they're done. Or, won't that be enough? Will anyone underage have to be excluded from programs that use fingerprinting for securely identifying someone? Is fingerprinting itself a bad idea, and if it is, what can be done instead? Photos? Won't there be people who object to that too?

      This all seems to be opening a can of worms that didn't really need opening.

      1. JohnFen Silver badge

        Re: Thank you!

        "it appears the park's crime was neglecting to get consent and not providing info on how the fingerprint would be handled"

        Yes, and consent is the fundamental issue with these sorts of things, so that's appropriate.

        1. SoaG

          Re: Thank you!

          A 14 year old can't even give legal consent.

          1. Graham Dawson

            Re: Thank you!

            No, but a parent or guardian do so on their behalf.

      2. Mark 85 Silver badge

        Re: Thank you!

        For the life of me, I can't imagine why an amusement park needs your fingerprints or facial recognition unless it some sort of ticketing thing which like many other places, one price and you can ride as many rides as you want... food and souvenirs are extra of course. It's not like they don't have security cams and employees everywhere. So what do really need this for?????

        1. The IT Ghost

          Re: Thank you!

          Some such parks will require extra ID when a person presents a season pass. I've never read the T&C for such a pass, but its safe to say they have a clause that prevents sharing the pass with friends, nobody goes to an amusement park every day, or even every weekend, all season long, so there's temptation to go in with a buddy and alternate weekends or something, and split the cost. The park can claim they then lose money due to the high usage rate of the pass.. Since many visitors are underage for a driver's license or other state-issued ID, they needed something everyone has with them, regardless of age. The choices are fingerprints or facial recognition, and privacy advocates will (rightly) protest either.

          Is there a solution? They could eliminate the unlimited season pass, I suppose, and instead just push the multi-visit passes with, say, 20, 30, 40 visits per season, they really have no reason to care if people share those, though they probably will still prohibit it. just because they can.

          1. chivo243 Silver badge

            Re: Thank you!

            @ The IT Ghost

            Maybe the term season pass is antiquated in this day and age of PROFIT, call it a membership and you get all the lock-in you can cram into your membership agreement.

            I disagree with your view on season pass usage, and companies loosing their ass. They can claim all they want... The sun is green the sky is orange, but if it wasn't an extremely lucrative model they wouldn't touch it even with the "losses" attributed to pass sharing.

          2. 10forcash Bronze badge

            Re: Thank you!

            "Since many visitors are underage for a driver's license or other state-issued ID, they needed something everyone has with them, regardless of age. The choices are fingerprints or facial recognition, and privacy advocates will (rightly) protest either."

            How about going all retro and using a signature - like we did before photo's, fingerprint recognition, chip & pin etc. etc.. It meets the requirements in that the pass holds the data not the company and the passholder can irrevocably destroy the data (signature) when the pass expires.

            Just a thought.

          3. Anonymous Coward
            Anonymous Coward

            Re: Thank you!

            So you basically suggest the same things I did, and you get 6 clean upvotes while I got buried under 30 downvotes? Is it my lecturing tone? The fact that I'm a known conservative? What? I'm not angry, just curious in an intellectual way.

            1. BigSLitleP

              Re: Thank you!

              If you think his comment and yours are the same thing, you have either a reading or a writing problem.

              1. Anonymous Coward
                Anonymous Coward

                Re: Thank you!

                This from the guy who thinks anyone who is arrested is guilty by definition.

                1. Cav

                  Re: Thank you!

                  For me, primarily your last sentence. This is most certainly a can of worms that needs to be opened. No one needs to be fingerprinting kids. If you agree to that then you agree to opening the can.

                  Your comments are not the same.

          4. DaLo

            Re: Thank you!

            "The choices are fingerprints or facial recognition, and privacy advocates will (rightly) protest either."

            Err, what? They can do facial recognition without privacy concerns quite easily. It's been done on ID cards for longer than even computers have been processing such data.

            Here's how it works - the pass has the holder's photo, the human uses "facial recognition" to check the holder matches the photo on the season pass.

            Easy?

        2. Ugotta B. Kiddingme

          Re: Thank you!

          It's been a few years but when my son and I had season passes to area amusement parks, one of which was a Six Flags location, the pass included a somewhat grainy B&W photo of the person for whom the card was issued. At entry, said pass was scanned by the Mark I eyeball of a teenager manning the gate. Within the context of amusement park entry, there is NO good reason for ID confirmation more complex or intrusive than this. Just because you CAN use shiny tech to achieve a thing doesn't always mean you SHOULD.

        3. Mystery Machine

          Re: Thank you!

          Not just season passes. Most overseas visitors to Florida** will have a two week pass for Disney or Universal as it's around the same cost as 3-4 days of entry. So the park owners use biometrics to avoid sharing the passes as you're clearly not going to be mad enough to go every day, especially when there's a rocket base up the road. I do recall it's also linked to a photo at first time of entry as it gives them a method for manual validation when the fingerprint thing goes Bzzzt. No idea what they do with all this data at the end of your stay (other than maybe to see how well they monitized you with the wristband thingy) but the Homeland mob have it all anyway for overseas visitors.

          ** sizeable percentage of guests.

      3. Doctor Syntax Silver badge

        Re: Thank you!

        "So going forward, companies will need to perform that much more paperwork to be in compliance, but only in the State of Illinois."

        Yup. It's a shame other states don't value citizen's privacy over intrusive corporations. At least not yet.

      4. Someone Else Silver badge

        @Big John -- Re: Thank you!

        So going forward, companies will need to perform that much more paperwork to be in compliance, but only in the State of Illinois.

        And Alaska...and Connecticut...and Massachusetts...and New Hampshire...and a whole bunch of other states once this gains traction.

  2. Not Enough Coffee
    Thumb Up

    "You can cancel your credit card but you cannot cancel your face."

    Worthy addition to a book of quotes.

    1. elkster88
      Mushroom

      Re: cancelling your face.

      "You can cancel your credit card but you cannot cancel your face."

      Well, you sort of CAN cancel your face... but bringing home a chimpanzee for a bit of face eating does seem a bit of an extreme measure to scrub your identity from a biometric database.

    2. 's water music Silver badge
      Trollface

      Thumb Up

      "You can cancel your credit card but you cannot cancel your face."

      Worthy addition to a book of quotes.

      Face cancellation service. Can your mother stitch pal?

      Have a smile more like his--->

    3. DropBear Silver badge
      Trollface

      Of course you can cancel your face! I've clearly seen this done in a historical document from the great Hollywood library - "face/off", I think it was called...?

  3. Dan 55 Silver badge

    Wrong end of telescope

    "We fear that today’s decision will open the floodgates for future litigation at the expense of Illinois’ commercial health."

    Or, businesses in Illinois will be trusted more as they subject to higher regulatory standards regarding people's biometric data.

    1. sanmigueelbeer Silver badge
      Happy

      Re: Wrong end of telescope

      "We fear that today’s decision will open the floodgates for future litigation at the expense of Illinois’ commercial health."

      I disagree.

      Look at Marshall, Texas. This is patent troll "territory". Marshal is a town "built" by patent troll.

      I'm just sayin': This is the US of A and, law degree or not, anyone can get rich (quick).

    2. This post has been deleted by its author

    3. ThatOne Silver badge
      WTF?

      Re: Wrong end of telescope

      Or Illinois shouldn't base is commercial health solely on trafficking of peoples' data?

      In which case there would be no impact?

    4. Doctor Syntax Silver badge

      Re: Wrong end of telescope

      "Or, businesses in Illinois will be trusted more as they subject to higher regulatory standards regarding people's biometric data."

      Only if they follow the law. Making determined attempts not to are counter-productive. The fetish of acquiring as much data as possible seems to override mere self-interest.

  4. DougS Silver badge

    So I gather

    The fingerprint was so the season passes can't be shared by his friends, which seems like a reasonable precaution. I guess Six Flags needs to make it clear that if you buy a season pass you'll have to submit your fingerprint, because that's how they can tell it is the buyer using it, and not someone else. If they refuse that, then presumably there are other alternatives like a 10 visit pass or something which would have no reason for a fingerprint.

    The other gotcha is what are they doing with the information. If they treated it like Apple does fingerprints for Touch ID, where it generates what amounts to a 'hash' of your fingerprint, so it can compare A to B to see if they match, but would be unable to produce a copy of your fingerprint for e.g. law enforcement, then people would probably feel more secure about it. Most likely their system works the same way, if so they need to make that clear. One gotcha is they'd have to keep that info in their system, to allow for entry at multiple entrances and maybe multiple parks, while Apple keeps it in one phone, so it is inherently less secure. It isn't clear what the risk of that would be, since you can't reconstruct the actual fingerprint from that data, but the type who will sue over this would not find that reassuring.

    1. JohnFen Silver badge

      Re: So I gather

      "If they treated it like Apple does fingerprints for Touch ID, where it generates what amounts to a 'hash' of your fingerprint, so it can compare A to B to see if they match, but would be unable to produce a copy of your fingerprint"

      That's how 99% of all fingerprint scanners work (and is a big part of why it's easy to spoof them). To do otherwise rapidly becomes prohibitively expensive. So I would be very surprised if this one worked any other way.

    2. Wellyboot Silver badge

      Re: So I gather

      A photo on the season pass will be far simpler, six flags don't need to keep a copy and to use it you need to have a matching face. They do have people at the park entry gates don't they.

      I could provide a disaster movie plot involving bioweapons and 20,000 people touching the same device if that would help change the park owners minds. (don't worry, the dog survives)

      1. ThatOne Silver badge
        Thumb Down

        Re: So I gather

        > A photo on the season pass will be far simpler

        Indeed. A photo is how all the other places handle similar cases, and they haven't gone out of business. I mean, how many cheating identical twins do you need to feel the financial impact?

        But it's always cool to go for the extremes. I'm pretty sure they would use genetic fingerprinting if they had a way to do it fast & quickly at the gates... This nonsense needs to be nipped in the bud.

        1. DougS Silver badge

          Re: So I gather

          The fingerprint is probably so you can go through a special automated entrance without having to wait in line with the rest of the plebs, as another benefit for season pass holders. If you use a photo, someone has to squint at the person holding the pass to see if they match the picture.

          1. The First Dave

            Re: So I gather

            "If you use a photo, someone has to squint at the person holding the pass to see if they match the picture."

            You can still use a robot for that if you want to - hold up the card to the same camera thats looking at your face, no need to store any data at all.

      2. The IT Ghost

        Re: So I gather

        But then they have your photo, which is private biometric data and right there on the pass is proof they saved that data. And how do they apply it to prevent cheating? Have an actual human earn minimum wage looking at each pass and comparing it to a face? That costs money! Facial recognition camera to compare the person at the entry gate with the photo on the pass? Again, biometric data, though this time they could claim (and not be believed) they didn't save the data.

        And there is the ticklish problem if getting the photo on the pass. The parks want to sell them online so they staff fewer ticket offices, as that's an expense. A probable virtual pass that someone brings up on their phone (even airlines have gotten that far with boarding passes). You can trust someone to paste their own selfie on it...but a clever person will find a way to overlay any photo on it. Say person A buys the pass, and goes into the park with A's photo on the pass. B then alters it with B's photo, and goes to the park later. If the park detects the photo change, they admit they're...wait for it...storing biometric data, since they still had A's photo stored to compare to the one on the pass.

        Photos are simpler, but don't get around the "biometric" hurdle.

        1. Pen-y-gors Silver badge

          Re: So I gather

          Photos are simpler and can get round the biometric hurdle. If, for example, they asked you to bring a passport-sized photo of yourself when you buy the pass, which they laminate to the pass, that's absolutely clean. Your photo, your pass. They don't have a copy.

          Take it a stage further, they provide an instant photo booth so you can get the photo. Again fine, so long as they don't keep a copy (and they don't need to anyway).

          1. Blank Reg

            Re: So I gather

            The technology to take your photo and print it on a pass card has existed for decades, and I've even had theme park season passes that used just such a process. There is no need for them to save your photo, just take it, print it and delete it.

            They already have people checking you when you enter the park anyway to keep out evil contraband like a bottle of water, so having them look at your face and pass while they do that isn't going to slow things down.

        2. Doctor Syntax Silver badge

          Re: So I gather

          "But then they have your photo, which is private biometric data and right there on the pass is proof they saved that data."

          As you say, "right there on the pass". The pass which is under the control of the customer not the vendor. The pass which the customer can destroy when it expires.

        3. keith_w

          Re: So I gather

          WRT the part about getting the photo on the card - yes they still need to see you to produce the card - but so do they need to see you to obtain your fingerprint.

      3. aks Bronze badge

        Re: So I gather

        If you switch to using an image of a face rather than an image of a fingerprint, how does that change the probablility of being sued?

        Just a scam to get money when there's no actual damage or even risk of damage.

      4. JLV Silver badge

        Re: So I gather

        > A photo on the season pass will be far simpler

        exactly. how were season passes done 20 yrs ago?

        nostalgia’s not always a good thing, but is zero need for this kind of police state behavior from corporations who will then guard your private data as fiercely as a horny teenager guards his virginity.

        1. keith_w

          Re: So I gather

          When I took my kids to Canada's Wonderland 20+ years ago, they did photos on cards.

    3. Anonymous Coward
      Anonymous Coward

      Re: So I gather

      'If they treated it like Apple does fingerprints for Touch ID, where it generates what amounts to a 'hash' of your fingerprint, so it can compare A to B to see if they match, but would be unable to produce a copy of your fingerprint for e.g. law enforcement'

      Sure, they (probably) don't store the image of the fingerprint, but if the Laws come along with a warrant for both your database *and* your hashing algorithm, which they then merrily apply to their database of stored fingerprints and compare the hashes, what's the difference?

      The hash of the fingerprint might not be 'evidenciary', but, like the Laws trawlage of the hokey Ancestry DNA databases, running their fingerprint image databases through all known commercially used fingerprint reader hashing algorithms and then slurping in as many large databases containing these hashes as they can (I'm thinking in particular about the number of schools who use these devices) and doing the comparisons would help them narrow down their pool of suspects for further investigation..

      One for the lawyers to fight over further I suppose, is a 'hash' of PII/personal data still legally the same as PII/personal data ?

      1. DougS Silver badge

        Re: So I gather

        If the park licenses the fingerprint technology from someone else, as is probably the case, it would be a very high bar for a court to get the algorithm. Even if they can, a "match" is unlikely to hold up in court, given that there are published ways to defeat these types of fingerprint scanners. They have an error rate of something like 1 in 50,000 - and that's in perfect conditions, I'm sure a defense attorney would eat an argument based on that for lunch so I doubt a prosecutor would attempt it.

      2. amanonthestreet

        Re: So I gather

        I'm with you on this, 10 years ago my children were the only ones in school (of 1500) not allowed to use the library because I wouldn't let them be finger printed. As you say, you only have to run an unknown print through the same algorithm and then compare it to your database, As to your last point, IANAL, but I would say the hash is your personal data, after all it's used to identify you.

        1. Caver_Dave

          Re: So I gather

          My two were also the only ones not allowed into their UK Junior School library.

          I explained why the school shouldn't need a 5 year old's finger prints to the school, the Local Education Authority and my Member of Parliament, who all said that I was wilfully damaging my children's education i.e. not answering anything about the privacy issues.

          My wife went into school for a "parents meeting" (these used to be "parents evenings" so working people could attend!) and when presented with the threat of the children being excluded from school, (as they were not participating in parts of the curriculum) and despite knowing my objections, told the teacher it was OK to take the fingerprints. My household was not a happy place for a few weeks!

          My MP is now Brexit Minister, so on past experience I would say that GDPR will soon be out of the window :-(

          1. Wellyboot Silver badge

            Re: So I gather

            Don't panic yet Dave, Brexit ministers seem to have a short shelf life, I doubt Barclay (Current minister) will last the year.

            Threats of exclusion being used to coerce parents into acquiescence is disgusting (illegal?) and the replies you received (LEA & MP) sound like a boiler plate fob off.

            I'm guessing that the schools position is “we're taking fingerprints unless you object” so it is quite possible there's a fair number of parents who signed the 'library slip' that junior brought home one day without actually reading it. How you can progress this depends on how far you're willing to push.

            Written question (to their parliament address1) to Rt. Hon. Damian Hinds (Sec. State Education) & Rt. Hon. Stephen Barclay (Sec. State Exiting EU) asking if they consider refusing to have children fingerprinted at school is an acceptable reason for threatened exclusion from education.

            Solicitors letter to LEA demanding your childs right to access statutory education & the legal justification stating that it is necessary and proportional to require the fingerprinting of children to use a library. (GDPR)

            Boilerplate non-answers can be forwarded to the press which might enjoy asking a non Br**it question).

            1$MPname$ House of Commons, SW1A 0AA.

          2. garynb

            Re: So I gather

            Wow. Sounds a lot lilke something I tried omce. Dad gave the wrong answer so I asked Mom and got the desired answer. Happiness was short-lived, however. Did not try again.

    4. Doctor Syntax Silver badge

      Re: So I gather

      "It isn't clear what the risk of that would be, since you can't reconstruct the actual fingerprint from that data, but the type who will sue over this would not find that reassuring."

      The obvious risk is that the hash can be passed or sold on. It then becomes identifying information if the recipient acquires, surreptitiously or otherwise, a fingerprint.

  5. whoseyourdaddy

    My chain gym recognizes my fingerprint which any twin brother I don't know about to have a $40 a month membership of his own. More importantly, it avoids a log jam at the entryway if someone's DNA or retina scan test goes amok or someone can't find their billfold in their Walmart-sized handbag.

    My Epic Ski pass has more to lose, so they have my photograph for my season pass. At the lift, they scan my RFID and their equipment shows a picture of my face. Off to tumble down a large hill.

    Arguably, the only reason to invest in going all the way for a 14 year old is you want to either destroy 6flag's season pass business or you intend to raise a terrorist. I see no reason for six-flags to answer an FBI subpoena when the FBI already has access to this kid's passport application.

    1. VikiAi Silver badge
      Boffin

      Fingerprints are not genetically determined. 'Identical' twins don't have the same fingerprint any more often than two people from completely unrelated families do (which is to say, it is more common than script writers, law enforcement and floggers of tech-woo would like to pretend, but being a twin is irrelevant).

      1. whoseyourdaddy

        Sorry, I dropped my phone before I finished.

        I'm arguing that 6Flags is far from alone in requiring fingerprints to secure their business. When I travel to other gyms in other states, my phone number causes access to whatever they use to validate my fingerprint.

  6. whoseyourdaddy

    I'm pretty confident six flags has only the fingerprint of his index finger of his right hand.

    Good luck winning a privacy lawsuit on that.

    1. The IT Ghost

      Years ago, when I was at Disneyworld, the person I visited with used a season pass and they required FOUR fingers of his right hand be scanned, and that was decades ago.

    2. Tom 38 Silver badge
      WTF?

      Is your argument that he can always just cut off that finger?

      1. mark 120
        Joke

        He's from Illinois, can't he just grow a new one afterwards?

  7. MrTuK

    Companies will always push the privacy barriers because money is to be made from it.

    Sadly companies can make money on personal data and probably can make more than the cost of a season ticket over time including after the season ticket expires so they want this data because it is guaranteed money whether a person uses the season ticket or not !

    Biometric data is the future and governments know this and so do businesses, sadly there is only a few percentage of people who want to protect their biometric data and so the ignorant sheep will lead the rest of us up shit creek whether we wan to go there or not unless we can educate them. What annoys me most is there still seems to me only a small percentage of IT people that understand this which is amazing since you would have thought that their logical thinking and understanding of computer data would help them see the downside in the future !

    I personally dont trust any entity with my Biometric data and I dont use facial or fingerprint to unlock my phone, yes the UK Gov has my Photo for my passport because I had no choice if i want to travel and sadly this is how they catch us all, slowly, slowly cookie froggie and eventually they will get us all. Drivers license and Passports and they will try and catch young people in some way like this instance of Theme park season tickets but eventually it will be at birth blood for DNA and fingerprint and footprints, i am not sure when iris scans would be taken. But it does look a bleak future for everyone in western society when your identity is up for grabs by anyone !

    1. chivo243 Silver badge
      Trollface

      Re: Companies will always push the privacy barriers because money is to be made from it.

      You missed colonic map... Take that any way you want ;-}

      1. Steve K Silver badge

        Re: Companies will always push the privacy barriers because money is to be made from it.

        Only one way to take it.....

    2. Doctor Syntax Silver badge

      Re: Companies will always push the privacy barriers because money is to be made from it.

      This is why we need legislation such as GDPR and this Illinois Act. If selling on data or holding it in excess of immediate functional needs becomes toxic eventually companies will stop doing it. Some will work it out for themselves when the legislation is passed or when first challenged. Some will learn by seeing the mistakes of others. Some will learn the hard way. Six Flags should be applauded for selflessly volunteering to be held up as an example from which others can learn.

  8. devTrail

    fingerprinting children

    Just one lawsuit and few dozen possible future lawsuits while this people are fingerprinting children.

    Such a weak response from the parents gives a measure of how much the population has been dumbed down and brainwashed.

    1. lowwall

      Re: fingerprinting children

      I once had a season pass there. I suspect that the parents who care about this have done what I have done and simply refused to go to Six Flags since they started requiring fingerprints for the pass.

    2. Doctor Syntax Silver badge

      Re: fingerprinting children

      "Such a weak response from the parents"

      I don't suppose many parents can afford to start a lawsuit against a large corporation. At least not until someone who can has tested the water.

    3. Someone Else Silver badge

      Re: fingerprinting children

      Such a weak response from the parents gives a measure of how much the population has been dumbed down and brainwashed.

      Shit, look who we left-Pondians elected president, and what you right-Pondians voted for re: Brexit. Exhibits A and B, indeed.

  9. cbars

    I'm with 6 flags

    I can't sell tickets to gladiator matches anymore because of these namby pamby anti murder laws, it's anti commercial!

  10. JimBlueMK

    had not alleged any actual harm,

    So I would love to see how the head of SixFlags reacted if I entered his house without damaging anything, had a wander round before leaving. Do you think he would go, oh there was no damage so I won't bother shooting the guy?

    The law is the law, if you break it you should be prosecuted. As for some of the comments about people should not be preventing SixFlags from protecting their season ticket practice, that is a red herring. At issue here is not that SixFlags finger printed the kid, it is that they provided no information about a)why it was done or b) what they planned to do with the data. They can continue to fingerprint so long as they communicate to individuals or their parents what the purpose of the fingerprinting is, and the details of what they plan to do to make sure that the data is secure (you know put in place appropriate technical and organisational measures to protect the data, delete if no later than x months after it has been collected, etc.)

    The industry body's position is that their members should not be penalised for breaking the law, that is a stupid argument, they should be saying to their members make sure you comply with the law and you can collect the data you need for your business.

    1. John Brown (no body) Silver badge

      Re: had not alleged any actual harm,

      I came to the comments section with exactly the same thoughts in mind. SIx flags defence is that whether they broke the law or not isn't relevant if no harm is alleged. WTF? Now THAT is a broken system.

      1. Someone Else Silver badge

        @John Brown (no body) -- Re: had not alleged any actual harm,

        Welcome to the USofA, Co. Inc. in the post-Reagan era.

    2. Spazturtle Silver badge

      Re: had not alleged any actual harm,

      Imagine applying this ridiculous 'logic' to other violations of people's rights. What if rape victims had to demonstrate what 'actual harm' they had suffered as a consequence of being raped in order for the rapist to be prosecuted.

      Having your rights violated is harm in itself.

  11. Anonymous Coward
    Anonymous Coward

    Why fingerprints ?

    Waaaaaaaaaaay cheaper than relying on having to PAY a HUMAN.

    Or it was until they were sued.

    Same driver for self-service tills.

  12. illuminatus

    I bet

    they didn't try fingerprint the Banana Splits. Snorky would have gone postal on them...

  13. Marty McFly
    Flame

    Disneyland

    Went to the mouse show in California. They took my picture, and refused to allow me entry unless they could do so. I asked what their intentions were and was told in broken English "No picture, no entry, period". I marched my now unhappy butt over to the Customer Service counter at the Happiest Place on Earth (tm). They gave me the explanation that in case I lost my 5-day pass they could verify it was me and replace it. A reasonable answer.

    I then asked for their *written* Privacy Policy explaining how long they would retain my biometric information and confirming that pass replacement was the only use they intended. I got a blank look of confusion. The mousey employee went in to a feedback loop of 'Uhhhhhhhh'. Time was wasting, so I gave up and spent the rest of the day waiting in long lines.

    Frankly I am glad to see this in the news. Our privacy has been blatantly run over for far too long and it is high time big corporations got yanked in to line.

  14. Someone Else Silver badge
    Thumb Up

    Yer Goddam right it will!

    Meanwhile, Todd Maisch, president and CEO of the pro-business Illinois Chamber of Commerce, issued a statement of concern: "We fear that today’s decision will open the floodgates for future litigation at the expense of Illinois’ commercial health."

    Yer Goddam right it will, Toddy-boy. Guess you'll have to advise your fatass businesses to follow the fucking law (for a change), and ask if they can plunder their customers' products' privacy in their never ending glut for profits at any and all costs.

  15. Anonymous Coward
    Anonymous Coward

    Illinois' commercial health will do very well indeed, when every single adult in the state receives a cheque from Google, Facebook, etc for statutory damages and proceeds to spend it in the local economy.

  16. John Savard Silver badge

    Very Strange

    I would have thought that the commercial health of the State of Illinois would not be particularly imperilled by companies knowing that, if you want to use fingerprints on a season pass to an amusement park, then you will have to get a parent's or guardian's consent before selling such a pass to a minor. It's not hard to follow the law, and that's what laws are there for. To be obeyed.

    That companies ought to be able to plea "Oh, gee, we forgot" in order for a state to be business-friendly is, on the face of it, a preposterous claim that should receive the ridicule it deserves.

    Unfortunately, whatever Illinois does, it looks like instead most other states are taking the complaints of some corporations about this very seriously indeed.

  17. Grinning Bandicoot

    If they treat you like cattle

    Since these locations, laughingly called amusement parks, move the herds around without any more regard than drovers on a trail drive, use ear notches and avoid the fingerprints.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019