Back to all blog posts

Fingerprints, privacy notice, and theme parks

My wife and I recently visited a major theme park and were surprised that our fingerprints were requested when we entered. While I understand the good business reason the fingerprints were requested, I remain dumbfounded why I could not find a privacy notice that disclosed how the information was being protected.

Not wanting to spoil the day, I provided my ticket as well as my fingerprint at the gate and off we went for a relaxing day of rides, shows, and (too much) food. At some point I visited the guest services desk and asked about the fingerprint process.

Why collect fingerprints

The guest services representative politely explained that the multi-day ticket I had purchased was non-transferable. What better way to rapidly verify that I was using the ticket (and had not given it to someone else) than a quick bio-metric scan.

The representative explained that my fingerprints weren’t stored, but just a few points of the fingerprint were taken and converted into a number.  That number was saved and each time compared to the fingerprint provided when the ticket was used.

The fact is that to verify it was me using the ticket there would need to be some transfer of personal information be it a fingerprint, photo-id, or something else. I had the opportunity to opt-out if I had asked, but that would have involved providing some documentation that I may not even have had with me.

So, how was my personal information protected?

When I asked the representative how my fingerprint information was saved, how long it was kept, and how it was destroyed, I got a puzzled look. After conferring with a colleague I was told that the number derived from the fingerprint was saved on the ticket itself…it didn’t sound right.

Going to a sister park the next day I went through the fingerprint entry procedure again and spoke to another guest services representative. This representative assured me that the fingerprint-derived number was stored on the theme park’s computer systems and destroyed 30 days after the ticket was used up or expired.

Where can I find a privacy notice?

My wife’s patience on this was understandably wearing thin, but I still had questions. Once we returned home I went to the source of all truth, the internet.

It turns out the theme park had been using the fingerprint process for several years and there were several news reports from years ago discussing the practice. I also began looking for some notice on the theme park’s web site. Maybe it was the late hour, maybe I was tired, or maybe I was still coming down from the sugar high from all that I ate, but I could not find a mention of fingerprints or bio-metrics in any privacy notice on the theme park’s web site. So I sent an email to the company’s customer service help desk.

In a couple of days I got a phone call from a representative who was sure there was a notice, but did not know where it would be. She was also unable to answer my questions with confidence, but she would get back to me. I received a voice mail a few days later explaining there was not a notice and the information I was seeking was proprietary.

Be transparent about how you protect personal information

To put things in perspective, I was not unhappy that my fingerprints were taken, nor was I unhappy about the interactions with the guest and customer service representatives.I was however distressed about the lack of notice provided about the use of bio-metrics and the lack of awareness on the part of the theme park’s employees.

When dealing with personal information it is vital that you provide information in a privacy notice as well as educate your staff about how to respond to queries about your practices. Telling customers that this information is proprietary is not a good idea.