A Data Scientist Visits The Magic Kingdom, Sans Privacy

An anonymous reader writes "MailChimp Chief Data Scientist [John Foreman] is at Disney World this weekend wearing his RFID-equipped MagicBand. Here's how he thinks the practice of digitally tracking consumers in the physical world will reach everywhere from theme parks to our homes." Foreman's conclusion (and headline) — shades of Scott McNeally's famous "Get over it" — is "You don't want your privacy." That seems to miss the mark, at least for me: I don't mind parceling out certain kinds of information (like whether I like to buy decaf at Starbucks, or how long the wait is to ride Space Mountain), in contexts of my own choosing, but that's much different from being snooped on by the NSA or other state actors in other contexts.

Fuck you!

I do value my privacy and its people like you selling it down the river for a cup of cofffee

Re:Fuck you!

[tpstigers]

Can't value it too much - you're connected to the Internet.

Re:Fuck you!

[PopeRatzo]

how much do you value the privacy of what kind of coffee you drink ?

do you value it as much as the things a loved one might tell you in bed at night ?

That's kind of a nonsensical question. Assuming that someone reading Slashdot understands what can be accomplished through the collection of seemingly trivial and unconnected data, of course.

Would you rather die of cancer or blunt trauma? Would you rather your child or grandchild be killed?

Having some "data scientist", who, let's face it, makes him living advising corporations on how to collect and use data, tell us, "You don't want your privacy" is rather insulting. I could tell him "You don't want your big toe" because he'd probably rather lose a toe than an arm. Either way, it's a loss.

If you can keep someone distracted enough to never realize that they're really not getting any benefit from all the data that's being collected about them, then it's a big win for the corporate and government elite. But it's still a loss. When you lose your privacy, there's no getting it back. This is a one-way street of no return and it deserves more serious evaluation than some technocrat jackoff at Disneyland.

Re:Fuck you!

And from where I buy the coffee and what time and do I take sugar comes meta data becomes expensive when data profiling says my health insurance goes up because I like cream and sugar in my full fat late etc.

Enough meta data means you see the whole picture.

Re:Fuck you!

[tpstigers]

There's a difference between privacy and anonymity. Get a dictionary.

Re:Fuck you!

[reboot246]

Fuck John Foreman and the ass he rode in on. He may not value HIS privacy, but most of the rest of us do.

Re:Fuck you!

[arth1]

Fuck John Foreman and the ass he rode in on. He may not value HIS privacy, but most of the rest of us do.

No, I don't really value John Foreman's privacy.

Re:Fuck you!

[Eskarel]

No, having someone like the OP pretend that you can actually share your private information only with "some" gigantic corporate entities is what is nonsensical.

The author of the article has a point, whether you agree with him or not. There are services which can only be delivered by letting people know a gigantic amount of information about you. Either you're happy with having pretty well anyone know that information about you in exchange for those services or you're not. You can't have it both ways. Either Google knows where you are so they can tell you where the nearest coffee shop is or they don't and they can't. Either you have a convenient GPS device in your pocket or you don't. We need to stop pretending that we can share this information only in a way that we're comfortable with. If it is collected it will be shared, if it is collected it can be obtained with or in some cases without a warrant, if it is collected someone else can collect it to.

A lot of the problem is just that we have this gigantic black hole in our thought processes where the government is seen as a gigantic terrifying evil but gigantic corporations are not. However much I distrust my government(s) I'd sure as hell rather the NSA were looking at my medical records than Google, the NSA is at least nominally something I can vote to change, but there ya go.

Re:Fuck you!

[Frobnicator]

Indeed there is a great amount of privacy we should demand.

I'll start with his conclusion first, then with one of his Disney examples.

He claims we really don't want our privacy even in our homes because it is the future. Interesting.

It is odd how he concludes that we ultimately will be giving "all our info" to everyone, including random strangers on the Internet in exchange for a flashlight app. Would he mind if his job performance information (and those of his co-workers) are publicly shared? Perhaps he has always been a stellar employee and doesn't mind that becoming public. What about if his family's medical records become public knowledge, that is part of "all our info". perhaps again he is a rare individual with nothing he cares to hide in his family; nobody has a mental illness, nobody has reproductive issues, nobody had a tumor or other problem that could affect him or his children for seven generations.

Or taking it further, since he is willing to share "all our info" for his family with everyone online, what if we installed webcams in his bathroom, broadcasting every angle of the toilet and shower featuring his wife and daughters? Or cameras in his marriage bed? He plainly states he doesn't care about the privacy of himself or his family, so why not?

Moving on to the middle of TFA, he details about high-spending visitors should be given preferential treatment when waiting in line in order to encourage additional money extraction through entertainment. What he blissfully fails to notice is the flip side of the coin: everyone else gets screwed by this model.

Sure, if you are the wealthy people targeted for money extraction you will have entertainers making sure you have the time of your life. If you are the commoner spending an average amount of money your experience will decrease from the present level. And if you are not exactly wealthy but taking your family on a once-in-a-lifetime entertainment retreat, well, sucks to be you under the new model.

If he doesn't see the difference between a per-instance transaction of specific information versus a wholesale surrender of "all our info", he is a fool.

Re:Fuck you!

[PopeRatzo]

I'm starting to believe the end of this argument will come the first time several million people have their medical records stolen, a la Target and Macy's loss of credit card info.

When we can start to see who's got erectile dysfunction and who's got chlamydia, you will see people figure out that they want their privacy after all.

But your mention of job performance data is a good pick too.

Re:Fuck you!

[Eskarel]

Honestly, no one gives a shit about your medical records, the vast majority of the information isn't useful or even interesting to anyone and even the most embarrassing stuff isn't actually very good blackmail material. I would assume there's some value in the records of celebrities, but even then not all that much. The records from your shrink could potentially be interesting, but even the medical stuff you can actually understand without a medical degree just isn't that interesting.

Re:Fuck you!

[Eskarel]

Nope, Google doesn't make your life a living hell, at least as far we're aware, not can't. For the most part the government doesn't either.

Leaving aside the fact that Google is just as capable of blackmail, extortion, and other forms of abuses as the federal government is, they can turn over any information they have directly to the federal government and get them to make your life hell.

This is sort of what I'm trying to say, every single thing the US government can do to you with your private information Google can do or get done to you. They're also one hell of a lot less accountable both in theory and in reality. I can't vote for CEO of Google or file a FOI request for their plans and records. Google isn't answerable to me in any way shape or form. All I can do is attempt to stop using their services which by this point is probably a useless move anyway.

Re:Fuck you!

[PopeRatzo]

Honestly, no one gives a shit about your medical records

Not true. Here are the people who care about your medical records: Your prospective employer. Your prospective mortgage lender. Your credit card company. Your insurance company (life and otherwise). Drug companies. Medical device companies. Home convalescent care companies. Wal-Mart. Con men. Burglars.

I'm surprised you don't see that. If you're interviewing for a job with me, do I have the right to your medical records? No. Would I like to see whether you've got a chronic health problem that might be a problem that could make me decide just to pass on you for someone who is in perfect health? You bet. Do I want to know if you've ever been treated for depression? What do you think? If I own a small company and a prospective employee has had expensive fertility treatments in the past, there's a good chance that he or she will have those treatments again, and my insurance plan will be on the hook.

Do you think a woman who had an abortion when she was 18 wants the people at her church knowing about it when she's 35?

You might have noticed that the laws regarding privacy of medical records are ridiculously strong. The drug store doesn't even want to tell me if my wife's prescription is ready because of the penalties regarding patient confidentiality.

Mark it down: a lot of people who don't think privacy is an issue now will suddenly become very concerned when medical records get out in the wild.

Re:Fuck you!

[Eskarel]

The laws about medical privacy are ridiculously strong, and to a certain extent that's actually justified, but most of it is how we feel about medical records as opposed to how dangerous they actually are. Most of the cases you put up are either untrue or there are easier ways to get the same information.

Your health insurance company already has your medical records, they have them because they paid the bills, your life insurance company will refuse to pay out if you have any relevant medical secrets you don't make them aware of. Your mortgage company doesn't give a shit about your health so long as your house is worth more than you owe, if you die they'll sell it and recoup the money. The credit card company doesn't care because the last thing they want to do is refuse credit cards to poor unhealthy people and their rates are already usurious.

The job is an issue potentially, but it's pretty difficult to hide chronic health problems for very long anyway and most employers presume that if you're a women under 50 you're planning on getting pregnant in the next 6 months. More importantly your employer isn't going to pay for stolen medical records, which is more of what I meant about "no one gives a shit". On the issue of an abortion, odds are I could show you and all the members of your church a stack of medical records one of which contained an abortion and you wouldn't be able to tell me which one it was, and that's leaving aside the fact that the same clinical codes are used for non termination procedures. Sometimes Catholic hospitals will perform the procedure and the people running the hospital won't know that's what got done

There are certainly people who would read your medical records if they were in front of them, there are even people who would misuse them if they were available, but very little that's in your medical records can't be determined in other ways and more importantly I can't think of anywhere you could sell bulk medical records for enough cash to be worthwhile. Medical records have been lost in their millions in the last 20 or 30 years but as far as I'm aware no one has done anything with them.

Already read it.

[Kotoku]

It is called Down and Out in the Magic Kingdom. Cory Doctorow already figured it all out.

Re:Already read it.

[khasim]

And Doctrow is a better writer. Damn that was painful to wade through.

Anyway, back to the point, I don't care if Starbucks knows that I haven't shopped there for a month and decides to entice me back with a 50% off coupon for a latte. I choose if I want to purchase something from Starbucks.

I care if the government is collecting information on me because the government can put me in prison.

Re:Already read it.

[davecb]

Also Carl Hiaasen's Team Rodent

Re:Already read it.

[guises]

I care if the government is collecting information on me because the government can put me in prison.

You should care if _anyone_ is collecting information on you. It's trivially simple for a private company to sue you into ruin, and they can have you arrested just as easily as the NSA can.

Re:Already read it.

[s.petry]

Where I disagree should be very obvious. Obama just stated on Friday that spying on the people won't change, but data collection would be privatized. This makes a very easy transition of all data into a single pool that all already questionable government offices have access to.

If you have a kiddie porn habit, you may find a job with the TSA. Outside of that, your employer may see an message from DHS during your hiring process that you did look at porn, or you had a communicable disease, or that you purchase alcohol or tobacco products, etc..

The point is, we all have histories. Most of us are not groomed politicians that have had people paying to cover up all of their mistakes through life. We should be able to choose what gets stuffed into a database and be able to see what people are collecting about us. Currently we can do this with some private company data, but the Government data we have no clue. Once these databases start to merge, it will all be closed and you won't be able to see a thing.

If this turd from Disney thinks it's a good idea to RFID chip himself, good for him. I think he's an idiot, but his choice. I have the same ability to choose not to do this, and both of us should remain able to choose.

Re:Already read it.

You should care if _anyone_ is collecting information on you ...

Not the least because the NSA can collect (err, does collect) anything anyone else collects on you.

Re:Already read it.

[Cochonou]

It's still much better than Makers.

Re:Already read it.

[bob_super]

In three years you may still get car insurance without a GPS tracker, but we'll have to charge you 100x, because the GPS-equipped cars are demonstrably safer. it's only business...
You do still have the freedom to bike, citizen.

Decaf at Starbucks?

[plover]

Even if you don't care today, others are using data mining techniques to learn from those innocuous facts.

They know that coffee beans are decaffeinated using chemicals that cause cancer, and if they correlate that to an increased risk in cancer, they might increase your health insurance rates. And because people who drink decaf are statistically less alert and therefore more likely to get into car accidents than coffee drinkers, they're going to raise your car insurance rates, too.

Everybody has something to hide, even if the facts don't seem relevant to your well being today.

Re:Decaf at Starbucks?

[cheater512]

A lot of coffee is decaffeinated by water (Swiss water process).

Plus I kind of think that doing risky behaviour *should* increase your premiums (and reduce everyone else's of course).
Next you'll be wanting smokers to get the same health insurance premiums as non-smokers.

Re:Decaf at Starbucks?

[Mitreya]

And because people who drink decaf are statistically less alert and therefore more likely to get into car accidents than coffee drinkers, they're going to raise your car insurance rates, too.

Yeah, so that would be the difference. There isn't a problem with Starbucks collecting the data and even doing analysis anonymously to build better marketing campaigns that may take further action. There is a problem if they are going to sell (or give away) my identified information to anyone else, such as an insurance company.

And then there are credit reporting agencies that seem to make money from data that is automatically reported to them by credit cards/collection agencies/etc. Where do I sign up to receive reports about everyone's late payments?

Re:Decaf at Starbucks?

[Charliemopps]

Next you'll be wanting smokers to get the same health insurance premiums as non-smokers.

I do. Insurance shouldn't be about finding people devoid of risk and only insuring them.

Re:Decaf at Starbucks?

[cheater512]

I agree it shouldn't, which is why it is regulated. All insures should be able to insure everyone for a fair price.
All I am saying is if that person is a smoker their premium should be higher than a non-smoker.

Re:Decaf at Starbucks?

[TheRaven64]

The problem was highlighted by the likes of Google in the recent NSA revelations. It doesn't matter why you collect the data, once it's collected and indexed conveniently it can be used for other purposes. Google builds a system that collects a large body of emails sent and received by millions of people. They may only intend to do anonymous, aggregate, data analysis on it to determine broad patterns, but once the data is collected and centralised it's easy to index it and search for specific emails. Even if you completely trust Google, Starbucks, or whoever is collecting the data now, do you trust every company that might buy them in the future, do you trust that their management in ten years will have the same views, and do you trust that no one malicious can compromise their systems? Snowden showed that even the NSA can't manage to keep systems that are completely secure, so what chance does anyone else have? Today, you are likely safe from invasive monitoring because no one has the processing capacity to handle tracking people as uninteresting as you, but we're still seeing processing power per dollar doubling roughly every 18 months, so how long will that be the case for?

Re:Decaf at Starbucks?

[TheRaven64]

Anonymised data rarely is. It's very easy to remove the relationship between John and Decaf, and as long as that dataset is completely isolated from every other dataset, then it's fine. If, however, it's combined with the things-John-bought-on-his-credit-card dataset, or the people-working-near-this-Starbucks-who-have-breaks-at-this-time dataset, then you can infer that this decaf drinker is John. Often you'll need two or three independent datasets to be able to reconstruct the original anonymised version, but data storage is cheap, and the processing power required to do the cross referencing is getting cheaper...

Re:Decaf at Starbucks?

[Sique]

But then you should also agree that smoking should lower your pension premium.

Re:Decaf at Starbucks?

[umghhh]

Either all the same premiums or the US system where the insurance is just a tax on your genes, habits and lack - both systems are extreme and to much so for me. I like the idea of an insurance as it were - where a group of like minded people decided to share the risk. OTOH health insurance is so different and should on one hand be regulated and on the other should allow increase of premiums in certain cases: smoking, obesity and skiing would be some options not because they are risk taking, but because we know they increase costs on general population. Yet an additional premium on all skiers should be acceptable up to certain point at least. Obesity maybe questionable but smoking and skiing are perfect candidates for a premium - they do have different risk profiles and not only significantly so but also voluntarily. This said I would exclude e-cigartes as they get rid of the unpleasant consequences and give nicotine pure.

Re:Decaf at Starbucks?

[blueg3]

the US system where the insurance is just a tax on your genes, habits and lack

Lack?

AFAIK, it's illegal in the US to use genetic information in choosing health insurance rates. (Unless you mean "family history", which is different.) Insurance of all kinds is a tax on your habits: your behavior very directly influences your risk, and risk is really what insurance is about.

Incidentally, "the US system" for health insurance is to get it through your employer, where no factors matter (except who your employer is). At least until ACA, the individual markets were secondary (and as a result, unreasonably expensive).

Re:Decaf at Starbucks?

[Anubis+IV]

That's why he talked about controlling how the data is released. I might be okay with my favorite coffee shop (not a Starbucks) knowing what my usual is and getting started on it when I walk in the door each morning. I wouldn't be okay with that same information being shared with my insurance company, just because I am aware of the fact that seemingly innocuous facts can be used to jump to radical conclusions.

In the context of the Nest purchase last week, the reason I just provided is why I was okay with Nest getting information about me. They were using it to directly enhance my experience as a user, and in so doing, were hoping that I would become a loyal user who would purchase more of their products (which was something I was planning to do). With Google, however, I have every expectation that they will use whatever information they gain from my thermostat to enhance my experience...but also to enhance their profits in ways that are unrelated to my experience and may, in fact, prove to be detrimental to me. That's what's happened with Gmail over the years, which made sense for me when it was just a set of targeted ads in exchange for 1GB of storage, but made less sense once Buzz (and increasingly G+ now) started being forced on me.

Re:Decaf at Starbucks?

[Roger+W+Moore]

AFAIK, it's illegal in the US to use genetic information in choosing health insurance rates.

That is clearly not true since they already differentiate as to whether or not you have a Y chromosome.

Re:Decaf at Starbucks?

[LateArthurDent]

Plus I kind of think that doing risky behaviour *should* increase your premiums (and reduce everyone else's of course).

I never understood that argument. You guys argue that people who have insurance should pay their premiums in proportion to how likely they are to use it. You consider that the fairest possible payment system. However, if you take that to its logical conclusion, you should only charge people who actually end up using it. So you should go ahead and eliminate insurance altogether, and you have the fairest model possible: only people who get into car accidents pay the costs, only people who get sick pay medical costs, only people who get robbed suffer their losses.

The entire point of insurance is to make the payment unfair in order to diminish the payment by spreading the risk among everyone. You agree to pay something, even though you hope to never have to cash in on the insurance, so that if you do have to cash in, everybody else who doesn't need to cash in subsidizes you, and you pay less. You do this for peace of mind. What you should want isn't to pay commensurate to your risk, you should want everybody to pay equal rates, which will result in the lowest possible premium for everyone. If you determine that premium is too high for your risk level, that should mean you think your risk level is low enough to go without insurance.

Re:Decaf at Starbucks?

[sjames]

The facts don't matter nearly as much as the insurance company's WAG. They know that some decaf methods might carry a cancer risk and jack up your rates just in case.

Don't worry, if you don't get screwed on the decaf, there's a zillion other excuses waiting. Everything you say or do might raise your insurance rates too high for you to afford. Your insurance agent will become the worst tyrant you ever imagined, backed by a surveillance system the Stasi could only dream of.

Re:Decaf at Starbucks?

I might be okay with my favorite coffee shop (not a Starbucks) knowing what my usual is and getting started on it when I walk in the door each morning.

Hey, my favorite coffee place (also not a Starbucks) already does this, based on the fact that the barista knows who I am (zero computerized databases necessary) --- that thing called "friendly customer service" that places like Starbucks are trying to fake with heavily automated systems and poorly-treated employees. If you need a global-mega-tracking-DB to make customers feel welcome, you're already doing something seriously wrong.

Re:Decaf at Starbucks?

[sjames]

How about if they jog in polluted areas? Hang glide? Like to skate in their socks on the waxed kitchen floor? Inhale deeply as they go past the heart attack grill? Walking in the woods (where a poisonous snake was seen once)?

Do you really want to be assessed a fee for each and every thing you might do in your life that someone elsewhere thinks is unnecessary? Perhaps we can have machines on the walls to issue fines. No swearing, you might upset someone who has an elevated risk for heart disease!

Re:Decaf at Starbucks?

[Nephandus]

"Fair" would be preclusive to most who need it. They need it precisely because they can't pay their own bills. Those who can don't need it because they can.

Re:Decaf at Starbucks?

[lgw]

If insurance companies were competing for my business, I'd have no problem with that. Let each take their best guess at my risk, and I'll go with the cheapest. The one who tends to guess most accurately will grow at the expense of the others.

Of course, health insurance today is nothing like that at all. I wish it were actual insurance, against unexpected risk, that I bought just like car insurance (with a similar pool for the highest risk few% where insurers just had to eat the losses as the price of doing business), with my employer no where in the picture.

Re:Decaf at Starbucks?

[phantomfive]

Not only that, but insurance can't work with 'capitalistic' competing pools.

That's kind of silly, considering insurance has been around for centuries as competing capitalistic pools.

Re:Decaf at Starbucks?

[sjames]

You seem to have whooshed on what a dystopia that would be. I thought I was over-hinting with the no swearing thing and the fine machine on the wall, but I guess not.

There comes a point where the cost of accounting exceeds the loses from looser accounting. Of course, accountantants never account for the cost of accounting. In this case, the cost is the death of the human spirit and eventually a halt to all progress and freedom.

Part of the problem is that an insurance company will inevitably over-estimate the risk to make sure it doesn't get caught short. Another issue is that at some point they nail down the risk so tightly that they are no longer actually managing risk, just taking a cut of how much it will cost when the inevitable happens.

Meanwhile, insurance does OK at avoiding a risk, but it does a terrible job of reducing the cost when one of the risks materializes. In fact, too often it drives the cost up.

Re:Decaf at Starbucks?

[MobyDisk]

I agree with you, so I skimmed through the replies. While most are meaningless, I gleaned a tiny fraction of an intelligent reply from one of the ACs, so let me draw upon that to play devil's advocate.

What if only predictable, individual induced diseases are used to vary the insurance rate? So, for example, smokers would pay more for insurance, in proportion to their likelihood of getting lung cancer an. People who eat nothing but donuts and bacon would pay more, in proportion to their likelihood of heart failure and type 2 diabetes. But your family history of cancer is not induced by bad life decisions, so there would be no rate adjustment for that.

So when someone gets chemotherapy for their lung cancer, if they smoked all their lives then the cost would be subsidized largely by the other smokers. But the non-smokers don't have to bear the full burden of it.

In this way, people feel like the system is more fair, using the "capitalistic" definition, while still being truly insurance.

Re:Decaf at Starbucks?

[Reziac]

Or do it the other way around: everyone pays the same premium, but base the deductable on risk factors.

Do you want to mix Disney and your Bank? I don't!

[davecb]

[From a longer rant about banks (:-)]
Imagine all files and programs on my phone have labels on them. My banking programs has one label that says "The Bank", while another says "David Collier-Brown". The files it creates have the same labels, and no program can read them unless it has both. The banking program will send careful selected information to programs that have just my label on them. This happens to include my printer and email programs, so I can email or print my bank statements and holdings. It can send much more to the bank itself, labelled with both the bank and my name. Let's call these labels (M & B), for me and the bank. When written to files, the labels take the form of public/private key pairs. That allows the program to send encrypted files to the bank over ordinary insecure networks without anyone being able to read them.

Disney has a label, too, and I can share what I like with them. and not with some chap with an evil plot to make use of Dave-and-Disney information

--dave

Eh, you gave up your rights a long way ago

It's when you let yourself be classified as "consumer" -- one who can be made to buy whatever the "producers" want you to buy.

Stop thinking of yourself that way, and you start to see that you have few rights left, and need to fight long and hard to regain some of what you lost. This is different from saying "give up already", for the choice is yours. But the road's going to be long and hard, and the longer you wait to get on it, the longer and harder it will get. So, someday it'll be "fight now or give up forever", yes, and that day might be closer than you'd care to think about.

Re:Eh, you gave up your rights a long way ago

[arth1]

It's when you let yourself be classified as "consumer" -- one who can be made to buy whatever the "producers" want you to buy.

In corporate computing, "producer" and "consumer" are just newspeak words for "master" and "slave".

That's not too far from real life, the way things are going.
The astonishing thing is how easily people are willing to give up their freedom, and like it.

Who is the marketeer? RTC disney

[leuk_he]

I bet the marketeer is some kid that got trained playing Rollercoaster tycoon 3 and now can do that al in a "real"(but fabricated) world.

Re:Fine. Prove it, asshole.

[leuk_he]

Is it free? Do you broadcast? The proof is in Big brother/ robinson island. Enough people will line up for one minute of fame.

Data Scientist for mass mail company says...

[gnoshi]

What would you expect someone who works as a data scientist for a company which does mass mailing say? Sure, Mail Chimp isn't a spamming service (through requiring double-opt-in) but a central part of its service is including trackers in e-mail to check if you're opening it.
I'd be more dubious if it was a data scientist from doubleclick, but not necessary much more.

Re:Data Scientist for mass mail company says...

[93+Escort+Wagon]

The title "Data Scientist" seems to be popping up all over the place very recently. I wonder if this is one of those titles like "Administrative Assistant" or "Associate" that they invented so they can avoid giving people a better salary.

Re:Data Scientist for mass mail company says...

[gnoshi]

Note: TFA doesn't seem to say what the summary says it says.
(i.e. it isn't "you don't want your privacy", it is "the way people behave with data suggests they don't want or care about their privacy; they'll sell themselves out at the drop of a hat").

Re:Data Scientist for mass mail company says...

[rockmuelle]

I've argued that it's more like "web master" from the 90s. A tendy job that will soon be replaced by actual experts.

For data scientist, the experts are the traditional analysts and staticisians that were already doing these jobs before Hadoop experience became the only job requirement.

-Chris

Re:Data Scientist for mass mail company says...

[fermion]

And when you go to the disney world you double opt in and have paid a great deal of money to be provided an experience. It is not like you are going camping or hiking or generally exploring a city. You are basically giving up most of your self determination to select from a few highly engineered choices. The more engineered,the more directed, the better the experience is going to be.

This is in fact where tracking is useful and will result in a better consumer experience. Complaining that you are being tracked at disney world is like complaining that google is selling you data to advertisers,

Re:Do you want to mix Disney and your Bank? I don'

[Alain+Williams]

Imagine all files and programs on my phone have labels on them.

There are that sort of thing, eg android sandboxes. However the problem is that when an application is installed it asks for access to more things than it rightly needs. End users just install it, without really being aware what the new application can do.

Privacy and Anonymity must stay!

[therealprologic]

I completely agree with a lot of the comments. Privacy, Tracking, Spying, Monitoring are BIG SERIOUS problems in the world today (and have been for al long time!) It's important that we fight this to the end and ensure the privacy, security of our lives, data and personal identities.

Tags are for petty criminals

[Alain+Williams]

In the UK we use that sort of technology to tag petty criminals. Nice to know how the mouse views me!

obligatory Beatles

[_merlin]

Everybody has something to hide...

...except for me and my monkey! :)

Re:Do you want to mix Disney and your Bank? I don'

[davecb]

Technically I was describing "MAC", mandatory access control. We used to have it, I even sysadmined it, but a three-letter organization seems to have decided no-one would want such a thing...

Reverse the data-direction...

[chalsall]

Here's a radical idea...

Rather than the consumer wearing the RFID chip, the consumer instead carries the RFID reader to find out what the merchant is offering.

The consumer doesn't radiate anything, and the merchant radiates the information the consumer might be interested in (or not...).

This puts the control back into the consumer's hands. As it should be.

Re:Reverse the data-direction...

[fatphil]

RFID readers radiate loads, they radiate so much that RFID chips can power up from the induced current, and radiate stuff back.

You don't need the merchant to have RFID tags in order to tell you what he's offering - if he's unable to communicate that to you using any of the other multitude of ways that humans have communicated to each other over the last few thousand years, then he's probably not a merchant I'd have any interest in dealing with.

Thanks for the disclosure

[saynt]

MailChimp sounds like a company that I'll go out of my way to avoid. Seems that their chief data scientist should have run this by their chief privacy officer before he slapped his companies name on it.

"You don't want your privacy"

[nurb432]

He may not, but i do.

MagicBands don't track..

I went down to Disney just a few weeks ago.. and, to be honest, it would be awesome if the MagicBands actually worked. You have to be 1-2mm away from the reader for the readers to even attempt to get the data off the band.. and most times it just doesn't work and the cast members had to get the numbers from the back of the bands manually. So much for "Magic". Very frustrating. I was envisioning something more seamless.

simple solution

[Virtucon]

Neuter Mickey Mouse! That way the rat will get fat and stop screwing around tracking patrons in the theme parks. Here's a simple formula Disney: Make the lines shorter by limiting access or improve the capacity of the rides and then you won't need to track your patrons, leaving them the fuck alone to enjoy their time in your overpriced bullshit!

No sharing

[EmperorOfCanada]

I too don't really mind that Starbucks sees that I prefer fizzy drinks and chocolate brownies when I am with my coffee drinking friends. But I don't want them sharing that data with anyone. The best privacy law would be that you have 3 options when dealing with a company. 1 That they only use your data for internal purposes (No "trusted" third parties) 2. That they do with your data as they want. 3. That they destroy your data or at least anything that an information scientist could use to identify you (except for your preference) down to the minimum data required to do business with you. Also the companies could not offer discounts or charge extra depending on your preference. Lastly # 1 is the default option.

So looking at option 3 I would include information rich companies such as CC or phone companies. So with either of them they would be able to record what phone calls you made over the last month, Bill you, give you 30 days to dispute the charges, and then forget anything about you except that you are a customer and owe a certain amount. They wouldn't even be able to see what they billed you 5 months ago let alone who you called. Yes it is nice for the phone company to be able to look at their old records to figure out what they could sell you but that doesn't benefit me. That is stealing information from me. They would still have the information in aggregate so they could see that people 20% more each month and thus they should increase their capacity accordingly.

The same with things like EZPass, the power company, the water company, even the police handing out tickets. The moment I pay the ticket there is no reason for them to specifically remember that I got a parking ticket on the corner of South and Main. They could remember that someone did get a ticket, just not who.

This Is Not What People Should Be Up In Arms About

[noc007]

To my understanding the MagicBand has two RFID components. One is long range, battery powered, and is used for tracking a person in the parks. My understanding is they use the data to see where crowds go, what's popular during different times of day on which days, and when there's too much of a crowd, they'll put out distractions to get the crowd to move. The other chip is for short range stuff like room key, purchase transactions, and FastPass. This one can be read by a NFC reader and everything but the serial number is encrypted. Here's the thing, it's a privately owned theme park that can dictate within reason what goes on in their park. Don't like it, don't go and patronize. Simple as that.

I've read on a Disney enthusiast that people up in arms saying they'd be putting foil around their bands and honestly I don't know why they're paying Disney to go to the park if they don't like it. What people need to be up in arms about is the dwindling of our freedoms and the abuses of the law by our (US) government. No, people may get a little grouchy, but they just put up with it and let is slide. A private company with their private property doing something to better their product and people flip a shit when they have a choice to not participate.

Magic Band Tech

[gatzke]

We went down recently and got the Magic Bands. Disney uses them in five ways:

1. Ticket into the park
2. "Fast pass+" for some rides in the park
3. Purchases (with a pin, if your card is tied in)
4. Room access if staying on resort.
5. Photo pass (photos shot by in park employees)

In most cases, these are actions that for >95% of us would be tied to our credit card transaction. Even the old paper fast passes would have been tied to your park ticket (which is probably tied to your credit card).

The photo pass is one that previously was not tied to your credit card in any way. You would take pictures and get a code, if you never bought the code or tied the code to your online disney account they would not have your picture. But I am sure Disney has plenty of CCD in place and could tie in your entering the park to a picture if they wanted.

I really doubt they are tracking people in the park. Their RFID sensors stink! You have to orient the band just right to get the RFID close to the sensor. You have to hold it still and sometimes swipe two or three times. I doubt they are long range scanning your RFID in the park without your knowledge.

Also, you only get three of the new fast pass+ "experiences" in the park each day. So they really will only see you in three spots. For them, this stuff is probably more useful for load leveling than privacy invasion.

BTW, problems with the system have been all over the place. Disney invested almost a billion in it and they were considering dropping it, but it worked pretty well for us.

So in summary, if you are skeevy about this at Disney World, pay cash or use gift cards to buy your tickets.

Re:Magic Band Tech

[bdenton42]

5. Photo pass (photos shot by in park employees)

Also pictures taken during rides were automatically tied back to my Disney account. After our last trip they sent me an email offering them for preview/purchase.

newsflash to Scott

[Tom]

"You don't want your privacy."

That is my decision to make, not yours.

If Scott doesn't want his privacy, fine with me, I don't care. But whether or not I want mine is not his call. That's the basic, simple in-your-face fact that everyone in these pro- and contra-privacy discussions seems to be missing.

Re:Fine. Prove it, asshole.

[canadiannomad]

That would actually be a pretty neat reality show: "You have nothing to hide!" streaming live online!
"Live in this glass hotel, and prove to the world you have nothing to hide!"
"Cellphones and computers provided free! Stay 3 months and earn $10,000!"
smallprint>Sponsored by the NSA and your local congress troll!/smallprint

Re:This Is Not What People Should Be Up In Arms Ab

[Reziac]

You are exactly correct. Disney can do whatever they want with Disney's property, and tracking people who use their property. Fair enough. I can see the benefits, to both Disney and patrons.

So long as Disney only uses that data for Disney's purposes within the confines of Disney's property, it's all well and good.

The problem is we've been taught by other companies (eg. online advertisers) that our data is not private, and WILL be sold to third parties with absolutely no consent on our part. Can we trust Disney not to do this? We can't really know.

Re: Pricing model for insurance

[Keybounce]

You guys argue that people who have insurance should pay their premiums in proportion to how likely they are to use it. You consider that the fairest possible payment system. However, if you take that to its logical conclusion, you should only charge people who actually end up using it. So you should go ahead and eliminate insurance altogether, and you have the fairest model possible: only people who get into car accidents pay the costs, only people who get sick pay medical costs, only people who get robbed suffer their losses.

The entire point of insurance is to make the payment unfair in order to diminish the payment by spreading the risk among everyone. You agree to pay something, even though you hope to never have to cash in on the insurance, so that if you do have to cash in, everybody else who doesn't need to cash in subsidizes you, and you pay less.

The proper pricing model for insurance is based on percentage chance of using it. Do you have a 5% chance of using insurance? Then you should pay 5% plus profit margin in premiums.

Does someone who smokes have a higher chance of using insurance, and paying more for medical care? Yes? Ok, charge them more.

Does someone who has genes for issue X -- and lets say that they are active, expressed genes -- have a higher chance of using insurance and paying more for medical care? Yes? Ok, so ...

Now we get into the first set of tricky questions. You can choose to smoke or not. You can't choose your genes. Do we penalize people for some things that they cannot control?

And why did we look at gene X -- there are hundreds of thousands of issues with genes. Potentially, every protein that can fold in more than one shape, or that can be generated in multiple slightly variant sequences could turn out to affect disease -- yet we only have some of them analized. Does it make sense to say "We know you are worse because of X, we don't know about Y, so we're giving you penalty for X, but not giving you a discount for Y"?

And who decides to study X and not Y? Is there a correlation between european genes vs african genes? "Race is only skin deep" is false -- the people who migrated out of africa did get different genes as a result. Should we not give penalties to people who have lost the malaria protection in their blood?

That last question is deliberately loaded, deliberately phrased. If you didn't understand it: The same sickle cell that gives you protection against malaria from mosquitoes also causes anemia from a lack of oxygen in other situations. How do you tell what's the benefit or the penalty?

And I haven't even gotten to the statistical abuse of several "different" issues that actually overlap to the point that you are double- or triple- surcharging for what is really a single issue.

Insurance pricing is not nearly as clear-cut as people want to make it seem.

Simple example: Under the affordable health care act, the stated goal is to get enough young, healthy people signed up to cover the costs of insuring the elderly. So the stated goal is to have younger people overpay -- pay higher than the expected usage costs -- to reduce the costs charged to older people.

Fairness? Charging people less for being healthy? How do you determine healthy? How do you determine fairness? Why do you deliberately overcharge group A to subsidize group B? Why permit this on age? How do you prevent it from being racial in disguise as soon as you look at genes?

This topic was on privacy. So where's the line?

If I want my genes to be private, and out of the insurance company, why not?
If I want my actions to be private, and out of the insurance company, why not?

===

Car insurance companies finally seem to have the right model. You can get a discount if you voluntarily reveal your driving habits, but you don't have to if you don't want to.

Now, all we need is what I understand to be existing conversion law. That data is provided to you only for the purpose of calculating my insurance, and any other use is in violation of the law.

Re: Do you want to mix Disney and your Bank? I don

[davecb]

Please note that MAC is turned off in SELinux (;-))

Joking aside, the NSA helped write the specs of secure systems, and certified a number, including Multics (B2) and Trusted Solaris (B1 workstation), both of which I used. That they've now decided that confidentiality is a bad idea doesn't mean they didn't care about it, back when it was their own government that was the main customer.

Imagine the fun of being a politician in a country where your security service spies on you. Imagine if the security service is headed by a inveterate collector of dossiers named J. Edgar Hoover. Disney and the Bank are pikers compared the the problems the US has!

--dave