Disney CEO Iger Disses US Rep. Markey’s MyMagic+ Questions
Between the debt crisis, cabinet confirmation, and gun control, you might the the U.S. Congress has its hands too full at the moment to pay much attention to the Mouse. But Disney’s new MyMagic+ program, which was officially announced earlier this month and will soon roll out across Walt Disney World’s theme parks and resorts, has raised questions about security and privacy inside and outside Washington.
On January 24, Representative Edward J. Markey from Massachusetts, who has earned a long-standing reputation for challenging entertainment companies, issued a 3-page detailed letter requesting answers about how Disney’s new RFID chip-based guest management system will be implemented.
Markey’s missive read, in part:
Collecting information about how guests use Disney amusement parks could improve the company’s ability to target advertisements at its guests, including children… Although kids should have the chance to meet Mickey Mouse, this memorable meeting should not be manipulated through surreptitious use of a child’s personal information.
The response from Disney CEO Bob Iger, released on January 28, was less than diplomatic:
We are offended by the ludicrous and utterly ill-informed assertion in your letter dated January 24, 2013, that we would in any way haphazardly or recklessly introduce a program that manipulates children, or wantonly puts their safety at risk. It is truly unfortunate and extremely disappointing that you chose to publicly attack us before taking the time to review our policies and/or contact us for information, which would have obviated the need for your letter. Had you or your staff made the slightest effort, you would have found most of the answers to your questions already existed and were publicly available online at http://corporate.disney.go.com/corporate/pp.html and https://disneyworld.disney.go.com/faq/my-disney-experience/privacy-policy.
You can read Iger’s full response here.
Congressional concern is unlikely to significantly slow the billion-dollar MyMagic+ project, which is expected to expand across WDW in 2013, and invade Disneyland Resort the following year.
Are you concerned about your personal privacy in the light of Disney’s new designs? Do you feel it is appropriate for government representatives to ask questions like these? Leave us your take in the comments below.
There’s certainly a lot to know about this topic. I like all
of the points you’ve made.
Feel free to visit my site; http://burgundyshoes.org/fashionable-and-comfy-jelly-shoes (Carmelo)
Hey! I know this is somewhat off topic but I was wondering if you
knew where I could get a captcha plugin for my comment form?
I’m using the same blog platform as yours and I’m having problems finding one?
Thanks a lot!
Feel free to surf to my web blog jetmaster fireplaces [Ofelia]
Hmm is anyone else having problems with the images on this blog loading?
I’m trying to determine if its a problem on my end or if it’s the blog.
Any suggestions would be greatly appreciated.
Also visit my page … click to find out more
Very great post. I simply stumbled upon your weblog and wanted to mention that I’ve truly enjoyed browsing your blog posts. After all I’ll be subscribing in your feed and I’m hoping you write again very soon!
If Disney wants to make my experience even better by gather info about me, so be it. If I’m concerned about it I’ll quit spending my money there (not likely to happen).
I haven’t read up much on this. But whatever information they have I think will be as secure as giving my address and credit card to the hotel staff member. meaning, it’s likely secure, but there is always a chance. Since I’m not willing to give up enjoying life, I’m going to have to give a little faith in Disney that they are just trying to make my vacation as pleasant as possible and are taking precautions to limit what data is available to who.
I’m sure Congressman Markey and his staff have bigger issues to spend time on. You know – that whole economy thing perhaps?
I could parse Iger’s carefully-chosen-for-public-&-lawyer-consumption words, but in a nutshell, what he is saying is disingenuous at best.
Iger deftly avoids answering a few things quite adeptly. Markey’s no prize, nor is the NYTimes (whose article Markey seems to have based most if not all of his assumptions on), but Iger does quite the artful dodge. Got to give him credit. Oliver would be proud.
I should do a line-for-line parsing of Iger’s words, which would reveal so much he *doesn’t* say & how much disingenuous useless information he *does* give, but I don’t have the time. Y’all should read it yourself & draw your own conclusions.
See, here’s the thing. If you’re online (and obviously you are) and if you’re swiping that little keychain card to get the discount at Starbucks, and you zipped through the EZ-Pass on your way to work this morning and your cell phone is on…well, our government and many retailers already know every little detail of your life already. Way more than Disney’s RFID bracelet will ever know about you. Waaay more.
Funny how what we choose to fret over is usually meaningless while what we happily divulge to others is what we ought to be concerned about.
And I don’t mind our elected representatives asking questions…I just wish we elected smarter people who would ask smarter questions. Sigh.
I just became a Bob Iger fan! As a federal employee I recognize that our country faces much bigger problems than the alleged security threats posed by this RFID system. Members of Congress are very good at grandstanding and attacking problems that don’t exist, yet they can’t even pass a budget. What a breath of fresh air to hear the CEO of one of this country’s most respected companies tell this pompous airbag exactly what a fool he is.
Will you have to use it if you don’t want to? Don’t visit the parks and it won’t be a concern. If people are terribly worried about it, they will stop visiting WDW. At least don’t visit with your children so they won’t be exploited 😉
The govenment really needs to do their jobs and stop worrying about companies that are doing their own jobs. Disney is not even in his state!!!
I didn’t realize there were people being forced at gunpoint to visit a WDW theme park…
As long as people are visiting at their own will, it doesn’t really matter what Disney does or does not do. If you don’t like what Disney does, don’t visit their private property. Easy as that!
I laughed out loud when I read concerns about marketing to children. Apparently the representative has never been to Disney World. The entire park is one giant marketing campaign to children. I think that kind of thing is just accepted when you go to the parks
I wish Markey would’ve asked Iger a more important question: when’s FP+ going to be implemented, and will old FP then be discontinued?
What gets me is how ignorant Markey and his people are on the issue (makes you wonder how ignorant he is on “real” issues…but I digress). I can totally understand why Iger would respond in the manner he did. And I’m happy for it. In a 15 minute news cycle world he had to return fire quickly before the Congressman’s letter gained any traction.
My understanding of the technology used is that there is nothing to hack as far as the park-side tech is concerned. The bracelets contain no personal identifying information. The only information passed from bracelet to receiver is what amounts to a unique guest ID number. That guest ID is only matched to personal information internally. The only way a hacker could gain access to actual personal information would be to hack Disney’s internal network and/or data center. I feel pretty confident that isn’t going to be accessible through the RFID readers positioned around the park.
I am in no way a “worshipper” of all things Disney. But there are few companies in ANY industry who have as much experience with security as Disney does. I’m pretty much a freak about my personal information, but this new feature/service doesn’t bother me at all.
I think most of the fear is borne from ignorance of how this technology is being used. There has been a lot of fervor in recent years over people using RFID readers they get on eBay to steal personal information from credit cards and passports. But credit cards and passports store personal information on their RFID chips because the intended readers most likely won’t have a readily available connection to bank or government databases.
If someone used an RFID “skimmer” to read your MyMagic+ bracelet, all they’re going to get is your unique guest ID number, which is useless. The real “magic” happens within Disney’s internal networks after the bracelet is scanned.
At least that’s my understanding of it. Please correct me if you have different information.
Phillip – thanks for posting your reply. I believe you are 100% correct. And yes, fear borne from ignorance.
This is exactly how RFID works, and why it is cheap and quick. All the reader has to do is “scan” a unique number from tag. All the tag has stored in it is a unique number. The reader then has to do a database query for that number to bring up any other information that would be stored on you. Like so many people have already commented, if someone wanted to steal this information they would have to hack into the scanning towers. Markey’s concerns are actually no concern at all because even if disney wanted to do this collecting of information for bad purposes, they could have already been doing it with your park ticket, fast-pass gathering, and the now new Sorcerers of the Magic kingdom game, as that also uses RFID cards to “track” you.
Answering the question about our personal security: I would be more concerned with what information I put on Facebook over what information Disney can try and capture from us. Facebook is purely online and information from them is leaked all the time. What could someone gather from Disney that they wouldn’t be able to get from a site like Facebook? How much we bought at gift shops?
Answering the question about whether the government should be asking these questions on your behalf: If they are asking the questions, they first need to learn about the technology before going into a head first dive. RFID tags were never designed to store anything besides a number, or a few numbers. Anything beyond that and you are ruining the whole purpose of why RFID was invented in the first place. That alone would have covered about half the concerns form the government. However, I fell the government should not get involved, because in the long run Disney is a private company, if they want trackers on people when they enter the parks you can’t say no, you would have to agree or don’t go.
I haven’t read up enough on this to speak with any authority. However — I’m not worried about Disney using personal info to direct advertisements or special offers at us. Shoot, the grocery store does that with my shopping card info and habits. That’s OK. I would feel good about the MM+ system if I knew I could limit the information accessible within it. Like on facebook, I have my name and nothing else. All privacy settings are activated. I’m not sure if — as a DVC points renter — I’ll be eligible for MM+ during our summer vacation or not. But I will certainly follow this blog thread with interest, just in case.
My only concern about this is anyone getting this information as has been a concern and based off conversations with those installing the antennas for MyMagic+, this is a legitimate concern. If someone could hack this infromation while strolling the parks, they would know your address, know you are out of town, know if you are a single parent travling with children, etc. This is really my only concern with it and again, apparently a legit concern.
Amy, you likely informed every interested burglar that you were out-of-town on your many Facebook and other net posts, let alone having the lights off and the mail being stopped back at home. And were someone to ‘hack’ your RFID bracelet they’d get your RFID number. That’s it.
More research, less talking to antenna installers. There’s the ticket! Or RFID bracelet. 😉
I heart Bob Iger. That was beautiful.
He’s generally a pretty mellow guy(at least publicly), so for him to use that tone he must be REALLY boiling.
Agreed. Iger is under no obligation to be diplomatic with stupid people who have the power to affect profits by talking out of their….you know where; this is a family site. One person’s “less than diplomatic” is this person’s “Spot on!”
Well…the first link only applies to their websites and the second one redirects to the main WDW homepage so really this tells you nothing about the use of info in the parks.
The actual second link is in Iger’s actual email. When they quoted it for this article, it truncated the url and invalidated it. The real second link is: https://disneyworld.disney.go.com/faq/my-disney-experience/privacy-policy