Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II
‎09-25-2018 02:47 PM
‎09-25-2018 02:47 PM

Wendy's collects fingerprint data?

I was surprised to note that Wendy's is facing a class-action lawsuit over its practice of collecting employee fingerprint data.

 

Particularly since I was astounded to learn that Wendy's was collecting the data in the first place.  Why would you?


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Reply
0 Kudos
3 Replies
denbesten
Community Champion
‎09-25-2018 05:31 PM
‎09-25-2018 05:31 PM

@rslade wrote:

Why would you?

The motivation is to prevent one employee from clocking in on behalf of another and to eliminate the problem of badges being left at home.

Reply
0 Kudos
Early_Adopter
Community Champion
‎09-25-2018 08:24 PM
‎09-25-2018 08:24 PM

Looks like the specific problem the proposed lawsuit addresses was lack of informed consent and specificity on the ‘why’ things were being done, as well as sharing with the vendor.

 

On the motivations as @denbesten posited if the technology is not so much being used to provide strong MFA to protect identity in conjunction with badges, but potentially instead off or incase someone forgot theirs or tried to impersonate someone.... I’ve no data, but on the surface does seem like a bit of a sledge hammer being used to crack a nut. Just have a mandatory policy on badges, make them displayed, and have a reporting process if they are missing.

 

Is an employee/shift team really going to cover for someone not turning up on a busy shift and pre-arrange to take their badge so they can be clocked in? This is a hard job with constant work, missing folks might not be popular.

 

Lastly, while I’m sure there are good protocols for hygeine in Wendy’s, do you really want to use fingerprint sensors that everyone must touch in restaurants? You might cause other issues by building a mandatory vector for infection of the non-cyber kind into your employees daily routine 

Reply
0 Kudos
rslade
Influencer II
‎09-25-2018 09:49 PM
‎09-25-2018 09:49 PM

> Early_Adopter (Advocate I) posted a new reply in Industry News on 09-25-2018

>   Lastly,
> while I'm sure there are good protocols for hygeine in Wendy's, do you
> really want to use fingerprint sensors that everyone must touch in restaurants?
> You might cause other issues by building a mandatory vector for infection of the
> non-cyber kind into your employees daily routine

All employees must wash hands after signing in. Then sign in again, and wash
hands again ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Geeez, Erwin. He wasn't even armed.
I don't care. I have lots of ammo and he was wearing a tie.
- http://ars.userfriendly.org/cartoons/?id=20010209
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Reply
0 Kudos