Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

ALA NISO-BISG Forum - Patron Privacy

447 views

Published on

This was a joint presentation by Daniel Ayala (Proquest); Michael C. Robinson (Univ Alaska-Anchorage) and Nettie Lagace (NISO) for the NISO-BISG Forum held on June 24, during the 2016 ALA Annual Conference in Orlando, FL.

Published in: Education
  • Be the first to comment

  • Be the first to like this

ALA NISO-BISG Forum - Patron Privacy

  1. 1. Patron Privacy Framework 10th Annual NISO/BISG Forum 24 June 2016
  2. 2. Nettie Lagace, Associate Director of Programs, NISO @abugseye Daniel Ayala, Director Information Security, ProQuest @buddhake Michael Robinson, Head of Library Systems, University of Alaska - Anchorage @mikerobinson_ak
  3. 3. NISO as a “Switzerland” A meeting place for libraries, vendors, publishers to discuss common issues and create consensus solutions
  4. 4. An Issue of Privacy ALA code of ethics Publishers/vendors who serve users are not librarians Libraries are servers in the cloud and user interactions are managed by third parties
  5. 5. NISO & Patron Privacy Framework Intro Can libraries and service providers develop valuable services that are based on user activity data, or improve existing services using activity data, in a way that simultaneously protects privacy?
  6. 6. NISO & Patron Privacy Framework Intro Can we build a framework to protect patron privacy that is based on consensus that simultaneously recognizes the nuances with this issue?
  7. 7. NISO & Patron Privacy Framework Intro Goal: Establish a consensus framework of principles that prescribe how information systems should respect the privacy of patron data
  8. 8. What we arrived on...Overview Preamble 1. Shared privacy responsibilities 2. Transparency & facilitating privacy awareness 3. Security 4. Data collection and use 5. Anonymization 6. Options and informed consent 7. Sharing data with others 8. Notification of privacy policies and practices 9. Supporting anonymous use 10. Access to one's own user data 11. Continuous improvement 12. Accountability Glossary
  9. 9. So how does this tie to User Experience? Security & Privacy User Experience
  10. 10. Balance of UX & Privacy Suppliers (Publishers, Service Providers) TrustBalance privacy and functionality Metrics on usage Operational info to keep the service “up” Multiple customers: creators and users
  11. 11. Libraries Balance of UX & Privacy Metrics to fuel funding and buying decisions Wide array of positions on data use Assessment mandates Fundamental privacy tenets as baseline Expertise Enablement of users to make informed decisions
  12. 12. Users Balance of UX & Privacy Control Personalisation and recommendations Fast, easy, mobile, ubiquitous access Informed control over own privacy and data Consumer-like features expected
  13. 13. The Librarians Both ends of the spectrum...
  14. 14. The Librarians Both ends of the spectrum... Legal & Ethical Obligation to Protect Reader Privacy 1st amendment (free inquiry), ALA policy, professional ethics State laws on confidentiality of library records
  15. 15. The Librarians Both ends of the spectrum... Libraries Need to Embrace the Modern Web E-content, personalization, user experience Operational needs, business intelligence, educational assessment
  16. 16. The Librarians Both ends of the spectrum... False Dichotomies Privacy is dead vs privacy at all costs Abandoning ethics vs fettering competitiveness
  17. 17. UX Focus on the Framework How do you define what gets collected automatically vs explicitly asked for? PII/Sensitive InformationBrowser/Application Fingerprint
  18. 18. UX Focus on the Framework How do you define what gets collected automatically vs explicitly asked for? Persistent Cookies Tracking Session Cookies Tracking
  19. 19. UX Focus on the Framework How do you define what gets collected automatically vs explicitly asked for? User BehaviourReader Behaviour (Free Inquiry)
  20. 20. UX Focus on the Framework How do you define what gets collected automatically vs explicitly asked for? US Privacy LawsEU Privacy Laws
  21. 21. UX Focus on the Framework What does consent look like? EU Right to be ForgottenFTC Fair Information Practises Legal
  22. 22. UX Focus on the Framework What does consent look like? Notification via Terms of Service Existing Consent Models are Broken
  23. 23. UX Focus on the Framework What does consent look like? Opt-In & Opt-OutNotification via Terms of Service Existing Consent Models are Broken
  24. 24. UX Focus on the Framework What does consent look like? Data sharing disclosures Existing Consent Models are Broken
  25. 25. UX Focus on the Framework What does consent look like? Consent via NagwareData sharing disclosures Existing Consent Models are Broken
  26. 26. UX Focus on the Framework What does consent look like? CHOICENO REAL Existing Consent Models are Broken
  27. 27. Security DRM Privacy vs. vs. Strong ties between Privacy and Authentication
  28. 28. The tie to user experience and the need for real choices
  29. 29. What’s next for the community? Consensus building / discussion of principles over the past 2 years NISO Privacy Principles Privacy Guidelines from ALA Intellectual Freedom Committee & Digital Content Working Group LITA Patron Privacy Interest Group Library Digital Privacy Pledge
  30. 30. What’s next for the community? Now is the time for action How do we put these principles into practice Iterative process - implement, learn, change Expectations & perspectives may change as practices develop
  31. 31. Let’s Get to the How
  32. 32. The Next Step Use the shared partnership amongst the vendors, libraries and users to create a shared ecosystem to build a model Model language for RFP and Contract Audit standards and responses Mapping of principles to local and regional privacy laws Share implementation best practices amongst libraries and suppliers Encourage ALA Privacy Summit to move the topic forward
  33. 33. Resources NISO Consensus Framework to Support Patron Privacy in Digital Library and Information Systems - http: //www.niso.org/topics/tl/patron_privacy/ ALA Code of Ethics - http://www.ala.org/advocacy/proethics/codeofethics/codeethics ALA Office of Intellectual Freedom - https://chooseprivacyweek.org ALA Library Privacy Guidelines for e-book Lending and Digital Content Vendors - http://www.ala. org/advocacy/library-privacy-guidelines-e-book-lending-and-digital-content-vendors Library Digital Privacy Pledge - https://libraryfreedomproject.org/ourwork/digitalprivacypledge/ Stock Photography Source: Shutterstock and Stocksnap.io
  34. 34. Discussion, Ideas, Questions

×