SlideShare a Scribd company logo

Privacy and libraries

ā€¢
ā€¢
Dorothea Salo
Dorothea Salo

Lecture for LIS 644, "Digital Trends, Tools, and Debates."

TechnologyEducation
1 of 39
Download to read offline
Privacy and libraries LIS 644 Dorothea Salo
Privacy vs. security ā€¢ A security problem can violate privacy, sure. ā€¢ But the violation is inadvertent! And often involves some illegality! ā€¢ Weā€™re not talking about that today; weā€™ve done so already. ā€¢ Weā€™re talking about perfectly legal (usually) uses of information that still (potentially or actually) violate privacy. ā€¢ This is a mineļ¬eld. I donā€™t have all the answers. We MUST still ask the questions.
What is privacy, really? ā€¢ ā€œExposure of personal informationā€ is too easy an answer. ā€¢ Exposure of what to whom, exactly? ā€¢ danah boyd: ā€œrespecting contextā€ ā€¢ Consider your social circles. You have several of them. What happens to them online? ā€¢ So privacy is partly the ability to practice ā€œselective disclosureā€ (another boyd-ism). ā€¢ Privacy is also trust that those we interact with will not betray us. ā€¢ Whatā€™s betrayal in a library context, and how do libraries avoid it?
Why do we care? ā€¢ Privacy of information use is a cornerstone of intellectual freedom. ā€¢ ALA Code of Ethics: ā€¢ III. We protect each library user's right to privacy and conļ¬dentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted. ā€¢ Additional concerns include: ā€¢ Privacy of research subjects in collected data ā€¢ Privacy of living individuals mentioned in archival materials ā€¢ Privacy of conļ¬dential business records ā€¢ Privacy for especially vulnerable individuals
What is ā€œfreedom to read?ā€ ā€¢ Historically: preventing Big Brother from watching patronsā€™ checkout histories ā€¢ Remember the Patriot Act? How ā€˜bout that NSA? ā€¢ What happens to circ records nowadays? How did moving circ records digital help privacy? ā€¢ Today: is Big Brother the only threat? ā€¢ Who else wants information, and will pay and/or bug to get it? ā€¢ Historically: censorship and book banning ā€¢ Today: is that all that keeps good information out of the hands of patrons?
Do we have privacy laws? ā€¢ Not in the US. Not really. ā€¢ We have libel and slander laws, and laws about childrenā€™s information online (remember those?). Limited ā€œinvasion of physical spaceā€ laws. ā€¢ Consumer-privacy laws have been introduced in Congress. No joy... yet. ā€¢ We often have laws/ordinances around library patron information. ā€¢ And even in the absence of law we SHOULD (and usually do) have policy. ā€¢ KNOW THE LAW AND POLICY where you are. ā€¢ Itā€™s diļ¬€erent in Canada and Europe. ā€¢ Canada has even taken Facebook to the cleaners once or twice.
Why do privacy problems happen? ā€¢ Monetary beneļ¬t ā€¢ Accident or ineptitude (see thedailywtf.com) ā€¢ Privilege and associated thoughtlessness ā€¢ Google Buzz: testing with its own (white, male, healthy, wealthy, educated) engineers and no one else. ā€¢ Collapse of realspace social boundaries on the web ā€¢ This is a service-design problem! Human beings manage just ļ¬ne in realspace. Our online tools donā€™t give us the aļ¬€ordances we need to replicate that success online. ā€¢ Web is more than the sum of its parts. ā€¢ Most scarily: DESIRE TO OFFER GOOD SERVICE, e.g. recommender engines.
Libraries and privacy ā€¢ Itā€™s not as simple as ā€œalways protect patron privacy!ā€ ā€¢ What about libraries and social media? Will we wipe librarians oļ¬€ the Web? Really? ā€¢ What about user studies for service improvement? ā€¢ What about patron communities that form around our materials and services? ā€¢ What about users who WANT to share what they read, watch, and listen to? Will we shake our paternalistic ļ¬ngers at them and tell them no? ā€¢ What about digitization projects? Research? ā€¢ ā€œHowā€ is getting harder to ļ¬gure out too.
Known privacy issues
Law hinders privacy research ā€¢ DMCA! ā€¢ If thereā€™s information about you on a machine you own (or even one you donā€™t), and the only way you can ļ¬nd out about it is to hack the machine... ā€¢ These lawsuits have happened. ā€¢ Often they go away very quickly as the vocal tech community shames the plaintiļ¬€. ā€¢ But Ed Felten of Princeton has been in and out of court so many times...
Public records ā€¢ Back in the day, if you wanted a public record, you went to a physical building, combed through ļ¬le cabinets, and paid for the privilege. ā€¢ This is a variant on security-by-obscurity. ā€¢ Now many public records are online. Easy discovery and easy access make them A LOT MORE PUBLIC. ā€¢ How should we, as citizens, respond? ā€¢ As records managers/archivists/librarians, how should we educate, train, and refer?
An example
An example
Email ā€¢ So how ā€˜bout that Petraeus guy? ā€¢ Email is only very loosely legally protected at present. ā€¢ Larger point: we have the privacy protections we do because they are enshrined in law, not because theyā€™re societal norms. Theyā€™re pretty clearly not. ā€¢ Email is sent in the clear unless you take encryption precautions. ā€¢ Even then it may be readable if your inbox is hacked. ā€¢ Your employer owns its email systems and email sent on them. Behave accordingly. ā€¢ Students: using non-university email may bypass FERPA protections.
What is ā€œreidentiļ¬cationā€ or ā€œde-anonymizationā€? ā€¢ Imagine this scenario: ā€¢ One website has your name, age, zipcode, and gender. ā€¢ Another has your age, gender, zipcode, pseudonym, and dubious or sensitive taste in entertainment. ā€¢ If the info from both sites can be collated, you can be pegged to your taste. ā€¢ And your pseudonym just got exposed. Hope you werenā€™t using it anywhere else... ā€¢ We arenā€™t as unique as we think! ā€¢ ā€œAnonymizingā€ data doesnā€™t ļ¬x this. ā€¢ We can be identiļ¬ed by our attributes, friends, and behavior almost as easily as by regular identiļ¬ers. ā€¢ What price public records NOW?
Reidentiļ¬cation horror scenarios ā€¢ Health information ā€¢ Wouldnā€™t your insurance company like to know...? ā€¢ Becoming a major issue in health research! ā€¢ ā€œCharacter witnessingā€ ā€¢ Are you an atheist? A gamer (this came up in a 2012 political campaign)? GLBTQ and not out? A person of color whoā€™s passing? A woman in IT? A whistleblower? ā€¢ A target for harm ā€¢ Physical, legal, ļ¬nancial, employment, mental/emotional (bullying) ā€¢ Where could library-patron information ļ¬gure in to this? Archives informants?
Commercial privacy violation on the web
What information does the web collect about us? ā€¢ ā€œPersonal informationā€ ā€¢ Including health information, demography. ā€¢ Financial information ā€¢ Information about our habits ā€¢ Purchasing habits ā€¢ Entertainment habits (including, yes, reading habits) ā€¢ Search habits ā€¢ Information about our physical location ā€¢ through IP addresses or through web services like Foursquare ā€¢ Information about our social lives ā€¢ And then it correlates as much of this as it can!
How is this information collected? ā€¢ Through server and search logs (IP addresses) ā€¢ Through sign-ins ā€¢ some of which are ā€œreal name requiredā€ ā€¢ Geolocation of our gadgetry ā€¢ Browser ā€œļ¬ngerprintingā€ ā€¢ Which version, with what add-ons, on which OS... unique! ā€¢ Human error (and exploitation thereof ) ā€¢ Through observation of our behavior on individual websites and across websites ā€¢ Cookies, Flash cookies, ā€œweb bugs.ā€ Worst case: ā€œkeyloggers.ā€ ā€¢ Our online associatesā€™ behavior ā€¢ Which we obviously donā€™t control! ā€¢ How much of this are we actually aware of? How much do sites disclose? Let us control?
Eļ¬€ects ā€¢ ... on citizenship ā€¢ ... on open discourse ā€¢ ... on vulnerable populations ā€¢ ... on markets ā€¢ is privacy-endangerment a winner-take-all market? ā€¢ what about online redlining?
Examples
Privacy and ebooks ā€¢ Ebook vendors, unlike libraries, do not necessarily purge records of what you read. ā€¢ You are entirely at their mercy as far as who they share those records with and what they do with them. ā€¢ Are they collecting info from library patrons too? Unclear! ā€¢ Because of this and DRM, they can also take away what you want to read. ā€¢ And then thereā€™s what you search for, or look at, but donā€™t read. ā€¢ What do we do about this? What should we do?
Facebook has sold... ā€¢ ā€¢ ā€¢ ā€¢ Your phone number Information about your purchases Information about your social network Information about Facebook campaigns youā€™ve participated in ā€¢ Information about what youā€™ve ā€œliked.ā€ ā€¢ While refusing to let you opt out of the sale of this information. ā€¢ Your likeness, for advertisers to use on your friends. ā€¢ Google ainā€™t much better, and is getting worse.
Others have tried to use Facebook to... ā€¢ Screen employees ā€¢ including by requiring applicants to hand over Facebook passwords! ā€¢ (To Facebookā€™s credit, it actually fought this one.) ā€¢ Perform background checks (for employment or other reasons) ā€¢ Do social-science research, sans informed consent ā€¢ At Harvard, some researchers made their RAs hand over their Facebook passwords so they could see friendslocked material. ā€¢ How are you feeling about your Facebook?
Guess what? ā€¢ Facebook has sold MY information too, and I refuse to use Facebook! ā€¢ Look up ā€œshadow proļ¬lesā€ sometime. ā€¢ If you delete your account, Facebook keeps and continues to sell your information. ā€¢ Facebook may or may not actually delete photos when you delete them. ā€¢ Guess why I donā€™t use Facebook? ā€¢ Should libraries? Conļ¬‚ict between privacy ethics and ā€œgo where the patrons are.ā€
ā€œLikeā€ buttons ā€¢ When you log into Facebook, Facebook knows you visited any page with a ā€œLikeā€ button on it, even if you do not click Like. ā€¢ Facebook has also been caught tracking this on logged-out users. They claim theyā€™ve stopped. ā€¢ If your library puts Like buttons on catalog pages... (you do the math) ā€¢ Not just a Facebook issue, by the way. ā€¢ Social-media truism: ā€¢ ā€œIf you are not paying for it, youā€™re not the customer; youā€™re the product being sold.ā€ ā€”blue_beetle on MetaFilter
Amazon ā€¢ OverDrive signs a deal with Amazon to lend Kindle ebooks through libraries. ā€¢ To do this, patrons have to tell Amazon their Kindle identiļ¬er, just as though they were buying the book. ā€¢ Amazon sends ā€œhi, your loan is ending, how about buying the book?ā€ messages to patrons. ā€¢ And is, as far as anybody knows, keeping information about who checked out what.
Try it yourself: JSTOR ā€¢ JSTOR ā€œRegister and Readā€ program ā€¢ Give non-aļ¬ƒliated scholars/interested public unpaid access to JSTOR, in return for a signup that ties reading to the signupā€™s email address. ā€¢ Letā€™s look at their privacy policy. ā€¢ http://www.jstor.org/page/info/about/policies/privacy.jsp ā€¢ What info are they collecting? Reidentiļ¬cation risk? ā€¢ What risks might there be to program participants with respect to what they read? ā€¢ What do they say they can do with it? ā€¢ How is this diļ¬€erent from standard library policies, practices, and legal protections?
Try it yourself: JSTOR ā€¢ Real reason to worry: Swartz case. ā€¢ Is loss of privacy an unintended side eļ¬€ect of library disintermediation/disruption? ā€¢ If so, what do we do? Without sounding like a bunch of luddite worrywart Trithemiuses just out to protect our own jobs?
Privacy in archives ā€¢ Boston College IRA case ā€¢ Oral histories collected from Northern Irish people who fought for IRA ā€¢ Archivists promised informants not to release until after those informants died. ā€¢ UK authorities: ā€œFork it over, archivists.ā€ ā€¢ Lawsuits ļ¬‚ew! ā€¢ What would you do? ā€¢ You need to decide this. Before something similar happens to you.
What now?
What people want ā€¢ Control of which pieces of data they share. ā€¢ Choice about how their data will be used. ā€¢ Commitment that their personal data (i.e., email address, phone number) won't be passed on to third parties. Ā  ā€¢ Compensation: Consumers also want a reason to share data, and to understand how they will beneļ¬t. ā€¢ (via http://www.mediapost.com/publications/article/161410/consumerswilling-to-share-data-but-at-a-price.html) ā€¢ Can we do this in libraries? How?
More suggestions ā€¢ Donā€™t collect data you donā€™t need. ā€¢ And throw away data once itā€™s no longer of use. ā€¢ This includes computer logs! (IM chat ref, anyone?) ā€¢ Think outside your own demographic box. ā€¢ As Google seems to have so much trouble doing... ā€¢ Be transparent. ā€¢ Be activist. We have a bully pulpit! ā€¢ PAY ATTENTION to the security and privacy of library IT infrastructure. ā€¢ This EMPHATICALLY includes the ramiļ¬cations of thirdparty IT such as ā€œlikeā€ buttons. ā€¢ It also includes contracts with content providers. A privacy review should be an intrinsic part of collection development.
Rule of thumb? ā€¢ In the absence of a warrant or subpoena, donā€™t keep or disclose information about the behavior of identiļ¬able patrons until the patron has not only consented, but ASKED YOU to retain or disclose the information. ā€¢ AND MAYBE NOT EVEN THEN. ā€¢ We know people make poor choices here!
Protecting digital privacy ā€¢ My suggestions: encryption, deletion, awareness. ā€¢ Encryption is where itā€™s at, folks. Itā€™s not perfect, but itā€™s the best weā€™ve got. ā€¢ Delete digital records. As often as possible. Perhaps oftener. (Sorry, records managers and digital archivists! Privacy comes ļ¬rst!) ā€¢ Try to be aware of when your data are being collected. Websites like tosdr.org (and the associated browser plugins) help!
Example: cloud storage ā€¢ Cloud storage services almost all encrypt data at some point. ā€¢ Google Drive, not so much. Just so you know. ā€¢ Important questions: who holds the key, and when are the data locked up? ā€¢ Dropbox, Box (for now): They hold the key. This means they can rat you out, snoop, etc. Also means that data travel in the clear, and are vulnerable to packet-sniļ¬ƒng! NOT SECURE. ā€¢ SpiderOak: YOU hold the key, and encryption happens on YOUR machine, before data move over the network. SpiderOak doesnā€™t even see your data unencrypted, canā€™t decrypt it. Secure, but donā€™t lose passwords!
Example: protecting your web surļ¬ng from marketers ā€¢ Remember the stuļ¬€ I discussed last week with respect to browser security? It can help protect your privacy as well. ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ On an untrusted network, use a VPN to prevent packet-sniļ¬ƒng. Do not let your browser accept third-party cookies. Use adblocking, tracking-blocking browser add-ins liberally. Grab the ā€œHTTPS Everywhereā€ browser add-in from the EFF. Turn on the ā€œDo Not Trackā€ setting in your browser; it doesnā€™t do much, but it does something at least. ā€¢ Serious question: which of these should we install on patron computers? ā€¢ Or is that too paternalistic, and patrons will be upset when Facebook likes donā€™t work? ā€¢ Can we at least raise awareness, e.g. with tosdr.org plugin?
Example: smartphones ā€¢ I DONā€™T EVEN KNOW, folks. ā€¢ Smartphone owners do not control their phoneā€™s privacy/security. Either Apple or their carrier (Android phones) does. ā€¢ Phones leak data all over the place! ā€¢ Location data particularly, but all ā€œmetadataā€ is of concern. ā€¢ I donā€™t see an answer except better law. ā€¢ Carriers are constrained by current legal framework to keep metadata indeļ¬nitely!
Bottom line: ā€¢ Libraries and archives generally do privacy right. We certainly care about it! ā€¢ A lot of online businesses are doing privacy very, very wrong. ā€¢ Not to mention the feds! ā€¢ And a lot of regular people are in no position to navigate the hazards. ā€¢ So we have a serious problem on our hands! ā€¢ And we owe it to civil society to continue to set a good example.

Recommended

Paying for it
Paying for itPaying for it
Paying for it
Dorothea Salo
Ā 
Soylent Semantic Web Is People! (with notes)
Soylent Semantic Web Is People! (with notes)Soylent Semantic Web Is People! (with notes)
Soylent Semantic Web Is People! (with notes)
Dorothea Salo
Ā 
Soylent SemanticWeb Is People!
Soylent SemanticWeb Is People!Soylent SemanticWeb Is People!
Soylent SemanticWeb Is People!
Dorothea Salo
Ā 
The surprising adventures of the mechanical curator
The surprising adventures of the mechanical curatorThe surprising adventures of the mechanical curator
The surprising adventures of the mechanical curator
benosteen
Ā 
Grab a bucket! It's raining data!
Grab a bucket! It's raining data!Grab a bucket! It's raining data!
Grab a bucket! It's raining data!
Dorothea Salo
Ā 
Closing Plenary: Museums and the Web Asia
Closing Plenary: Museums and the Web AsiaClosing Plenary: Museums and the Web Asia
Closing Plenary: Museums and the Web Asia
George Oates
Ā 
MW2011: Cope, A., Authority Records, Future Computers and Other Unfinished Hi...
MW2011: Cope, A., Authority Records, Future Computers and Other Unfinished Hi...MW2011: Cope, A., Authority Records, Future Computers and Other Unfinished Hi...
MW2011: Cope, A., Authority Records, Future Computers and Other Unfinished Hi...
museums and the web
Ā 
Social Media for the Scared February 2014
Social Media for the Scared February 2014Social Media for the Scared February 2014
Social Media for the Scared February 2014
Bex Lewis
Ā 

Recommended

Paying for it
Paying for itPaying for it
Paying for it
Dorothea Salo
Ā 
Soylent Semantic Web Is People! (with notes)
Soylent Semantic Web Is People! (with notes)Soylent Semantic Web Is People! (with notes)
Soylent Semantic Web Is People! (with notes)
Dorothea Salo
Ā 
Soylent SemanticWeb Is People!
Soylent SemanticWeb Is People!Soylent SemanticWeb Is People!
Soylent SemanticWeb Is People!
Dorothea Salo
Ā 
The surprising adventures of the mechanical curator
The surprising adventures of the mechanical curatorThe surprising adventures of the mechanical curator
The surprising adventures of the mechanical curator
benosteen
Ā 
Grab a bucket! It's raining data!
Grab a bucket! It's raining data!Grab a bucket! It's raining data!
Grab a bucket! It's raining data!
Dorothea Salo
Ā 
Closing Plenary: Museums and the Web Asia
Closing Plenary: Museums and the Web AsiaClosing Plenary: Museums and the Web Asia
Closing Plenary: Museums and the Web Asia
George Oates
Ā 
MW2011: Cope, A., Authority Records, Future Computers and Other Unfinished Hi...
MW2011: Cope, A., Authority Records, Future Computers and Other Unfinished Hi...MW2011: Cope, A., Authority Records, Future Computers and Other Unfinished Hi...
MW2011: Cope, A., Authority Records, Future Computers and Other Unfinished Hi...
museums and the web
Ā 
Social Media for the Scared February 2014
Social Media for the Scared February 2014Social Media for the Scared February 2014
Social Media for the Scared February 2014
Bex Lewis
Ā 
Zak Mensah: Self-publishing in Education
Zak Mensah: Self-publishing in EducationZak Mensah: Self-publishing in Education
Zak Mensah: Self-publishing in Education
ARLISUKI
Ā 
Educators & Librarians in SL
Educators & Librarians in SLEducators & Librarians in SL
Educators & Librarians in SL
Lorri Mon
Ā 
Thumbs up!
Thumbs up!Thumbs up!
Thumbs up!
Kim Anderson
Ā 
Paul Gough: Keynote Speech
Paul Gough: Keynote SpeechPaul Gough: Keynote Speech
Paul Gough: Keynote Speech
ARLISUKI
Ā 
Closing Plenary: National Digital Forum
Closing Plenary: National Digital ForumClosing Plenary: National Digital Forum
Closing Plenary: National Digital Forum
George Oates
Ā 
Web 2.0: How to Stop Thinking and Start Doing: Addressing Organisational Barr...
Web 2.0: How to Stop Thinking and Start Doing: Addressing Organisational Barr...Web 2.0: How to Stop Thinking and Start Doing: Addressing Organisational Barr...
Web 2.0: How to Stop Thinking and Start Doing: Addressing Organisational Barr...
lisbk
Ā 
The time for Libraries is NOW
The time for Libraries is NOWThe time for Libraries is NOW
The time for Libraries is NOW
Ned Potter
Ā 
Hacking Libraries
Hacking LibrariesHacking Libraries
Hacking Libraries
Joyce Kasman Valenza
Ā 
Social media for the scared february 2013
Social media for the scared february 2013Social media for the scared february 2013
Social media for the scared february 2013
Bex Lewis
Ā 
Where are Repository's Going?
Where are Repository's Going?Where are Repository's Going?
Where are Repository's Going?
benosteen
Ā 
Transforming Our Vision to Enhance Library Services
Transforming Our Vision to Enhance Library ServicesTransforming Our Vision to Enhance Library Services
Transforming Our Vision to Enhance Library Services
St. Petersburg College
Ā 
Caslis Feb2010
Caslis Feb2010Caslis Feb2010
Caslis Feb2010
guest4d312f
Ā 
Scanned and Delivered: How the DHLab made remote research work
Scanned and Delivered: How the DHLab made remote research workScanned and Delivered: How the DHLab made remote research work
Scanned and Delivered: How the DHLab made remote research work
YHRUploads
Ā 
Curation North Carolina
Curation North CarolinaCuration North Carolina
Curation North Carolina
Joyce Kasman Valenza
Ā 
UKSG 2015 Mechanical curator and British Library labs
UKSG 2015 Mechanical curator and British Library labsUKSG 2015 Mechanical curator and British Library labs
UKSG 2015 Mechanical curator and British Library labs
benosteen
Ā 
DPLA - an introduction for historians
DPLA - an introduction for historiansDPLA - an introduction for historians
DPLA - an introduction for historians
Larry Naukam
Ā 
Situation DƤnemark
Situation DƤnemarkSituation DƤnemark
Situation DƤnemark
Charlotte S H Jensen
Ā 
Web 2.0 Excerpt for Troy Teachers
Web 2.0 Excerpt for Troy TeachersWeb 2.0 Excerpt for Troy Teachers
Web 2.0 Excerpt for Troy Teachers
sraslim
Ā 
Using Web 2 0 Tools To "Enliven" Projects Nov 20
Using Web 2 0 Tools To "Enliven" Projects Nov 20Using Web 2 0 Tools To "Enliven" Projects Nov 20
Using Web 2 0 Tools To "Enliven" Projects Nov 20
Anna Koval
Ā 
SWONtech News for July, 2012
SWONtech News for July, 2012SWONtech News for July, 2012
SWONtech News for July, 2012
SWON Libraries Consortium
Ā 
Canoe the Open Content Rapids
Canoe the Open Content RapidsCanoe the Open Content Rapids
Canoe the Open Content Rapids
Dorothea Salo
Ā 
Databases, Markup, and Regular Expressions
Databases, Markup, and Regular ExpressionsDatabases, Markup, and Regular Expressions
Databases, Markup, and Regular Expressions
Dorothea Salo
Ā 

More Related Content

What's hot

Caslis Feb2010
Caslis Feb2010Caslis Feb2010
Caslis Feb2010
guest4d312f
Ā 

What's hot (20)

Zak Mensah: Self-publishing in Education
Zak Mensah: Self-publishing in EducationZak Mensah: Self-publishing in Education
Zak Mensah: Self-publishing in Education
Ā 
Educators & Librarians in SL
Educators & Librarians in SLEducators & Librarians in SL
Educators & Librarians in SL
Ā 
Thumbs up!
Thumbs up!Thumbs up!
Thumbs up!
Ā 
Paul Gough: Keynote Speech
Paul Gough: Keynote SpeechPaul Gough: Keynote Speech
Paul Gough: Keynote Speech
Ā 
Closing Plenary: National Digital Forum
Closing Plenary: National Digital ForumClosing Plenary: National Digital Forum
Closing Plenary: National Digital Forum
Ā 
Web 2.0: How to Stop Thinking and Start Doing: Addressing Organisational Barr...
Web 2.0: How to Stop Thinking and Start Doing: Addressing Organisational Barr...Web 2.0: How to Stop Thinking and Start Doing: Addressing Organisational Barr...
Web 2.0: How to Stop Thinking and Start Doing: Addressing Organisational Barr...
Ā 
The time for Libraries is NOW
The time for Libraries is NOWThe time for Libraries is NOW
The time for Libraries is NOW
Ā 
Hacking Libraries
Hacking LibrariesHacking Libraries
Hacking Libraries
Ā 
Social media for the scared february 2013
Social media for the scared february 2013Social media for the scared february 2013
Social media for the scared february 2013
Ā 
Where are Repository's Going?
Where are Repository's Going?Where are Repository's Going?
Where are Repository's Going?
Ā 
Transforming Our Vision to Enhance Library Services
Transforming Our Vision to Enhance Library ServicesTransforming Our Vision to Enhance Library Services
Transforming Our Vision to Enhance Library Services
Ā 
Caslis Feb2010
Caslis Feb2010Caslis Feb2010
Caslis Feb2010
Ā 
Scanned and Delivered: How the DHLab made remote research work
Scanned and Delivered: How the DHLab made remote research workScanned and Delivered: How the DHLab made remote research work
Scanned and Delivered: How the DHLab made remote research work
Ā 
Curation North Carolina
Curation North CarolinaCuration North Carolina
Curation North Carolina
Ā 
UKSG 2015 Mechanical curator and British Library labs
UKSG 2015 Mechanical curator and British Library labsUKSG 2015 Mechanical curator and British Library labs
UKSG 2015 Mechanical curator and British Library labs
Ā 
DPLA - an introduction for historians
DPLA - an introduction for historiansDPLA - an introduction for historians
DPLA - an introduction for historians
Ā 
Situation DƤnemark
Situation DƤnemarkSituation DƤnemark
Situation DƤnemark
Ā 
Web 2.0 Excerpt for Troy Teachers
Web 2.0 Excerpt for Troy TeachersWeb 2.0 Excerpt for Troy Teachers
Web 2.0 Excerpt for Troy Teachers
Ā 
Using Web 2 0 Tools To "Enliven" Projects Nov 20
Using Web 2 0 Tools To "Enliven" Projects Nov 20Using Web 2 0 Tools To "Enliven" Projects Nov 20
Using Web 2 0 Tools To "Enliven" Projects Nov 20
Ā 
SWONtech News for July, 2012
SWONtech News for July, 2012SWONtech News for July, 2012
SWONtech News for July, 2012
Ā 

Viewers also liked

Canoe the Open Content Rapids
Canoe the Open Content RapidsCanoe the Open Content Rapids
Canoe the Open Content Rapids
Dorothea Salo
Ā 
MARC and BIBFRAME; Linking libraries and archives
MARC and BIBFRAME; Linking libraries and archivesMARC and BIBFRAME; Linking libraries and archives
MARC and BIBFRAME; Linking libraries and archives
Dorothea Salo
Ā 
Risk management and auditing
Risk management and auditingRisk management and auditing
Risk management and auditing
Dorothea Salo
Ā 
Altctrl Presentation Geek
Altctrl Presentation GeekAltctrl Presentation Geek
Altctrl Presentation Geek
Freelancer
Ā 
Din Cascada, Prin Spirala, Inspre Programari
Din Cascada, Prin Spirala, Inspre ProgramariDin Cascada, Prin Spirala, Inspre Programari
Din Cascada, Prin Spirala, Inspre Programari
Freelancer
Ā 

Viewers also liked (20)

Canoe the Open Content Rapids
Canoe the Open Content RapidsCanoe the Open Content Rapids
Canoe the Open Content Rapids
Ā 
Databases, Markup, and Regular Expressions
Databases, Markup, and Regular ExpressionsDatabases, Markup, and Regular Expressions
Databases, Markup, and Regular Expressions
Ā 
Escaping the Red Queen's Race with Open Access
Escaping the Red Queen's Race with Open AccessEscaping the Red Queen's Race with Open Access
Escaping the Red Queen's Race with Open Access
Ā 
Research Data and Scholarly Communication
Research Data and Scholarly CommunicationResearch Data and Scholarly Communication
Research Data and Scholarly Communication
Ā 
MARC and BIBFRAME; Linking libraries and archives
MARC and BIBFRAME; Linking libraries and archivesMARC and BIBFRAME; Linking libraries and archives
MARC and BIBFRAME; Linking libraries and archives
Ā 
Le IR, c'est mort. Vive le IR!
Le IR, c'est mort. Vive le IR!Le IR, c'est mort. Vive le IR!
Le IR, c'est mort. Vive le IR!
Ā 
Taming the Monster: Digital Preservation Planning and Implementation Tools
Taming the Monster: Digital Preservation Planning and Implementation ToolsTaming the Monster: Digital Preservation Planning and Implementation Tools
Taming the Monster: Digital Preservation Planning and Implementation Tools
Ā 
Risk management and auditing
Risk management and auditingRisk management and auditing
Risk management and auditing
Ā 
Digital preservation and institutional repositories
Digital preservation and institutional repositoriesDigital preservation and institutional repositories
Digital preservation and institutional repositories
Ā 
Library Linked Data
Library Linked DataLibrary Linked Data
Library Linked Data
Ā 
What We Organize
What We OrganizeWhat We Organize
What We Organize
Ā 
The Social Journal
The Social JournalThe Social Journal
The Social Journal
Ā 
Codnuita IAB
Codnuita IABCodnuita IAB
Codnuita IAB
Ā 
Altctrl Presentation Geek
Altctrl Presentation GeekAltctrl Presentation Geek
Altctrl Presentation Geek
Ā 
Librarians love data!
Librarians love data!Librarians love data!
Librarians love data!
Ā 
Research Data and Scholarly Communication (with notes)
Research Data and Scholarly Communication (with notes)Research Data and Scholarly Communication (with notes)
Research Data and Scholarly Communication (with notes)
Ā 
The Canonically Bad (Digital) Humanities Proposal (and how to avoid it)
The Canonically Bad (Digital) Humanities Proposal (and how to avoid it)The Canonically Bad (Digital) Humanities Proposal (and how to avoid it)
The Canonically Bad (Digital) Humanities Proposal (and how to avoid it)
Ā 
Social Networks And Private Life
Social Networks And Private LifeSocial Networks And Private Life
Social Networks And Private Life
Ā 
Din Cascada, Prin Spirala, Inspre Programari
Din Cascada, Prin Spirala, Inspre ProgramariDin Cascada, Prin Spirala, Inspre Programari
Din Cascada, Prin Spirala, Inspre Programari
Ā 
Web Stock09 Viorel Spinu
Web Stock09 Viorel SpinuWeb Stock09 Viorel Spinu
Web Stock09 Viorel Spinu
Ā 

Similar to Privacy and libraries

Legal Issues In Social Media Oct. 2012
Legal Issues In Social Media Oct. 2012Legal Issues In Social Media Oct. 2012
Legal Issues In Social Media Oct. 2012
curlistl
Ā 
Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...
Justin Denton
Ā 
Impact cyber safety revised
Impact cyber safety revisedImpact cyber safety revised
Impact cyber safety revised
libraryreeder
Ā 
Legal issues facing journalists
Legal issues facing journalistsLegal issues facing journalists
Legal issues facing journalists
Ellyn Angelotti
Ā 
Ripped from the headlines 10 26-2011
Ripped from the headlines 10 26-2011Ripped from the headlines 10 26-2011
Ripped from the headlines 10 26-2011
aswitzer1
Ā 

Similar to Privacy and libraries (20)

Intellectual Freedom, Privacy and Social Media
Intellectual Freedom, Privacy and Social MediaIntellectual Freedom, Privacy and Social Media
Intellectual Freedom, Privacy and Social Media
Ā 
Corp Web Risks and Concerns
Corp Web Risks and ConcernsCorp Web Risks and Concerns
Corp Web Risks and Concerns
Ā 
Ethics and IA - seven deadly sins that prevent us from building a better world
Ethics and IA - seven deadly sins that prevent us from building a better worldEthics and IA - seven deadly sins that prevent us from building a better world
Ethics and IA - seven deadly sins that prevent us from building a better world
Ā 
Ethics in Data Science and Machine Learning
Ethics in Data Science and Machine LearningEthics in Data Science and Machine Learning
Ethics in Data Science and Machine Learning
Ā 
8th grade presentation for slideshare
8th grade presentation for slideshare8th grade presentation for slideshare
8th grade presentation for slideshare
Ā 
Legal Issues In Social Media Oct. 2012
Legal Issues In Social Media Oct. 2012Legal Issues In Social Media Oct. 2012
Legal Issues In Social Media Oct. 2012
Ā 
EthUX - ethics and ux
EthUX - ethics and uxEthUX - ethics and ux
EthUX - ethics and ux
Ā 
Ethics and ux ux sofia nov 2018
Ethics and ux ux sofia nov 2018Ethics and ux ux sofia nov 2018
Ethics and ux ux sofia nov 2018
Ā 
Cyber Security Awareness October 2014
Cyber Security Awareness October 2014Cyber Security Awareness October 2014
Cyber Security Awareness October 2014
Ā 
Ethics and UX IxDA Berlin 2018
Ethics and UX IxDA Berlin 2018Ethics and UX IxDA Berlin 2018
Ethics and UX IxDA Berlin 2018
Ā 
Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...
Ā 
privacy and security
privacy and securityprivacy and security
privacy and security
Ā 
Special Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on CybersecuritySpecial Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on Cybersecurity
Ā 
Social Media Safety For High School
Social Media Safety For High SchoolSocial Media Safety For High School
Social Media Safety For High School
Ā 
Impact cyber safety revised
Impact cyber safety revisedImpact cyber safety revised
Impact cyber safety revised
Ā 
Legal issues facing journalists
Legal issues facing journalistsLegal issues facing journalists
Legal issues facing journalists
Ā 
Dark Side of the Net Lecture 1 Introduction
Dark Side of the Net Lecture 1 IntroductionDark Side of the Net Lecture 1 Introduction
Dark Side of the Net Lecture 1 Introduction
Ā 
Digital footprints& datamining
Digital footprints& dataminingDigital footprints& datamining
Digital footprints& datamining
Ā 
Digital Natives? Basics of Information Literacy
Digital Natives? Basics of Information LiteracyDigital Natives? Basics of Information Literacy
Digital Natives? Basics of Information Literacy
Ā 
Ripped from the headlines 10 26-2011
Ripped from the headlines 10 26-2011Ripped from the headlines 10 26-2011
Ripped from the headlines 10 26-2011
Ā 

More from Dorothea Salo

RDF, RDA, and other TLAs
RDF, RDA, and other TLAsRDF, RDA, and other TLAs
RDF, RDA, and other TLAs
Dorothea Salo
Ā 
Avoiding the Heron's Way
Avoiding the Heron's WayAvoiding the Heron's Way
Avoiding the Heron's Way
Dorothea Salo
Ā 

More from Dorothea Salo (17)

Encryption
EncryptionEncryption
Encryption
Ā 
Preservation and institutional repositories for the digital arts and humanities
Preservation and institutional repositories for the digital arts and humanitiesPreservation and institutional repositories for the digital arts and humanities
Preservation and institutional repositories for the digital arts and humanities
Ā 
Is this BIG DATA which I see before me?
Is this BIG DATA which I see before me?Is this BIG DATA which I see before me?
Is this BIG DATA which I see before me?
Ā 
FRBR and RDA
FRBR and RDAFRBR and RDA
FRBR and RDA
Ā 
Manufacturing Serendipity
Manufacturing SerendipityManufacturing Serendipity
Manufacturing Serendipity
Ā 
Occupy Copyright!
Occupy Copyright!Occupy Copyright!
Occupy Copyright!
Ā 
RDF, RDA, and other TLAs
RDF, RDA, and other TLAsRDF, RDA, and other TLAs
RDF, RDA, and other TLAs
Ā 
I own copyright, so I pwn you!
I own copyright, so I pwn you!I own copyright, so I pwn you!
I own copyright, so I pwn you!
Ā 
Avoiding the Heron's Way
Avoiding the Heron's WayAvoiding the Heron's Way
Avoiding the Heron's Way
Ā 
Manufacturing Serendipity
Manufacturing SerendipityManufacturing Serendipity
Manufacturing Serendipity
Ā 
Open Content
Open ContentOpen Content
Open Content
Ā 
Lipstick on a Pig: Integrated Library Systems
Lipstick on a Pig: Integrated Library SystemsLipstick on a Pig: Integrated Library Systems
Lipstick on a Pig: Integrated Library Systems
Ā 
Metadata
MetadataMetadata
Metadata
Ā 
Escaping Datageddon
Escaping DatageddonEscaping Datageddon
Escaping Datageddon
Ā 
So are we winning yet?
So are we winning yet?So are we winning yet?
So are we winning yet?
Ā 
So are we winning yet?
So are we winning yet?So are we winning yet?
So are we winning yet?
Ā 
Open Sesame (and other open movements)
Open Sesame (and other open movements)Open Sesame (and other open movements)
Open Sesame (and other open movements)
Ā 

Recently uploaded

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
Ā 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
Ā 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
Ā 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
Ā 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(ā˜Žļø+971_581248768%)**%*]'#abortion pills for sale in dubai@
Ā 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
Ā 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
Ā 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
Ā 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
Ā 

Recently uploaded (20)

CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
Ā 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Ā 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Ā 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
Ā 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
Ā 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
Ā 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Ā 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Ā 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Ā 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
Ā 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Ā 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Ā 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Ā 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
Ā 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Ā 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Ā 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
Ā 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
Ā 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Ā 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Ā 

Privacy and libraries

  • 1. Privacy and libraries LIS 644 Dorothea Salo
  • 2. Privacy vs. security ā€¢ A security problem can violate privacy, sure. ā€¢ But the violation is inadvertent! And often involves some illegality! ā€¢ Weā€™re not talking about that today; weā€™ve done so already. ā€¢ Weā€™re talking about perfectly legal (usually) uses of information that still (potentially or actually) violate privacy. ā€¢ This is a mineļ¬eld. I donā€™t have all the answers. We MUST still ask the questions.
  • 3. What is privacy, really? ā€¢ ā€œExposure of personal informationā€ is too easy an answer. ā€¢ Exposure of what to whom, exactly? ā€¢ danah boyd: ā€œrespecting contextā€ ā€¢ Consider your social circles. You have several of them. What happens to them online? ā€¢ So privacy is partly the ability to practice ā€œselective disclosureā€ (another boyd-ism). ā€¢ Privacy is also trust that those we interact with will not betray us. ā€¢ Whatā€™s betrayal in a library context, and how do libraries avoid it?
  • 4. Why do we care? ā€¢ Privacy of information use is a cornerstone of intellectual freedom. ā€¢ ALA Code of Ethics: ā€¢ III. We protect each library user's right to privacy and conļ¬dentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted. ā€¢ Additional concerns include: ā€¢ Privacy of research subjects in collected data ā€¢ Privacy of living individuals mentioned in archival materials ā€¢ Privacy of conļ¬dential business records ā€¢ Privacy for especially vulnerable individuals
  • 5. What is ā€œfreedom to read?ā€ ā€¢ Historically: preventing Big Brother from watching patronsā€™ checkout histories ā€¢ Remember the Patriot Act? How ā€˜bout that NSA? ā€¢ What happens to circ records nowadays? How did moving circ records digital help privacy? ā€¢ Today: is Big Brother the only threat? ā€¢ Who else wants information, and will pay and/or bug to get it? ā€¢ Historically: censorship and book banning ā€¢ Today: is that all that keeps good information out of the hands of patrons?
  • 6. Do we have privacy laws? ā€¢ Not in the US. Not really. ā€¢ We have libel and slander laws, and laws about childrenā€™s information online (remember those?). Limited ā€œinvasion of physical spaceā€ laws. ā€¢ Consumer-privacy laws have been introduced in Congress. No joy... yet. ā€¢ We often have laws/ordinances around library patron information. ā€¢ And even in the absence of law we SHOULD (and usually do) have policy. ā€¢ KNOW THE LAW AND POLICY where you are. ā€¢ Itā€™s diļ¬€erent in Canada and Europe. ā€¢ Canada has even taken Facebook to the cleaners once or twice.
  • 7. Why do privacy problems happen? ā€¢ Monetary beneļ¬t ā€¢ Accident or ineptitude (see thedailywtf.com) ā€¢ Privilege and associated thoughtlessness ā€¢ Google Buzz: testing with its own (white, male, healthy, wealthy, educated) engineers and no one else. ā€¢ Collapse of realspace social boundaries on the web ā€¢ This is a service-design problem! Human beings manage just ļ¬ne in realspace. Our online tools donā€™t give us the aļ¬€ordances we need to replicate that success online. ā€¢ Web is more than the sum of its parts. ā€¢ Most scarily: DESIRE TO OFFER GOOD SERVICE, e.g. recommender engines.
  • 8. Libraries and privacy ā€¢ Itā€™s not as simple as ā€œalways protect patron privacy!ā€ ā€¢ What about libraries and social media? Will we wipe librarians oļ¬€ the Web? Really? ā€¢ What about user studies for service improvement? ā€¢ What about patron communities that form around our materials and services? ā€¢ What about users who WANT to share what they read, watch, and listen to? Will we shake our paternalistic ļ¬ngers at them and tell them no? ā€¢ What about digitization projects? Research? ā€¢ ā€œHowā€ is getting harder to ļ¬gure out too.
  • 10. Law hinders privacy research ā€¢ DMCA! ā€¢ If thereā€™s information about you on a machine you own (or even one you donā€™t), and the only way you can ļ¬nd out about it is to hack the machine... ā€¢ These lawsuits have happened. ā€¢ Often they go away very quickly as the vocal tech community shames the plaintiļ¬€. ā€¢ But Ed Felten of Princeton has been in and out of court so many times...
  • 11. Public records ā€¢ Back in the day, if you wanted a public record, you went to a physical building, combed through ļ¬le cabinets, and paid for the privilege. ā€¢ This is a variant on security-by-obscurity. ā€¢ Now many public records are online. Easy discovery and easy access make them A LOT MORE PUBLIC. ā€¢ How should we, as citizens, respond? ā€¢ As records managers/archivists/librarians, how should we educate, train, and refer?
  • 14. Email ā€¢ So how ā€˜bout that Petraeus guy? ā€¢ Email is only very loosely legally protected at present. ā€¢ Larger point: we have the privacy protections we do because they are enshrined in law, not because theyā€™re societal norms. Theyā€™re pretty clearly not. ā€¢ Email is sent in the clear unless you take encryption precautions. ā€¢ Even then it may be readable if your inbox is hacked. ā€¢ Your employer owns its email systems and email sent on them. Behave accordingly. ā€¢ Students: using non-university email may bypass FERPA protections.
  • 15. What is ā€œreidentiļ¬cationā€ or ā€œde-anonymizationā€? ā€¢ Imagine this scenario: ā€¢ One website has your name, age, zipcode, and gender. ā€¢ Another has your age, gender, zipcode, pseudonym, and dubious or sensitive taste in entertainment. ā€¢ If the info from both sites can be collated, you can be pegged to your taste. ā€¢ And your pseudonym just got exposed. Hope you werenā€™t using it anywhere else... ā€¢ We arenā€™t as unique as we think! ā€¢ ā€œAnonymizingā€ data doesnā€™t ļ¬x this. ā€¢ We can be identiļ¬ed by our attributes, friends, and behavior almost as easily as by regular identiļ¬ers. ā€¢ What price public records NOW?
  • 16. Reidentiļ¬cation horror scenarios ā€¢ Health information ā€¢ Wouldnā€™t your insurance company like to know...? ā€¢ Becoming a major issue in health research! ā€¢ ā€œCharacter witnessingā€ ā€¢ Are you an atheist? A gamer (this came up in a 2012 political campaign)? GLBTQ and not out? A person of color whoā€™s passing? A woman in IT? A whistleblower? ā€¢ A target for harm ā€¢ Physical, legal, ļ¬nancial, employment, mental/emotional (bullying) ā€¢ Where could library-patron information ļ¬gure in to this? Archives informants?
  • 18. What information does the web collect about us? ā€¢ ā€œPersonal informationā€ ā€¢ Including health information, demography. ā€¢ Financial information ā€¢ Information about our habits ā€¢ Purchasing habits ā€¢ Entertainment habits (including, yes, reading habits) ā€¢ Search habits ā€¢ Information about our physical location ā€¢ through IP addresses or through web services like Foursquare ā€¢ Information about our social lives ā€¢ And then it correlates as much of this as it can!
  • 19. How is this information collected? ā€¢ Through server and search logs (IP addresses) ā€¢ Through sign-ins ā€¢ some of which are ā€œreal name requiredā€ ā€¢ Geolocation of our gadgetry ā€¢ Browser ā€œļ¬ngerprintingā€ ā€¢ Which version, with what add-ons, on which OS... unique! ā€¢ Human error (and exploitation thereof ) ā€¢ Through observation of our behavior on individual websites and across websites ā€¢ Cookies, Flash cookies, ā€œweb bugs.ā€ Worst case: ā€œkeyloggers.ā€ ā€¢ Our online associatesā€™ behavior ā€¢ Which we obviously donā€™t control! ā€¢ How much of this are we actually aware of? How much do sites disclose? Let us control?
  • 20. Eļ¬€ects ā€¢ ... on citizenship ā€¢ ... on open discourse ā€¢ ... on vulnerable populations ā€¢ ... on markets ā€¢ is privacy-endangerment a winner-take-all market? ā€¢ what about online redlining?
  • 22. Privacy and ebooks ā€¢ Ebook vendors, unlike libraries, do not necessarily purge records of what you read. ā€¢ You are entirely at their mercy as far as who they share those records with and what they do with them. ā€¢ Are they collecting info from library patrons too? Unclear! ā€¢ Because of this and DRM, they can also take away what you want to read. ā€¢ And then thereā€™s what you search for, or look at, but donā€™t read. ā€¢ What do we do about this? What should we do?
  • 23. Facebook has sold... ā€¢ ā€¢ ā€¢ ā€¢ Your phone number Information about your purchases Information about your social network Information about Facebook campaigns youā€™ve participated in ā€¢ Information about what youā€™ve ā€œliked.ā€ ā€¢ While refusing to let you opt out of the sale of this information. ā€¢ Your likeness, for advertisers to use on your friends. ā€¢ Google ainā€™t much better, and is getting worse.
  • 24. Others have tried to use Facebook to... ā€¢ Screen employees ā€¢ including by requiring applicants to hand over Facebook passwords! ā€¢ (To Facebookā€™s credit, it actually fought this one.) ā€¢ Perform background checks (for employment or other reasons) ā€¢ Do social-science research, sans informed consent ā€¢ At Harvard, some researchers made their RAs hand over their Facebook passwords so they could see friendslocked material. ā€¢ How are you feeling about your Facebook?
  • 25. Guess what? ā€¢ Facebook has sold MY information too, and I refuse to use Facebook! ā€¢ Look up ā€œshadow proļ¬lesā€ sometime. ā€¢ If you delete your account, Facebook keeps and continues to sell your information. ā€¢ Facebook may or may not actually delete photos when you delete them. ā€¢ Guess why I donā€™t use Facebook? ā€¢ Should libraries? Conļ¬‚ict between privacy ethics and ā€œgo where the patrons are.ā€
  • 26. ā€œLikeā€ buttons ā€¢ When you log into Facebook, Facebook knows you visited any page with a ā€œLikeā€ button on it, even if you do not click Like. ā€¢ Facebook has also been caught tracking this on logged-out users. They claim theyā€™ve stopped. ā€¢ If your library puts Like buttons on catalog pages... (you do the math) ā€¢ Not just a Facebook issue, by the way. ā€¢ Social-media truism: ā€¢ ā€œIf you are not paying for it, youā€™re not the customer; youā€™re the product being sold.ā€ ā€”blue_beetle on MetaFilter
  • 27. Amazon ā€¢ OverDrive signs a deal with Amazon to lend Kindle ebooks through libraries. ā€¢ To do this, patrons have to tell Amazon their Kindle identiļ¬er, just as though they were buying the book. ā€¢ Amazon sends ā€œhi, your loan is ending, how about buying the book?ā€ messages to patrons. ā€¢ And is, as far as anybody knows, keeping information about who checked out what.
  • 28. Try it yourself: JSTOR ā€¢ JSTOR ā€œRegister and Readā€ program ā€¢ Give non-aļ¬ƒliated scholars/interested public unpaid access to JSTOR, in return for a signup that ties reading to the signupā€™s email address. ā€¢ Letā€™s look at their privacy policy. ā€¢ http://www.jstor.org/page/info/about/policies/privacy.jsp ā€¢ What info are they collecting? Reidentiļ¬cation risk? ā€¢ What risks might there be to program participants with respect to what they read? ā€¢ What do they say they can do with it? ā€¢ How is this diļ¬€erent from standard library policies, practices, and legal protections?
  • 29. Try it yourself: JSTOR ā€¢ Real reason to worry: Swartz case. ā€¢ Is loss of privacy an unintended side eļ¬€ect of library disintermediation/disruption? ā€¢ If so, what do we do? Without sounding like a bunch of luddite worrywart Trithemiuses just out to protect our own jobs?
  • 30. Privacy in archives ā€¢ Boston College IRA case ā€¢ Oral histories collected from Northern Irish people who fought for IRA ā€¢ Archivists promised informants not to release until after those informants died. ā€¢ UK authorities: ā€œFork it over, archivists.ā€ ā€¢ Lawsuits ļ¬‚ew! ā€¢ What would you do? ā€¢ You need to decide this. Before something similar happens to you.
  • 32. What people want ā€¢ Control of which pieces of data they share. ā€¢ Choice about how their data will be used. ā€¢ Commitment that their personal data (i.e., email address, phone number) won't be passed on to third parties. Ā  ā€¢ Compensation: Consumers also want a reason to share data, and to understand how they will beneļ¬t. ā€¢ (via http://www.mediapost.com/publications/article/161410/consumerswilling-to-share-data-but-at-a-price.html) ā€¢ Can we do this in libraries? How?
  • 33. More suggestions ā€¢ Donā€™t collect data you donā€™t need. ā€¢ And throw away data once itā€™s no longer of use. ā€¢ This includes computer logs! (IM chat ref, anyone?) ā€¢ Think outside your own demographic box. ā€¢ As Google seems to have so much trouble doing... ā€¢ Be transparent. ā€¢ Be activist. We have a bully pulpit! ā€¢ PAY ATTENTION to the security and privacy of library IT infrastructure. ā€¢ This EMPHATICALLY includes the ramiļ¬cations of thirdparty IT such as ā€œlikeā€ buttons. ā€¢ It also includes contracts with content providers. A privacy review should be an intrinsic part of collection development.
  • 34. Rule of thumb? ā€¢ In the absence of a warrant or subpoena, donā€™t keep or disclose information about the behavior of identiļ¬able patrons until the patron has not only consented, but ASKED YOU to retain or disclose the information. ā€¢ AND MAYBE NOT EVEN THEN. ā€¢ We know people make poor choices here!
  • 35. Protecting digital privacy ā€¢ My suggestions: encryption, deletion, awareness. ā€¢ Encryption is where itā€™s at, folks. Itā€™s not perfect, but itā€™s the best weā€™ve got. ā€¢ Delete digital records. As often as possible. Perhaps oftener. (Sorry, records managers and digital archivists! Privacy comes ļ¬rst!) ā€¢ Try to be aware of when your data are being collected. Websites like tosdr.org (and the associated browser plugins) help!
  • 36. Example: cloud storage ā€¢ Cloud storage services almost all encrypt data at some point. ā€¢ Google Drive, not so much. Just so you know. ā€¢ Important questions: who holds the key, and when are the data locked up? ā€¢ Dropbox, Box (for now): They hold the key. This means they can rat you out, snoop, etc. Also means that data travel in the clear, and are vulnerable to packet-sniļ¬ƒng! NOT SECURE. ā€¢ SpiderOak: YOU hold the key, and encryption happens on YOUR machine, before data move over the network. SpiderOak doesnā€™t even see your data unencrypted, canā€™t decrypt it. Secure, but donā€™t lose passwords!
  • 37. Example: protecting your web surļ¬ng from marketers ā€¢ Remember the stuļ¬€ I discussed last week with respect to browser security? It can help protect your privacy as well. ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ On an untrusted network, use a VPN to prevent packet-sniļ¬ƒng. Do not let your browser accept third-party cookies. Use adblocking, tracking-blocking browser add-ins liberally. Grab the ā€œHTTPS Everywhereā€ browser add-in from the EFF. Turn on the ā€œDo Not Trackā€ setting in your browser; it doesnā€™t do much, but it does something at least. ā€¢ Serious question: which of these should we install on patron computers? ā€¢ Or is that too paternalistic, and patrons will be upset when Facebook likes donā€™t work? ā€¢ Can we at least raise awareness, e.g. with tosdr.org plugin?
  • 38. Example: smartphones ā€¢ I DONā€™T EVEN KNOW, folks. ā€¢ Smartphone owners do not control their phoneā€™s privacy/security. Either Apple or their carrier (Android phones) does. ā€¢ Phones leak data all over the place! ā€¢ Location data particularly, but all ā€œmetadataā€ is of concern. ā€¢ I donā€™t see an answer except better law. ā€¢ Carriers are constrained by current legal framework to keep metadata indeļ¬nitely!
  • 39. Bottom line: ā€¢ Libraries and archives generally do privacy right. We certainly care about it! ā€¢ A lot of online businesses are doing privacy very, very wrong. ā€¢ Not to mention the feds! ā€¢ And a lot of regular people are in no position to navigate the hazards. ā€¢ So we have a serious problem on our hands! ā€¢ And we owe it to civil society to continue to set a good example.