Constant vigilance! CONSTANT VIGILANCE!
Mad-eye Moody’s catchphrase in Harry Potter and the Goblet of Fire expresses his view of the primary requirement to defend against the Dark Arts: continually paying attention to potential threats.
Moody’s dictate is something I keep in mind as I do my job. Many of us run catalogs and discovery systems and are audacious enough to put them on the web, for anybody to search. Absolutely anybody – including the script kiddies, crackers, and botnet operators could take our servers over for their own ends – or simply vandalize them for the lulz.
That’s a threat that the people behind every public-facing server must either attempt to prevent or ignore, of course. But in libraries we’ve also taken upon ourselves a greater responsibility: to safeguard the privacy of our patrons.
Reader privacy isn’t something to take lightly, unless we choose to take our profession lightly. The freedom to read, one of our core tenets, is curtailed if the reader has to worry about somebody looking over their shoulders or judging them. The freedom to read can sometimes be a life-or-death matter. I’m not just talking about readers in war zones or politically unstable areas: a teenager trying to figure out their place in life, or their very sense of self may find succor in a library; to have what they are reading to find themselves be revealed to the wrong people can be deadly. It’s not always a life-and-death matter, of course, but it’s sufficient to recognize that what a patron is reading is nobody ’s business but their own.
Here are some ways to protect patron privacy that I, a library technologist who also wears the hats of programmer, system administrator, and manager, have learned along the way. (There’s a lot more to each of these ideas, but I wanted to give you an overview.)
There’s no point in giving up. It’s commonly expressed that privacy is either dead, impossible to protect, or unwanted. No! It has become more difficult to protect; modern software and the urge to automate all the things and store all the data makes it easier to gather and collate information about people and their activities. Libraries can resist that, though. And if you think that teens don’t care about privacy, you’re wrong. (For research, click the danah boyd link below.)
Think carefully about what data you collect. For instance, U.S. libraries should never be in the business of collecting Social Security Numbers. If a public library’s policy for establishing proof of residence requires gathering SSNs, it’s time to go to the library board and get that changed.
Protecting confidential data – or losing it - depends on people. There are lots of technical and software measures that can hide, destroy, or encrypt patron information -- but they can be for naught if a clerk isn’t trained to refer every law enforcement request to the appropriate administrators.
There is a lot to learn. Here’s one example: it’s a terrible, no good, very bad thing if a patron calls up the circ desk, tells you that they’ve forgotten their password, and for you to be able to tell them what it is. Don’t know why? Read up on “password hashing.”
There is a lot to teach. Like it or not, one of the roles that many libraries serve is as community tech support. This is also an opportunity: via programs, classes, and one-on-one interactions, you can help patrons learn to better protect themselves online.
You will mess up. Some libraries have had their patron databases breached; many others have had their OPAC servers get pwned. Some libraries have kept too much circulation data and had to hand it over to law enforcement for dubious fishing expeditions – and worst of all, they can be legally bound to say nothing.
This is why I say protecting reader privacy is an ongoing, continuous improvement project. Aim to get better incrementally, learn from your mistakes, and take heart: even Mad Eye Moody’s vigilance failed him, but in time he was freed and able to continue his fight against Voldemort. Don’t take it just from me. Some folks to read on the topic: Alison Macrina of the Library Freedom Project, danah boyd, Barbara Fister, Gary Price, Eric Hellman, and as well as folks outside of the library profession such as Latanya Sweeney. Want to join the discussion? Subscribe to the LITA Patron Privacy Technologies IG’s mailing list. There are also numerous resources available; a good starting point is ALA’s Privacy Toolkit.
And remember... constant vigilance!
Galen Charlton is a developer and manager at Equinox Software, where he spends his time helping libraries to use and improve the open source integrated library systems Koha and Evergreen. He was named an LJ Mover & Shaker in 2013, which he took as an opportunity to sneak Tux the Penguin onto the pages of Library Journal. He can be found on Twitter as @gmcharlt; if you want to send him an encrypted message, check out https://keybase.io/gmcharlt.