As part of the IMLS-funded project on “Library Values & Privacy in our National Digital Strategies,” CIPR director Michael Zimmer and Data & Society’s Bonnie Tijerina convened a group of 30 library privacy advocates at ALA Annual in Chicago to attend a “Privacy and Pizza” happy hour. The event provided an informal environment to talk about privacy and provide guidance on the direction the project should take to best support libraries and information professionals in the pursuit of protecting privacy.
Attendees were asked to provide suggestions on topics for the library privacy field guides to be produced during the grant period, and to share reflections on a set of probing questions on what the library and information professional community has had success doing, and what remains as the biggest challenges, regarding patron privacy.
Highlights of this feedback are shared below.
What topics/technologies do you believe would make the best field guides? (votes)
- data security (8)
- privacy by design (7)
- public internet and wifi services (7)
- cloud-based library systems (6)
- internal library information systems (5)
- third-party library software systems (5)
- government information requests (4)
- licensing of digital content (3)
- government surveillance (2)
- social media strategies (1)
What have you done to address privacy issues in libraries?
- Staff training (2)
- Nagging about privacy at every chance I get with patrons, staff, vendors, library community
- Participated in NISO privacy principles
- Delivered talks to publishers & libraries
- Conducted a privacy audit of our library using the guidelines & checklists
- Worked on the privacy checklists
What is one thing your library, or the library profession, is missing to better address privacy issues?
- Language to use when talking to other municipal directors (eg, police chief, city manager) (2)
- Pithy talking points for explaining privacy issues to different stakeholder groups (2)
- Tools for working with specific age groups
- Actually practicing what we preach in our internal operations, as well as in our work with vendors
What questions do you have about privacy in libraries?
- How should libraries audit all the data being collected at their institution — from their wifi networks to their vendor systems?
- How do we motivate ALA Washington Office to push harder on privacy-related legislation?
- How can we better mobilize to influence the practices and ToS of vendors? (2)
- How do we negotiate privacy with vendors?
- Hod do platform-level collection practices by the vendors benefit them? How can libraries responsibly benefit from them as well?
- Do governments subpoena library vendors?
- Are we willing to “degrade” service to preserve privacy?
- What do libraries want to negotiate with vendors?
What is the biggest challenge for addressing privacy issues in libraries?
- Getting average patrons to care (4)
- The hard challenge is reader analytics and privacy with content vendors and delivery platforms (3)
- HTTPS everywhere is crucial and there is no excuse not to do it today, but be sure to the cipher suites right! (3)
- Making it simple
- Apathy (on the part of the people we serve)
- ALA is not united in its position on privacy issues: OIF, OITP, LITA, Council, IFRT, IFC, etc
- Educating library staff (2)
- Separation between the library and the IT department
- Making library administrations prioritize patron privacy (especially with getting resources to ensure privacy)
- Convincing staff it is a priority issue they should care about
If you could have or invent one tool to address privacy, what would it be?
- A foolproof, 100% effective response to “I don’t have anything to hide” or similar attitudes toward privacy
- Money to make privacy-oriented tools work as well as the Google suite of products
- Clear tools for auditing internal privacy practices and infrastructure
- A network of library-run Tor nodes
- A bill that gave the FCC permanent control over regulating broadband (eg, institutionalizing net neutrality)
In 2015, CIPR engaged in a pilot research study to help us understand how libraries are implementing third-party cloud computing services, how these implementations might impact patron privacy, and how libraries are responding to these concerns.
The pilot study focused on 38 libraries who implemented BiblioCommons, and the results have now been published in the Journal of Intellectual Freedom & Privacy, co-authored by Katie Chamberlain Kritikos and CIPR director Michael Zimmer. From the article’s abstract:
Privacy Policies and Practices with Cloud-Based Services in Public Libraries: An Exploratory Case of BiblioCommons
Public libraries are increasingly turning to cloud-based and Library 2.0 solutions to provide patrons more user-focused, interactive, and social platforms from which to explore and use library resources. These platforms – such as BiblioCommons – often rely on the collection and aggregation of patron data, and have the potential to disrupt longstanding ethical norms within librarianship dedicated to protecting patron privacy. This article reports on the results of a pilot research study investigating how libraries are implementing third-party cloud computing services, how these implementations might impact patron privacy, and how libraries are responding to these concerns. The results of this research provide insights to guide the development of a set of best practices for future implementations of cloud-based Library 2.0 platforms in public library settings.
The article references 3 appendices, which are provided here for readers’ convenience:
This week, CIPR hosted the first cross-institutional team meeting for the NSF EAGER (EArly-concept Grants for Exploratory Research) grant to pursue a research collaboration on “Mapping Privacy and Surveillance Dynamics in Emerging Mobile Ecosystems: Practices and Contexts in the Netherlands and US“.
Participants were: Dr. Jessica Vitak, Priya Kumar, and Yuting Liao (University of Maryland); Dr. Jason Pridmore, Dr. Daniel Trottier, and Anouk Mols (Erasmus University); and Dr. Michael Zimmer and Katie Chamberlain Kritikos (UW-Milwaukee).
The US-based team reported on preliminary results from their study on privacy, mobile health, and fitness trackers, while the Dutch team reported on their initial study on privacy and mobile messaging apps. The two teams will next coordinate on a cross-cultural study of user interactions with intelligent digital personal assistants (such as Siri or Alexa). A stakeholder workshop is planned for summer 2018 in College Park, MD. Stay tuned for details!
The Center for Information Policy Research has been awarded a National Leadership Grants for Libraries award from the Institute of Museum and Library Services (IMLS) for the project “Library Values & Privacy in our National Digital Strategies: Field guides, Convenings, and Conversations.”
CIPR will be partnering with Data & Society, along with the American Library Association’s Office of Intellectual Freedom and the New York Public Library, to host a national forum exploring what the library value of privacy means in the digital world. The forum will bring together library practitioners and administrators, along with technology, policy, and privacy experts, to establish a national roadmap for a digital privacy strategy for libraries.
Along with the roadmap, the project will produce a series of field guides for librarians that clearly lay out important privacy and security issues. Field guides will include topics such as: privacy by design, internal library information systems, third-party library software systems, cloud-based library systems, public internet and wifi services, licensing of digital content, data security, government information requests, and social media strategies
CIPR director Dr. Michael Zimmer will be working with Bonnie Tijerina, a researcher at Data & Society, to facilitate the project. The award was one of 25 projects funded out of 90 applications.
UW-Milwaukee School of Information Studies professor Dr. Nadine Kozak and CIPR Director Dr. Michael Zimmer have received funding from the UW-Milwaukee “Research Growth Initiative” internal grant program to launch a new research project called: “Assessing the Implementation of CIPA-Mandated Internet Filtering in U.S. Public Libraries.”
From the project abstract:
Access to information is an essential human right and ensuring universal access to the internet has been recognized as a vital ingredient for fulfilling this human right. While libraries have emerged as a critical source of providing free internet access within the United States, legislation has threatened free and unfettered access to information online. The Children’s Internet Protection Act (CIPA) mandates libraries filter internet access in certain circumstances. While many studies have assessed the efficacy of internet filters, we propose a large-scale investigation of how libraries are implementing CIPA-mandated filtering – along with the legal exception to remove the filters for adults on-demand – to better understand the impact of CIPA “as applied” within library settings.
We are particularly interested in investigating three central issues related to CIPA-mandating filtering. First, what kind of (formal and informal) procedures are in place at libraries to turn off internet filtering when requested by an adult patron; second, how do these procedures play out “on the ground” when librarians are faced with such patron requests; and third, what are the technical complexities in honoring such a request (i.e., can filtering software be modified for a particular computer only, can the filters be modified only for the specific need requested, can the modification be made at the physical location of the library in question, etc.).
To begin exploring these issues, our pilot study will focus on libraries within a 100-mile radius of Milwaukee, Wisconsin, which are required to be CIPA-compliant due to the acceptance of E-Rate funding. We will conduct in-person, unstructured interviews with various institutional actors at each library, including the library director, staff librarians who receive requests from patrons to remove internet filters, and system administrators who maintain the filtering software. The interview questions will focus on gaining a better understanding of how particular libraries chose to apply for E-Rate funding and be required to filter internet access as well as an understanding of the process through which filtering software is turned off in the event that an adult patron requests it. In addition to creating publishable research, the initial interviews will inform the creation of a survey instrument to be used in a national survey of CIPA-compliance at U.S. libraries.
The project will be housed at the UW-Milwaukee Center for Information Policy Research, and will run from July 2017 through December 2018.
CIPR director Michael Zimmer has been appointed Editor of the Journal of Intellectual Freedom and Privacy (JIFP), published by the American Library Association’s Office of Intellectual Freedom.
Journal of Intellectual Freedom & Privacy incorporates many of the features of the Newsletter on Intellectual Freedom. Readers will still read in each issue about the latest incidents of book banning in “censorship dateline,” the latest court rulings in “from the bench,” legal controversies in “is it legal?” and, of course, “success stories.” New ALA intellectual freedom policies and reports to the ALA Council from the Intellectual Freedom Committee and the Freedom to Read Foundation will also continue to appear.
The new journal will add refereed essays and peer-reviewed articles on intellectual freedom and privacy, as well as book reviews, legal briefs and opinion pieces. The goal is to have JIFP at the center of discourse on intellectual freedom and privacy issues in libraries.
CIPR director Michael Zimmer has been awarded an NSF EAGER (EArly-concept Grants for Exploratory Research) grant to pursue a research collaboration with Dr. Jessica Vitak (University of Maryland) and Drs. Jason Pridmore and Daniel Trottier (Erasmus University) on “Mapping Privacy and Surveillance Dynamics in Emerging Mobile Ecosystems: Practices and Contexts in the Netherlands and US“. Each of the institutions has won a separate research award for the collaboration.
From the award abstract:
The increasing ubiquity of mobile technologies creates unique privacy and surveillance challenges for users. These problems are global, but the way users, organizations, and governments approach these challenges varies based on cultural norms around privacy. This cross-cultural project evaluates how mobile users in the U.S. and the Netherlands think about and make decisions about their privacy when using mobile apps. The project’s primary goal is to inform both ways of thinking about privacy in the digital age and practical implementations that pertain to the digital self, with an emphasis on tensions between privacy, disclosure, mobility and surveillance. Furthermore, this study highlights privacy practices across different legal and cultural frameworks, providing important implications for broad-based policy decisions.
In collaboration with researchers at Erasmus University in the Netherlands, this project has three phases. Phase 1 develops a preliminary understanding of privacy awareness and practices across three emerging mobile ecosystems: health and fitness tracking (e.g., Fitbit), mobile messaging apps (e.g., Whatsapp), and intelligent digital personal assistants (e.g., Siri). Building on these findings, Phase 2 involves cross-cultural data collection and analysis using “privacy vignettes,” which allows for identification and comparison of individuals’ privacy norms across contexts and cultures. Phase 3 focuses on dissemination of findings to key stakeholders and policymakers, and building an international working group of researchers active in this space. The focus on unpacking how privacy is conceptualized and implemented across two countries with very different cultural conceptions of privacy expands our understanding of the contextual nature of mobile privacy—enabling an extension of Helen Nissenbaum’s work on privacy as contextual integrity—while also providing practical implications for researchers and designers employing a Privacy by Design framework.
This collaborative research grant was awarded from a joint call for proposals by the U.S. National Science Foundation (NSF) and the Netherlands Organisation for Scientific Research (NWO), seeking collaborations between US- and Netherlands-based researchers on research topics that fit the privacy research goals of NSF’s Secure and Trustworthy Cyberspace (SaTC) program. Only 5 awards were jointly made by both NSF and NWO.
Assisting Zimmer during this 2-year project will be Katie Chamberlain Kritikos, a SOIS PhD student, and a research assistant at the Center for Information Policy Research.
Please join us for a CIPR Research Lunch on Sept 7, 2016, featuring Dr. Peter Lor
Libraries Promoting Peace: Cherished Illusion or Opportunity for Action?
Dr. Peter Lor
Adjunct Professor, School of Information Studies, UW-Milwaukee
Wednesday, September 7, 2016
12:00 – 1:30pm
2025 E Newport Ave
Milwaukee, WI 53211
Please bring your own lunch.
Refreshments and dessert will be provided by SOIS
It has long been assumed that libraries contribute to promoting peace. In the late 1940s the then newly established UNESCO made a big investment in developing public libraries worldwide on the basis of this assumption, which has a long history and still resonates with librarians today. After all, we provide information about “other” nations, communities, groups, beliefs, and orientations. Information is assumed to contribute to knowledge, understanding, tolerance, and peace. This is a long string of causal assumptions. It should be challenged.
In this presentation Peter Lor briefly examines the assumptions and what is meant by “promoting peace” before outlining a set of seven roles for librarians: informing, creating resources, promoting, educating, empowering, healing and advocating, with some illustrative examples of current library activities in various parts of the world.
About Peter Lor:
Dr. Peter Lor is former National Librarian of South Africa and later Secretary General of IFLA, the International Federation of Library Associations and Institutions. During 2009-2011 he was a visiting professor at SOIS. Dr. Lor is currently an Extraordinary Professor at the University of South Africa, and also teaches INFOST 891, International and Comparative Librarianship, as an adjunct professor for SOIS.
CIPR is pleased to welcome Dr. Katharina Kinder-Kurlanda, from the GESIS – Leibniz-Institute for the Social Sciences in Cologne, as a visiting scholar during July 2016.
Dr. Kinder-Kurlanda has been a postdoc researcher and head of the Secure Data Center at GESIS since 2012. Since 2016 she leads the newly formed team ‘Data Linking & Data Security’. Katharina received her Magistra Artium in cultural anthropology, computer science and history from Johann Wolfgang Goethe – University Frankfurt am Main in 2004 with a thesis on “Playing and programming computer games: Spiel als kulturelle Praxis”. From 2005 she had a PhD studentship in the EPSRC-funded interdisciplinary research and development project NEMO (Networked Embedded Models of Physical Work Activity) at Lancaster University in the UK, where she completed her PhD in 2009 with a thesis on ubiquitous computing. She then worked as a Postdoc Research Associate in the Department of Management Science at Lancaster University Management School, researching the Internet of Things within organizational contexts. Katharina currently teaches a course on Social Science Methodology in Web Science Research at the Institute for Web Science and Technologies at Koblenz University where she is an adjunct lecturer.
While visiting CIPR, Dr. Kinder-Kurlanda will be collaborating with CIPR Director Dr. Michael Zimmer on their edited book, “Internet Research Ethics for the Social Age: New Cases and Challenges”, and related research projects focused on the ethics of big data research.
CIPR Director Michael Zimmer was an invited participant in a major public symposium on July 7, 2016, to address the near-term impacts of artificial intelligence technologies across social and economic systems. Hosted by The White House’s Office of Science and Technology Policy and New York University’s Information Law Institute, AI Now: The Social and Economic Implications of Artificial Intelligence Technologies in the Near-Term focused on the challenges of the next five to 10 years, specifically addressing four themes: how AI will impact social inequality, labor, healthcare, and ethics. Leaders from industry, academia, and civil society shared ideas for technical design, research, and policy directions. The event sought to amplify the voices of those with significant insight and experience across the four areas, with the goal of building new bridges across different communities. Collectively, the group considered the potential benefits and challenges of AI technologies, and analyzed how to ensure AI is built for equality of opportunity.