In a political climate where privacy doesn’t matter enough to our government—but where millions of people fall victim to scams like the recent Google Docs phishing attack—where might we look to learn how to defend digital rights? Chances are, the library—that quaint bastion of books—isn’t at the top of your list. But when it comes to investigating how to update existing institutions for the digital age, the library provides a glimmer of hope—and deserves a close read.
Unlike many civic institutions, Americans love libraries. They trust in them deeply: It’s the place where people go to ask for help in order find information about personal matters like sexual health, bankruptcy, citizenship requirements, or unemployment insurance. And it’s also the place where people feel safe when posing such potentially revealing questions to an absolute stranger—the librarian sitting at the help desk.
Increasingly, though, the library is the place where people trust—and use—not just the librarian at the help desk, but also the search engine, online catalogs, digital archives, and electronic databases. So when patrons come into the library to find out about a sexually transmitted disease, for example, they will likely find themselves interacting with the online library—a messy mixture of library-specific digital tools and broader Internet resources that create all sorts of privacy risks for patrons.
Here’s how the library encounters privacy risks.
Increasingly, the library contracts with a number of third parties to run various services, for example, OverDrive for e-book services, Bibliocommons for interactive catalogs, and ProQuest for electronic and magazine databases. Companies like these have the power to set their terms of service. That includes protecting the details of what patrons do when they use such tools or not. Not too long ago, library professionals caught Adobe Digital Editions transmitting patrons’ e-reading information in an unencrypted manner. Designed to seamlessly integrate with a library’s website, most services don’t make it obvious to a patron that a private company makes choices about her user data.
Management of computers and internet access at the library is tricky, too. Most Americans agree that libraries provide a vital service in offering free public computer and internet access. To keep patrons coming back, it needs to guarantee optimal performance of its network. And like every good IT manager knows, collecting web traffic data on the library network facilitates quality of service. But unfortunately, these records can be exploited. With the right digital forensic tools, someone with access to web traffic and computer reservation logs can unmask a patron’s web preferences and target them.
As well, if the library receives certain kinds of federal support for the provision of internet access, the library might implement filtering software to prevent young patrons from accessing harmful content. Such tools require tracking what devices on the library network do, much to the chagrin of privacy advocates. Meanwhile, unsecured library websites (http versus https) leak data about patrons and their web behavior to entities like analytics companies.
On top of all this, a whole host of typical consumer privacy threats awaits the patron as she logs on to the library network and uses the internet. For example, like most people, she might use and stay logged into Gmail, Outlook, or Facebook while surfing the Web. This kind of behavior facilitates better tracking of users, such as when patrons visit sites with widgets owned and operated by those services’ respective companies, like a “Like” button. Patrons—and the library, more generally—face menaces related to virus attacks, which make it easy for cyberthieves to steal user data. Recently, the public library system in St. Louis shut down for a system-wide wipe after cybercriminals held its network hostage with ransomware. Though the library said no theft of patron data occurred, a security researcher reported vulnerabilities in the institution’s information practices.
If this sounds complicated and scary, that’s because it is. But confronted with this matrix of vulnerabilities, the library—with its longstanding commitment to patron privacy—also offers an impressive plan of action.
Some of the most comprehensive efforts come from large public library systems. In New York City, the Brooklyn Public Library leads the Data Privacy Project—a project I’ve been involved with—which teaches library professionals about data flow to and through the library, privacy risks, and potential solutions. Between 2015 and 2016, nearly 250 library professionals from the Brooklyn Public Library steeped themselves in 6 hours of intensive learning on foundational privacy knowledge and hands-on, privacy-protecting skills. A small corps of participants volunteered to become trainers and co-facilitate workshops for library professionals from all walks, held at METRO, the New York Public Library, and the Queens Library. Altogether, approximately 450 library professionals from across the New York metropolitan area have taken part in the training.
BPL also routinely offers public lectures on topics of commercial and government surveillance, as well as workshops on advanced privacy and security practices. Its computer and internet classes, which predominantly serve members of historically marginalized groups, have begun to introduce privacy skills into their core digital literacy offerings. Some of these are taught by staff who served as volunteer trainers on the Data Privacy Project. The project has served as inspiration to New York City to expand privacy training and operate each of the 200-plus branches across the Brooklyn, Queens, and New York public library systems with at least one privacy-literate staff member.
Outside of education for staff and patrons, and as part of its strategic planning process, BPL recently engaged in a top-to-bottom review of its digital assets and has since been formulating ways to keep its commitment to patron privacy, while offering new and innovating services. It has an internal FAQ (which inspired this publicly available FAQ) that details patron privacy questions both sourced and answered by staff. It has an explicit statement that explains privacy practices for BPL and non-BPL services. Living up to the Library Privacy Pledge, the library’s new website is secure by default.
This isn’t to say that there isn’t more room to grow for libraries like BPL, or that conflicts aren’t on the horizon. For example, it seems only a matter of time until library confidentiality rules clash with ISPs’ new ability to use or sell broadband usage data. New York State law dictates that library records, digital or otherwise, must be kept confidential. Disclosure can happen only for the “proper operation” of the library, upon request or consent of the user, or with a “subpoena, court order or where otherwise required by statute.” At the very least, libraries could negotiate with ISPs to prevent user tracking or data resale.
Even so, as civil society worries about the threat of targeted surveillance and weighs options to provide a digital sanctuary to vulnerable populations, the library provides a critical blueprint. It has its work cut out for it, but it’s a convincing example of what other institutions might follow.