May 13, 2015

Your Child and Scary Books: Perspectives for Parents

By Rhona Campbell

A photograph showing a mushroom cloud rising over a destroyed city. A poem that mentions Emmett Till. An illustration of a naked boy touching his penis. A character conceived in incest.  A monkey-like caricature of an ethnic stereotype. Osama bin Laden. The “n”-word.

If you are a parent, you have probably encountered the situation in which your children have read, or seen, something that is difficult for you to talk about with them. Maybe they’re not mature enough to understand the context, or that a piece is intended as satire. Maybe it is such a scary thing that you are sure they will have nightmares. Maybe the implicit bias of an author is subtly preaching prejudices you find abhorrent.

As a school librarian and former public children’s services librarian, a reviewer of children’s literature, an avid reader of parenting advice, and a parent of two, I have encountered this situation more times than I can count. Here are some suggestions:

1)      Keep calm. When you make a big deal out of something, your child is confirmed in his/her notions that this thing is a big deal. If you calmly say, “hey, I heard that there are some scary things that happen in this book. Did you know that when you checked it out?” your child is much more likely to be open with you. The converse: “This is disgusting! I forbid you to read this!” Guess what usually happens when that is the reaction?

2)      Think about it from your child’s point of view. What your child gets out of a book may not be the same thing you do. I once had a fourth grader who read the entire Harry Potter series, and loved to talk at length about the spells, characters, and foods at Hogwarts. But when I asked her how she felt about a character’s death in the 4th book, she looked blankly at me and said, “he died?”

Some will say that if a child is not comprehending everything in a text, he/she is “reading too high,” and that the book is therefore “too difficult.” Pause for a minute before going down this path, and remember that there are many more reasons to read than merely comprehension. A child who is reading is improving vocabulary, fluency, metacognition, cultural awareness, reasoning, questioning, and conceptual abilities. He/she is developing a sense of self-efficacy, imagination, wonder, identity, and often opening doors to social inclusion.

The difference between your understanding and your child’s is especially relevant when it comes to images. Today’s non-fiction is chock-full of imagery. Younger children often love to look at pictures and diagrams in books written for an older audience, such as pictures of guns, comic-book-style human bodies, and scary monsters. Rarely will they read even the captions, much less the text.

3)      Consider why your child is attracted to that book/topic. Be careful about assuming your child is genuinely curious and really wants to engage with the book/topic. Kids often feel pressure by peers, older siblings, or even teachers to try reading more mature books because others are. Or, alternately, they’ve been told that something is “inappropriate” for them, and they yearn to prove themselves. Perhaps they simply like the cover image.

Do any of these things mean your child really wants to engage with that book or topic? Or is it enough for him/her to walk around with that book, feeling mature? To flip through it, and say they read it? To read it lightly, enough to be able to casually throw out a character’s name amidst a group of peers? To be one of the kids who crosses their fingers when a Wimpy Kid-reading friend’s mom declares “no cheese touch!” at a sleepover?

4)      Is this is a learning opportunity… or not? This will, of course, depend on your child, your family values, the topic, the book in question, the way in

Photo by Peter Merholz

Photo by Peter Merholz

which the information was encountered, and how completely your child has comprehended what he/she read or saw.

Gauge your child. Ask probing questions to assess understanding and attitudes about the topic. Be sure to listen to his/her answers. This will help you determine what he/she is ready to learn, and how much of your own lens to impart.

This can be especially tough when it comes to encountering cultural biases in books. Your five-year-old will not immediately understand that Pippi Longstocking’s South Sea Islanders are portrayed stereotypically as a childlike culture in need of European paternalism. Do you gloss over it, or go ahead and explain this as well you think he/she can understand? In these types of cases, I recommend going for it; only by constantly facing prejudice in our world can we ever hope to eradicate it.

But also remember that learning is cumulative: this encounter may be his/her first with the topic in question, but it will not be the last. You will have time later to come back and build upon his/her current level of understanding. Sometimes a child who doesn’t fully comprehend why his/her parent became upset over a book will nonetheless internalize enough so that the next time he/she encounters something similar, he/she will remember that something there just isn’t quite right.

5)      Give your child the option of an “out” without losing face. The very definition of seeking information is that the seeker is in a position of not fully knowing something. Sometimes, finding the answer means finding something you don’t want to know. Your child should know that it is always OK to stop reading a book, just as you would allow him/her to turn off a computer game, or encourage him/her to tell a babysitter that ghost stories are too scary at bedtime.

As a parent, there’s nothing wrong with simply asking, “Do you really want to learn about this now? Could we come back to this later?” Often a child will be glad to have that option spelled out for him/her. The book wasn’t what he/she thought it would be, anyway.

6)      Children’s attention spans are a lot shorter than ours, and they are resilient. There’s no doubt, it is hard to guide children into this big, scary world. It is not possible to be in complete control of when and where your child will encounter something you think they won’t understand, or that you yourself fear. Although there are ratings on movies and recommended ages on books, those are merely guidelines. Each child is different, each book is different, each person’s experience of life is different.

At the time your child encounters something difficult, you may wish it had been censored from them. It might be a painful learning experience. It might test your ability to parent in the way you wish. At these times, it might help to remember that for your child, this is just one experience within the context of all the other things they are learning at the time. For you it may be traumatic, but for a child, something that happened yesterday is old news… unless, of course, the experience is discussed and repeated, or made especially memorable (see item 1 above).

In conclusion, consider the “worst case scenario.” Your child really wants to read something he/she fully comprehends and which is a) something they know you disagree with, b) something antithetical to your ideas of what he/she should be learning, and/or c) total trash. And he/she rebuffs your involvement in the reading process. Perhaps this is a good time to ask yourself if you believe in the principles of Intellectual Freedom. Do you believe in free speech? Do you have faith that ultimately, “the right to receive ideas is a necessary predicate to the recipient’s meaningful exercise of his own rights of speech, press, and political freedom,” as stated in the Supreme Court’s decision in Board of Education vs. Pico in 1982? Is it at all possible that your child is, actually, ready to make this decision for him/herself?

As adults, our job is to teach our children how to live in our world. Books are a window – and a mirror – to that world, in all its many facets. Encountering horrible things in books is much safer than encountering them in real life. If you think of books this way, it is likely that your child will embrace their learning potential as well.

Rhona Campbell is a Lower Middle School Librarian at Georgetown Day School in the District of Colombia. She has been a youth librarian for 15 years and is a regular contributor to School Library Journal. She is on Twitter at @rcampbellmls

May 7, 2015

Choose Privacy Week 2015: Creating a Digital Privacy Literacy Game to Create Safe and Secure Online Personas

by Erin Berman and Jon Worona

Ready player one? Click “Start” to begin your quest. You will venture deep into the realm of online privacy where you’ll have to navigate through an ever shifting landscape, into pools of murky policies, and across tangled webs of surveillance networks. As you begin your journey you are filled with trepidation, anxiety, and fear. You think, “How can anyone live in peace and harmony here?” So much is unknown that it is hard to know whom to trust and where to start.

Moving cautiously on the path in front of you a box drops down from the sky. Carefully, you jump and hit it to unveil its contents. Words tumble down revealing information about social media and online sharing. Digesting the information makes you feel stronger and more confident. You run forward, filled with a new zeal, and leap up to open the next box. This time a question appears. It asks you about your online needs, wants, and desires. It asks how you want to share your information on social media sites and how you want to operate in this connected world.

After careful consideration, you select an answer and a bright pulsating icon activates above you. You click on it and a bag of holding opens and out tumbles several action items. The bag is packed with resources to help you create the online identity you most desire. Each item is tailored based on your needs; the more of the world you traverse, the more questions you answer, the bigger the bag becomes. Closing the bag, you continue on this privacy adventure, leveling up and becoming a privacy expert, armed with the confidence to live in this digital universe.

With such a tumultuous online environment, San Jose Public Library (SJPL) began exploring ways to empower its users; giving them the courage to use the Internet without fear. As we began our research we discovered that people have different definitions of privacy and a wide range of needs and desires for their online personas. A small business may want to share openly and widely, while another user may want to try and remain as anonymous as possible. There is no “one size fits all” privacy path. Armed with the appropriate tools, everyone can become privacy literate and share with confidence.

In order to give people access to these tools, SJPL sought to prototype a solution and secured a grant from the Knight News Foundation for this work. Since privacy can be an intimidating topic we looked for ways to present the information to people in a non-threatening, fun, and engaging way. Our brainstorming lead us to the “platform game,” similar in style to the classic Mario games. To ensure we provide the best possible content and resources, we partnered with a team from the International Computer Science Institute in Berkeley. They have been working on the Teaching Privacy project which “aims to empower K-12 students and college undergrads in making informed choices about privacy.” We also wanted to create an amazing gaming experience and are collaborating with students from San Jose State University’s Game Development Club to create a stellar platform educational game.

Everyone deserves to live a full and rich life online. While there are many things beyond our control, we do have the ability to share and connect safely and smartly. The only way to do this is to become educated and learn best practices which are suited to each of us individually. SJPL hopes that our game will provide an outlet for people to learn about online privacy, to become empowered, and continue a discussion about privacy with their family, friends, and coworkers. Ready player one? Click “Start” to begin your quest.


Erin Berman is the Community Programs Administrator for Technology and Innovation at San Jose Public Library and Jon Worona is the Division Manager for Technology and Innovation at San Jose Public Library. Their proposal to create an online privacy literacy prototype for San Jose Public Library users won a Knight News Challenge for Libraries grant.

May 6, 2015

Wanted: Bloggers

Bloggers Wanted

Blog Sample Required to be Considered

The Office for Intellectual Freedom (OIF), of the American Library Association (ALA), is seeking bloggers! The OIF Blog is undergoing a few updates and we are taking this opportunity to increase the quality, quantity, and variety of the content we share. We are composing a volunteer group that will consist of several members that alternate responsibility for creating blog content. Responsibilities include:

* Each person will submit original content for one week every other month for a total of 6 weeks a year.

* Guest bloggers can be recruited for your assigned week.

* Minimum of 3-5 posts during your assigned week but there is no maximum. The sky’s the limit.

* Each post will be vetted by OIF staff.

* The editorial board will be composed of ALA members but guest bloggers can be recruited from other relevant connections.

* We’d like to be creative with the variety of post ideas. Priority is given to TIMELY CURRENT RELEVANT news. Our goal is to inform in an engaging yet amusing way. Think “shareable”.

* We’ll compose a one-year schedule. Weeks can be traded by individuals. Posts can be written and submitted in advance. We’re asking for a one-year commitment.

Ideas: interviews, infographics, historical essays, book reviews, celebration weeks, international reach, anniversaries, programming ideas, tips, policies, frontline experiences, , skill development, question and answers, technology, state chapters, community engagement, trends, best practices, etc.

We are striving for volunteers from a wide variety of backgrounds and professions.

Interested parties should email an original sample blog post to be considered. Please include your name, contact information, and brief bio. Send emails to Nanette at by May 31, 2015.

We’ll be in touch around the middle of June. 

May 6, 2015

Choose Privacy Week 2015: Toward A Set of Best Practices to Protect Patron Privacy in Library 2.0

by Michael Zimmer

In today’s information ecosystem, libraries increasingly incorporate interactive, collaborative, and user-centered features of the so-called “Web 2.0” world into traditional library services, thereby creating “Library 2.0”. Examples include: providing patrons the ability to evaluate and comment on particular items in a library’s collection through discussion forums or comment threads; creating dynamic and personalized recommendation systems (“other patrons who checked out this book also borrowed these items”); using blogs, wikis, and related user-centered platforms to encourage communication and interaction among/between library staff and patrons; and interfacing various library collections and services with relevant Web 2.0 platforms, such as Wikipedia, GoodReads, and even Facebook.

Along with these user-centered technological enhancements, many libraries also commonly face challenges on how to provide the most powerful and efficient library management systems to help inform data-driven decision-making. Thus, libraries are increasingly turning to rapidly evolving cloud computing solutions to satisfy their technological needs in order to best serve patrons, while taking advantage of new opportunities for cost savings, flexibility, and enhanced data management. These cloud services are typically provided by third parties who have built robust solutions to help libraries deliver resources, services, and expertise efficiently, and encourage patrons to participate in a network that empowers them to socialize and leverage the power of the community of users. Examples of cloud computing platforms for libraries include OCLC WorldShareEx Libris Alma, and BiblioCommons.

The transition to cloud computing in libraries, however, has the potential to disrupt longstanding ethical norms within librarianship dedicated to protecting patron privacy. Traditionally, the context of the library brings with it specific norms of information flow regarding patron activity, including a professional commitment to patron privacy. In the library, users’ intellectual activities are protected by decades of established norms and practices intended to preserve patron privacy and confidentiality, most stemming from the ALA’s Library Bill of Rights and related interpretations. As a matter of professional ethics, most libraries protect patron privacy by engaging in limited tracking of user activities, having short-term data retention policies (many libraries actually delete the record that a patron ever borrowed a book once it is returned), and generally enable the anonymous browsing of materials (you can walk into a public library, read all day, and walk out, and there is no systematic method of tracking who you are or what you’ve read). These are the existing privacy norms within the library context.

The move towards cloud computing platforms threatens to disrupt these norms. Much of cloud computing is based upon—indeed, built upon—encouraging increased information flows and the tracking, capturing, and aggregating of data about users’ activities. The prevalence of open flows of personal information on and across cloud and Web 2.0 platforms have prompted general concerns over the impact on user privacy. In order to take full advantage of Web 2.0 and cloud-based platforms and technologies to deliver services, libraries will inevitably need to capture and retain personal information from their patrons.

Writing nearly 20 years ago, before Library 2.0 could have been contemplated, Leigh Estabrook argued that retaining patron data could help libraries improve their services: “in the name of one good—keeping patron records confidential—we are sacrificing another: targeted and tailored services to library users.” More recently, Peter Brantley has argued, perhaps provocatively, that: “In today’s digital world, libraries cannot guarantee the absolute privacy of our users. But, more importantly, for our own purposes, we shouldn’t want to.”


Media and cultural critic Neil Postman warned, “Technology giveth and technology taketh away,” and I suspect he would view the emergence of Library 2.0 and related cloud-based library represent a modern-day Faustian bargain: these powerful Web 2.0-based tools hold the promise to enhance traditional library services with innovative and personalized features, while at the same time, they pose a potential threat to the library’s traditional protection of patron privacy. Thus, it appears that libraries are at a crossroads on how to best leverage Web technology to enhance their services and whether to loosen restrictions on collecting and retaining patron data to enhance these services.

Anecdotally, many librarians appear divided on how to address this tension between preserving traditional librarian ethics and offering Library 2.0 services. My own discussions with librarians and staff at a major U.S. library system on the development of Library 2.0 platforms revealed considerable disagreement on whether collecting and using patron data was an acceptable tactic in order to provide enhanced patron services, and participants at a recent symposium on Library 2.0 shared unease on how to balance the two sides of this dilemma (for example, view the presentations at the 2009 Library 2.0 Symposium hosted by the Yale Information Society project here and here). For some, like the developers of the prototype LibraryCloud, a multi-library data service that aggregates and delivers library metadata from various partner institutions, the potential of Library 2.0 should lead libraries to make use of all available and permitted data in order to help further the interests of their users, as argued by David Weinberger: “They will do this because it advances the values core to the mission of libraries, and thus advances the value of libraries.”

While pursuing Library 2.0 might provide a path to advancing many of the core values of the mission of libraries, such as access to information, other core values, such as privacy, necessarily become imperiled. No clear and simple resolution to this ethical dilemma has been forthcoming, and professional guidance has been minimal. My analysis of over 630 professional trade press articles discussing Library 2.0 and related services revealed privacy was only discussed substantively in 47 (7.5%) articles, and of those, fewer than 10 (1.6%) had in depth discussion or suggested possible solutions to mitigating the inherent concern. Thus, we are left with little guidance on how to address the new ethical and policy challenges that arise with the emergence of Library 2.0.


Where does this leave us? As an information policy and ethics scholar, my first reaction is to point to the need for a comprehensive assessment of the motivations, design, deployment, and impact of Web 2.0-based tools and technologies within library settings. At the Center for Information Research at the University of Wisconsin-Milwaukee, we have started just such a project. Earlier this year we launched a pilot research study to help us understand how libraries are implementing third-party cloud computing services, how these implementations might impact patron privacy, and how libraries are responding to these concerns. The results of the research will include a summary report of findings, and the development of a set of best practices to guide future implementations of cloud computing in public library settings, with the goal of finding a suitable balance between the need to provide cost-effective technology-based services while also protecting patron privacy.

But more than just scholarly research, we need a more pragmatic approach. For those familiar with my broader research agenda, you’ll know that I’m very dedicated to an approach called Values-in-Design, a pragmatic intervention within design communities and environments to ensure particular ethical values – such as privacy, autonomy, justice, and freedom – are considered in the initial design of new media and information technologies, rather than retrofitted after deployment. With a Values-in-Design approach, ethical values like privacy are translated and considered in relation to various technical variables and choices, through a combined exploration between technical designers, practitioners, and ethicists. Engaging directly with developers and managers of Library 2.0 systems can provide greater clarity of how the ethical value of privacy is conceptualized and operationalized within these systems and their use.

This is why I’m extremely happy to be a collaborator on a project managed by the National Information Standards Organization (NISO), a non-profit standards organization that develops, maintains and publishes technical standards related to publishing, bibliographic and library applications, to develop a Consensus Framework to Support Patron Privacy in Digital Library and Information Systems. The project, funded by the Andrew W. Mellon Foundation, supports a series of community discussions with advocates, practitioners, and technologists, on how libraries, publishers, and information systems providers can build better privacy protection into their operations. The grant will also support creation of a draft framework to support patron privacy and subsequent publicity of the draft prior to its advancement for approval as a NISO Recommended Practice.

Through these activities — combining scholarly research with pragmatic collaborations among practitioners and designers — we can work towards creating best practices for protecting patron privacy in the Library 2.0 era. Together, we can provide greater understanding of any gaps in how issues of patron privacy are understood and addressed within the broader implementation of cloud computing within libraries. The results of these types of projects will be applicable to the entire library and information professional community, providing conceptual clarity to issues of patron privacy in the Web 2.0 era, while promoting the innovative use of technology to facilitate discovery of knowledge.


Michael Zimmer, PhD, is a privacy and Internet ethics scholar. He is an Associate Professor in the School of Information Studies at the University of Wisconsin-Milwaukee, where he also serves as Director of the Center for Information Policy Research. With a background in new media and Internet studies, the philosophy of technology, and information policy & ethics, Zimmer’s research focuses on the ethical dimensions of new media and information technologies, with particular interest in online privacy, social media & Web 2.0, Library 2.0, and internet research ethics.

May 5, 2015

Choose Privacy Week Brief: Tell Congress to Support Real Privacy and Surveillance Law Reform

The time is long past for Section 215 to be meaningfully reformed to restore the civil liberties massively and unjustifiably compromised by the USA PATRIOT Act.

~~ALA President Courtney Young

 Very nearly from the day the USA PATRIOT Act was signed into law in 2001, librarians raised concerns about the scope of surveillance authorized under the provisions of the USA PATRIOT Act.  In particular, librarians protested the low or non-existent legal thresholds for obtaining Section 215 court orders and the lack of judicial review for secret subpoenas that provided federal agents with the authority to obtain records and information about individuals’ most sensitive First Amendment activities, seeing an enormous potential for abuse in such broad authority to peer into individuals’ lives.  The 2013 revelation that the PATRIOT  Act and similar laws were used to justify mass surveillance of innocent U.S. citizens’ digital communications confirmed librarians’ fears about the law.

As a result, the American Library Association continues to support legislation that amends or repeals those portions of the USA PATRIOT Act that pose a threat to library users’ civil liberties and right to privacy.

This week, May 4 – 8, 2015,  the ALA Washington Office is calling on librarians, library trustees, library patrons, and library supporters to participate in Virtual Library Legislative Day during the week of May 4 by calling and/or emailing their elected officials on May 5, or any time the week of May 4-8.

Currently, the ALA is urging passage of the USA FREEDOM Act of 2015, which bans the “bulk collection” of Americans’ personal communications records under the pen register statutes and National Security Letters; brings the “gag order” provisions of the USA PATRIOT Act into compliance with the First Amendment; and makes important “first step” reforms to privacy-hostile provisions, including Section 702, of the FISA Amendments Act.

ALA also urges passage of  the Electronic Communications Privacy Act (ECPA) Amendments Act (S. 356) and Email Privacy Act (H.R. 699) which  would bring about real reform to the ECPA (last revised in the 1986, long before the internet and digital communications were a reality.)   The reforms would  require government authorities to get a warrant to compel access to the emails, documents, photos, texts, and other files that comprise Americans’ “digital lives,” whether on the network or stored for an indefinite period of time.  (H.R. 699 already has been cosponsored by a bipartisan super-majority of all Members of the House,  as it was in the 113th Congress).   Full information can be found in the ALA Washington Office’s privacy and surveillance issue brief (.doc download);  you can communicate with your Congressional representatives via this link.

ALA actively works with coalitions like Fight 215! and Digital Due Process to end mass suspicionless surveillance and oppose legislation that: effectively creates new, or expands existing, government surveillance authorities.

May 5, 2015

Choose Privacy Week 2015: What You Should Know About “Anonymous” Aggregate Data About You

By Gretchen McCord
Crossposted from Choose Privacy Week.)

Today more than ever, we appreciate that raw data has great financial value. The owners of websites, social media tools, and cell phone applications make billions of dollars annually on “targeted,” or “behavioral,” advertising. They attempt to ensure us that although they collect, share, and use data about us in countless ways, our privacy is safe, because they only use “anonymous” aggregate data. But it turns out that it may not even be possible for aggregate data to be anonymous, no matter hard one tries to make it so.

Underlying the belief that such privacy protection is possible is the assumption that if we “de-identify,” or “anonymize,” data, it is impossible to identify an individual person from that data. A set of data is “anonymized” when it is stripped of “personally identifiable/identifying information,” or “PII.” Obvious examples of PII include name, social security number, and driver’s license number. Although the concept of PII forms the basis for much privacy law and regulation, it turns out that determining which data are capable of identifying an individual, and thus constitute PII that should be subject to regulation, is not a simple task.

And that’s a pretty serious problem in a world in which leaving a trail of digital footprints has become as natural as exhaling a trail of carbon dioxide. In my book What You Need to Know About Privacy Law: A Guide for Librarians and Educators, I ask the question “When is ‘anonymous’ not really anonymous?” In the context of data collection, this is kind of a trick question, because the answer is a resounding “Always!”

Keep reading →

May 5, 2015

Choose Privacy Week Brief: Let’s Encrypt / HTTPS Everywhere

IT specialists like Marshall Breeding and privacy advocates like Alison Macrina of the Library Freedom Project are urging libraries and vendors to encrypt their websites and online automation and discovery systems to better protect patron privacy. Encrypting websites and networked communications requires the installation of Transport Layer Security (TLS) / Secure Sockets Layer (SSL) identity certificates and then use of the HTTPS protocol by default.

Let’s Encrypt, a new initiative, will make enabling HTTPS on library websites much easier by providing server certificates and the software required to make websites secure at no charge. Let’s Encrypt is an initiative founded by Mozilla and the Electronic Frontier Foundation, and operated by the Internet Security Research Group (ISRG).  It is sponsored by Mozilla, the Electronic Frontier Foundation, Akamai, Cisco, IdenTrust, and Automattic. Let’s Encrypt is scheduled to go live in the near future; full information about the initiative can be found on their website.

Another tool available to libraries whose websites and online catalogs already support HTTPS is HTTPS Everywhere, a browser extension developed by the Electronic Frontier Foundation that encrypts online communications with websites by making them default to secure HTTPS protocols.  The HTTPS Everywhere site offers guidance on using the tool to enhance the privacy and security of web communications.

May 4, 2015

Choose Privacy Week 2015: Patron Privacy in Online Catalogs and Discovery Services

By Marshall Breeding
Crossposted from Choose Privacy Week

Concern for keeping records related to the details and borrowing activity of patrons has been a longstanding priority for libraries. We expect integrated library systems and related applications to include features to handle any data that specifically identifies a patron securely. As with any computer application, security features should be in place to prevent unauthorized intrusion. Beyond industry-standard security practices, libraries have an additional set of requirements related to protecting the identity and privacy of their patrons, especially related to any materials or electronic content borrowed or consulted.

Many libraries require the ability to remove links or data related to items charged out to a patron out of concern for privacy. Should a library receive an order from law enforcement or should an intrusion attempt succeed, only a minimal amount of data related to reading history would be available. This approach of anonymizing circulation transactions addresses privacy concerns, retains statistical data needed for creating reports describing collection use, but also limits the capability to use previous search and borrowing history to deliver personalized services to community members. Online catalog or discovery services might enable borrowers to set a preference to preserve their borrowing or search history, but few may be aware of the option or its implications. In the context where commercial entities aggressively collect personal data, individuals may both have concerns about the invasion of their privacy, but also appreciate personalized services.

Scrubbing circulation transaction histories, however, only scratches the surface of the larger set of vulnerabilities that library systems must address to effectively manage patron privacy. A variety of other security features must be employed related to the storage and transmission of patron details and activity.

In support of circulation, integrated library systems manage records for each library patron, including a variety of personal details. Although these records may not include credit card numbers, they do contain information of considerable interest to identity thieves. When stored as clear text, any intruder to the system gains easy access to these sensitive details. Encryption technologies provide an additional layer of protection that keeps data secure even when an unauthorized entity gains physical access. Computer applications regularly use encryption to protect the files that contain usernames and passwords, credit card data, or other categories of sensitive data. While most library systems follow industry practices to encrypt login credentials, encrypting the patron files themselves is not a common practice.

Beyond the internal storage of data files, how systems transmit patron sessions over the web represents one of the most troubling vulnerabilities for privacy. In today’s environment, it should be assumed that any text sent over the web as clear text can be intercepted and used by any unknown third party. The session of a patron searching and viewing items through a library’s catalog or discovery service includes potentially sensitive data regarding content consumption, including any queries typed by the user, items displayed in response to that query, and those selected, viewed or downloaded. If logged in, any text displayed form their account profile, including items currently charged, fines owed, or personal details would likewise be exposed. Other clues can tie session data to a particular individual, including their IP address, geolocation data, serial numbers from their devices, or data gleaned from e-mail or other applications that might transmit personal details.

As with the internal storage of sensitive of files, encryption provides a high level of security to text transmitted via the Internet. It is universally expected that Web pages involving credit card payments and user-logins be delivered securely. By now, we all know to check for the padlock on our Web browsers before entering a credit card number on any Web site.

Use of encryption for patron session in library catalog or discovery services can be employed to vastly improve the privacy of patrons. In current practice, many library systems use selective encryption, primarily for log-in sequences and for the display of patron profiles. Encryption of the entire session to protect queries, results, and selections has not been widely deployed.

In the past, encryption of Web pages required considerable hardware and software resources, and was activated only for sensitive transactions. Now encryption consumes only a small increment of resources. Major destinations including Facebook, Google, Twitter employ encryption comprehensively, as would e-banking and any other site involving financial, proprietary, or financial data.  Libraries can close a major vulnerability in patron privacy through the use of comprehensive encryption for their entire Web presence, especially their online catalogs or discovery services. Making this change requires only a moderate level of technical difficulty and involves obtaining digital certificates and changing Web server configuration. In many cases, the library may need to work with the vendor that provides the product to make these changes. Encrypting patron sessions addresses a significant vulnerability, but shouldn’t be considered the only area of concern. Libraries and their system vendors need to diligently analyze and assess all aspect of their systems and services to discover and close any other cracks from which patron details may leak.

See the January 2015 issue of Smart Libraries Newsletter published by ALA TechSource for more detailed discussion and results of a brief vendor survey on how the major online catalogs and discovery services handle security and patron privacy.

Marshall Breeding is an independent consultant focusing on the strategic use of technology in libraries and related organizations.  He is the creator of Library Technology Guides and is the editor of Smart Libraries Newsletter published by ALA TechSource.   He also writes the Library Systems Report published by American Libraries and a monthly column for Computers in Libraries magazine, and has authored or edited seven books and hundreds of articles and essays. Breeding was the 2010 recipient of the LITA LITA/Library Hi Tech Award for Outstanding Communication for Continuing Education in Library and Information Science.

May 3, 2015

Choose Privacy Week 2015: Strong Passphrases for Privacy and Security

By Alison Macrina
Crossposted from Choose Privacy Week

I’m sorry to be the one to tell you this, but your password sucks. I know you use the same one for everything, and it probably contains some personally identifiable information – your dad’s birthday, your pet’s name, the year of your anniversary. Even if you think you’ve got a good password strategy, if it contains any kind of pattern – a famous quote, a song lyric – it’s can very easily be cracked. Consider how much access that password — the one you’re using for everything – gives to your private life. Whether you’re worried about exploits from criminal hackers or rogue government intelligence agencies, weak passwords put your private data at risk.

xkcd on password_strength

With thanks to xkcd .com

It’s not your fault you have such a terrible password – we’ve been taught a lot of bad rules about making passwords. This xkcd comic sums it up well; in fact, this comic spawned something that’s often called the “xkcd method” of creating strong passphrases – using four or five random words for a passphrase, resulting in something both strong and easy to remember. One of the simplest ways to come up with an xkcd-style passphrase is with dice and the Diceware word list, which Micah Lee of The Intercept recently wrote about. In brief, you role a die 5 times and choose the Diceware word represented by that number. Repeat this process 4 or 5 times total and you’ve got a high-entropy, easy to remember passphrase of random words.

You can use the method Micah wrote about to create a passphrase for a password manager like KeePassX. Using an in-browser password manager is placing a lot of trust in “the cloud”, which is really just an ethereal-sounding way of saying “a server that you do not control”. KeePassX lets you create an encrypted password database that is stored locally on your computer. It’s also free and open source software (FOSS), which allows the user to examine or modify the source code, making it much more difficult for, say, a government agency to place a backdoor in that software. If there is a backdoor, it’s not just being used by the intelligence agencies – you can guarantee that other people will find it and use it to exploit your private data(for more on FOSS and privacy, watch Jacob Appelbaum’s keynote from LibrePlanet 2014). Using a strong passphrase to log in to KeePassX, you can store more xckd-style passphrases in the database, or use the passphrase generator built into the software.

Another method for storing strong passphrases is with the Yubikey a small piece of hardware that fits in your USB drive and can also function as a two-factor authentication token. I use Yubikeys in static password mode which allows me to store two high-entropy passphrases. You press the button on the Yubikey when you need to retrieve your password – an additional measure of protection against exploitation, since passwords can be stolen by keyloggers. I use a prefix with the passphrases I store on a Yubikey – I type in the prefix, then I tap the Yubikey for the remainder of the passphrase. This way, if someone steals my Yubikey, they still don’t have my whole passphrase. If you are using Yubikey with a passphrase that you don’t memorize, be sure to back it up (you should back up the passphrases that you DO memorize, too – your memory is fickle, I promise). If you’re a GNU/Linux user, you can store the passphrase in an encrypted LUKS volume. You can also write the passphrase on a piece of paper and store it somewhere safe.

You’ll get used to this passphrase strategy pretty quickly once you’ve set it up. When you’re comfortable using it, consider how you could teach it to patrons in computer classes or technology help sessions. You may want to use or modify my course slides for a basic online privacy class, or incorporate passphrase strategies in existing computer instruction courses. Our patrons already look to us for help in learning to use their computers; this passphrase strategy is just one of many ways we can help our patrons take back some control of their online privacy and security.

Alison Macrina is the founder and director of the Library Freedom Project, an initiative that aims to make real the promise of intellectual freedom in libraries. The Library Freedom Project trains librarians on the state of global surveillance, privacy rights, and privacy-protecting technology, so that librarians may in turn teach their communities about safeguarding privacy.

May 2, 2015

Choose Privacy Week 2015: Raganathan and the Five Blind Librarians

By Eric Hellman

I’ve heard it told that after formulating his famous “Five Laws of Library Science“, the great Indian librarian S. R Raganathan set about thinking about privacy. Here’s what I remember of the tale.

It turns out that in India at the time, there were five librarians renowned throughout the land for their tremendous organizational skills, formidable bibliographic canny, and the coincidental fact that each of them was blind. It was said that “S” could identify books by their smell. “H” could classify a book just by the sound of the footfalls of a the person carrying it. “T” was famous for leading patrons by the hand to exactly the book they wanted; the feel of a person’s fingernails told him all he needed to know. “P” knew everything there was to know about paper and ink. “C” was quick with her fingers on a keyboard and there was hardly a soul in his city she had not corresponded with. But these 5 were also sought out for their discretion; powerful leaders would consult them, thinking that their blindness made them immune to passing on their secrets of affairs and of state.

So of course, Raganathan asked the five blind librarians to come to him so he could ask them about privacy. The great librarians began talking as they sat outside Raganathan’s house.

“On my way through the countryside I encountered a strange beast”, said librarian H. I can’t say what he was, but he had a distinctive call like a horn: Toot-to-to-toooot…” and librarian H recited a complicated sound that must have had at least 64 toots.

“By that sound, I think I encountered the same beast.” said librarian T. “I reached out to touch him. He was hard and smooth, and ended in a point, like a great long sword.”

“No, you are wrong”, said librarian P. I heard the same sound, and the strange beast is like a thick parchment, I could feel the wind when it fluttered.

“You fellows are so mistaken.” said librarian C “You touch for a second and you think you know everything. I spent 15 minutes playing with the beast; she is like a great squirming snake.”

“I know nothing of the beast except by smell,” said librarian S. “But what I do know is that the beast had just eaten a huge feast of bananas.”

At this, a poacher who had been eavesdropping on the five librarians picked up his rifle and ran off.

Just then, Raganathan emerged through his door. Surprised at seeing the poacher run off, he asked the librarians what they had been talking about.

When librarian S recounted the banana smell, Raganathan became alarmed. The poacher had run in the direction of a grove of banana trees. Before he could do anything, they heard the sound of a powerful shotgun in the distance, and then the final roar of a dying elephant.

With tears in his eyes, Raganathan thanked the 5 librarians for their trouble, and sent them home. Though the Raganathan’s manuscript on privacy has been lost to time, it is said that Raganathan’s 1st law of library privacy was something like this:

“Library Spies Don’t Need Eyes.”

Eric Hellman blogs at where he publishes his own research on how well vendors follow privacy practices.