by Nancy Kranich
Rutgers School of Communication and Information
Past President, American Library Association
Are librarians hysterical about protecting user privacy, as Attorney General John Ashcroft contended in 2003? That was the question asked when LIS students at Rutgers University heard from two librarians on the front lines defending and promoting intellectual freedom since the September 11th terrorist attacks in 2001. The colloquium entitled Libraries, Privacy, and National Security featured George Christian, the plaintiff in John Doe v. Gonzales who was served a National Security Letter (NSL) in 2005 that demanded patron records from the Library Connection in Connecticut, and Patrice McDermott, Executive Director of the coalition OpenTheGovernment.org, an organization that shines a light on surveillance transparency.
Both colloquium speakers were instrumental in changing the discourse and moving public opinion and policy toward more openness and privacy protection. They not only shared their stories, but addressed the central question: where do you draw the line in a democratic society between safety and freedom?
Attendees learned first hand from a librarian who just said NO to an FBI fishing expedition that demanded records about thousands of innocent readers using his busy library system. They listened to another librarian, a policy negotiator in Washington, who explained why librarians and library users should care about national security issues. Stated one student, “I thought it was interesting that both Christian and McDermott brought up privacy and security as ‘teachable moments.’ Christian discussed how librarians may assume the role of educating a library’s constituents about threats to privacy and Constitutional rights. McDermott referred to the NSA leaks, which created a new public awareness about these issues.”
Ever since the 9-11 attacks, librarians have raised concerns about policy makers’ reactions to the threats. Their concerns initially focused on the USA PATRIOT Act, passed by Congress with virtually no debate. That law, which includes several troubling provisions such as Section 215, grants unprecedented authority to law enforcement agencies to obtain search warrants from a secret court for business records (including educational, library, and bookstore records) without any actual proof or even reasonable suspicion of terrorist activity. Although the word library is not mentioned, this section is often referred to as the “library provision” thanks to the outcry over the possibility of library surveillance. That provision includes a gag order that requires any person or institution served with a warrant to keep secret what transpired. A similar provision, Section 505, permits the use of NSLs to force the instantaneous production of information about targets of investigations without any court order.
What’s the problem with these provisions? First and foremost, they license law enforcement officials to peer into Americans’ most private reading, research, and communications—rights granted under both the 1st Amendment and 4th amendment of the U.S. Constitution. They also sweep aside constitutional checks and balances, eliminate probable cause from terrorist investigations, increase potential for abuse, and break down barriers between criminal and intelligence gathering. In addition, they override existing privacy and confidentiality laws, including those in 48 states protecting library records.
In the John Doe v. Gonzales case, Christian (aka John Doe) described the FBI’s fishing expedition that chilled inquiry by innocent library users in his northern Connecticut library system. Moreover, a gag order imposed on Christian and his colleagues kept them from speaking out when debate about renewal of the USA PATRIOT Act denied that search warrants were issued to libraries. One student responded to Christian’s story, stating he is “truly a hero in the eyes of the library world and should be a hero in the eyes of the public. George stood up for all of our privacy rights.”
For more than a decade, ALA has passed resolutions urging Congress to amend the USA PATRIOT Act and related measures, launched the Campaign for Reader Privacy, and joined with other civil liberties groups like OpenTheGovernment.org to advocate reform. Unfortunately, attempts to modify the law have not yet resulted in substantive changes, even though a series of Amendments in 2006 limited impact on libraries thanks to the John Doe case.
During the Bush Administration, Americans learned about a related measure, a warrantless wiretapping program–legalized by Congress in 2008–that expanded powers to monitor domestic communications and listen to international phone calls without specific reasons. Then, in June 2013, Edward Snowden released highly classified information exposing the National Security Agency’s secret bulk collection of metadata about emails and phone calls made by Americans and the tapping of phones of foreign leaders. These measures have finally prompted a reluctant Congress and outraged public to join the “hysterical” library community in calling for change. Commented one MLIS student, “If librarians were worried in 2005, the whistle-blowing of Edward Snowden should be a wake-up call.”
McDermott described changes under consideration by Congress. One, the USA Freedom Act that ALA and other coalition partners have endorsed, would limit surveillance inquiries to a foreign power or agent actually suspected of terrorist activities, require a court order to search for records in bulk data, and create a special privacy advocate for the FISA court.
One Rutgers student, hearing about these developments for the first time, declared, “George Christian taught us a lot last night, he taught us that what he did was not the ordinary and that we need to be cautious of this ever happening to us. He let us know that the only way to succeed is to be educated and prepared. Patrice McDermott did an excellent follow up by making us aware of how unsecure the world is and that it is up to us to protect our privacy.” Stated another, “This colloquium was an excellent reminder that privacy is still a right and is worth defending, both for ourselves and for our patrons.” A third claimed, “there is so much more to libraries and librarians than meets the eye,” followed by another who affirmed, “This is a field that is growing in its involvement and purpose every day, and I am so excited to be a part of this.”
Nancy Kranich teaches at the Rutgers School of Communication and Information. She is a Past President of ALA, and, as a former Chair of the ALA Intellectual Freedom Committee, spearheaded the drafting of the original 2005 edition of the ALA’s Privacy Toolkit.
A video recording of the Rutgers MLIS Colloquium, “Libraries, Privacy, and National Security,” April 23, 2014, is available online , along with background lectures about libraries, privacy and national security prepared by Nancy Kranich (links below):
by Mike Robinson
University of Alaska – Anchorage
Choose Privacy Week is here and if you are like me, you are just now thinking of ways for your library to participate. The bad news is that it’s probably too late to come up with good programming for this year’s Choose Privacy Week. The good news is that your patrons don’t know or care that its Choose Privacy Week and yet almost all of them have a strong interest in online privacy. What I mean is that the week itself is not important, but the subject matter is of vital importance to our communities and our nation. The continuing revelations about the nature and scope of the NSA surveillance activities has brought concerns about online privacy to the forefront. Libraries are uniquely positioned to offer programming about online privacy because of our strong traditions of intellectual freedom, respect for privacy, digital literacy, and civic engagement. If you ever plan to offer programs on privacy at your library, 2014 is the year to get started.
I have been working with several libraries in Alaska to offer programs about online privacy. We offered two programs so far and are taking what we learned to create a series of programs this year. We were planning to have it coincide with Choose Privacy Week, but had scheduling conflicts with the video conferencing network we are going to use. So instead, our series will happen in June. I would like to share how we got started, what we learned, and what we are planning for this year in the hope that it will inspire you. If we can do it, anyone can.
The credit for getting the ball rolling and organizing the initial programs goes to Jessie Morgan, the education coordinator at the Haines Borough Public Library. Last October Jessie organized a community event titled Who Do I Trust to Protect My Digital Privacy? Add your voice to the conversation about tough privacy choices facing our nation. The event used the civic engagement materials available on the Choose Privacy Week website. Jessie had recruited two community members as moderators and asked me to attend as a special guest in my role as chair of the Intellectual Freedom Committee of the Alaska Library Association. Haines is a small community in Southeast Alaska about 750 miles from Anchorage where I live, so I attended via the Alaska OWL video conferencing network. I was a bit nervous because this would be my first time speaking in public on an intellectual freedom issue and also my first time using video conference to join a community discussion.
My fears were unfounded. The event went well with lively discussion among the participants. A good portion of the civic engagement materials focused on why online privacy is important. The participants all felt strongly that privacy is important and the discussion quickly moved to what people can do to protect their privacy. During the wrap up of the discussion, it was felt that a program focusing on how to protect your online privacy would be a good next step.
Life can get busy and we did not get around to scheduling the follow up event until February. Jessie worked with Stacia McGourty at the Anchorage Public Library to put on a joint program between the two libraries. This time the format would be a presentation by me with questions and answers from the participants. I would be at the Anchorage Public Library with a live audience and we would bring in the folks in Haines via video conference. We wanted to be careful to offer information that would empower people and not just make them feel even more helpless because of the number of threats to privacy. Here’s my presentation–Internet & Privacy [1.6mb pdf]. The event went well in that interest was strong and people said that they found the information useful.
But we learned a number of things that we could do better:
- We did not allow enough time for people to talk about privacy and what it means to them. No one in the Anchorage audience had participated in the previous discussion in October.
- People really wanted to talk about NSA and Snowden even though there are many other threats to their privacy that they are in a better position do something about.
- People had a limited understanding of the mechanics of how online tracking and other technologies work. There is a huge need for digital literacy so people can make an informed decisions about their online activities.
- Don’t assume the generational stereotypes concerning attitudes about privacy are true, i.e. that young people don’t care about their privacy. Everyone regardless of age draws a line at some point between convenience and what should be private.
- We went too long (90 minutes) and tried to cover too much. Don’t get me wrong, people were engaged the entire 90 minutes but we rushed through some topics and the amount of information was a bit overwhelming.
We also learned a few things about presentations to multiple locations via video conferencing:
- We had the monitor/camera facing the live audience so the participants could see each other with the presenter to one side, kinda in a triangle. Big mistake, the presenter ends up having to turn back and forth to address both audiences. Instead, we should have placed the monitor/camera so that it is part of the live audience looking at the presenter. You can always briefly turn monitor/camera to introduce audiences to each other at the beginning.
- Don’t try to show PowerPoint presentation over the video conference monitor. Its a small screen and hard to read. Instead, we should have had handouts for the audience and maybe separate laptop/projector for the presentation at each location.
- Scheduling multiple libraries is more difficult, especially specific rooms that have the video conferencing equipment and are heavily used.
Despite our mistakes, the feedback from the audience was that they were very interested in more programs on online privacy. With that in mind, we started planning for a series of programs that would allow us to break things into smaller topics and involve different presenters. We will also expand to include one or two more libraries via video conference. We came up with a number of possible topics but eventually settled on a four week series this June:
- A showing of one of the ALA Privacy videos
- The NSA & Other Threats to Privacy
- Internet Browsing & Privacy
- Social Media & Privacy
We plan to record the three presentations and if they turn out okay, make them available to libraries throughout the state. We may also do a presentation at next year’s statewide library association conference on how to host a program.
So here is my advice to anyone considering hosting programs on online privacy for the first time:
- Start small, get one focused event under your belt.
- Use the resources for libraries on the Choose Privacy Week website.
- Ask for help from other libraries or people/organizations in your community.
- Incorporate what you learn into planning the next event(s).
I hope that what I have written encourages you to start offering privacy programs at your library. Online privacy is a hot topic and the local library is a great place for people to learn about the topic and discuss the issues.
Mike Robinson is an associate professor and head of systems for the Consortium Library at the University of Alaska – Anchorage. Mike has worked with technology in libraries for most of his career and has a strong interest in online privacy as a cornerstone of intellectual freedom. He is currently the Chair of the Intellectual Freedom Committee of the Alaska Library Association.
by Heather Acerro
Head of Youth Services,
Rochester Public Library, MN
Privacy is about more than a list of books checked out and access to personal information. Privacy is also about providing a safe space for inquiry, discovery and research. There are so many ways to unwittingly deny kids privacy and mistakes are made all of the time.
Think about the class visit from Ms. Morris’ 28 third graders to the library. Joey’s dad sent him to the library with his library card, $5 and instructions to find out what book was overdue and pay the fines. So the library staffer pulls up his account to see about those fines. 25 of those 28 third graders are behind the staffer looking at the screen, seeing the books on Joey’s account. Or maybe they are not behind her, maybe they are just there around the desk, waiting impatiently behind Joey to ask their questions, and she tells Joey the title. Those kids all heard. Does Joey leave feeling like he can trust the library with his privacy?
Remember that time when Brenda was in fourth grade and she came in asking for books about the human body when Jenny was working the desk? And Jenny said, in her loudest outside voice, “So, you want books about the human body? What exactly are you interested in?” With that transaction, Brenda was cured of asking another reference question.
What about that time that Walt couldn’t find a book for a teen on teen pregnancy so he excused himself to ask his colleague for help and everyone on the Internet computers heard him and turned to see who was asking? That’s not privacy.
Or last week when Bobby’s mom came in looking and the librarian said, “Oh, he’s over there looking for a science project.” Innocent enough, but extraneous information that didn’t need to be broadcasted.
When kids are on the Internet, is a staff person watching what they are doing? Do they walk by to see what is going on? Do they pass judgment on the games they are playing, saying they are “too violent” or “too gross”? That’s not privacy either.
And finally, when the workday is done, or the shift is over, do staff go into the back room and laugh and gossip about what kids asked for, what they were looking at on the Internet, etc.? That doesn’t sound like privacy to me.
In what other ways do we sometimes, unintentionally fail to protect the privacy of kids in our libraries?
Heather Acerro is engaged in building an innovative, dynamic and interactive space for kids & teens to learn, collaborate and create at the Rochester Public Library. She writes reviews for School Library Journal, serves on the board of The Reading Center: Dyslexia Institute of Minnesota and is the current chair of the ALSC Intellectual Freedom Committee.