Save the Date!
Choose Privacy Week is held annually May 1 - 7. Start planning now for your library’s participation and programming. Choose Privacy Week materials are available now in the ALA Store.

Voices For Privacy

It’s now or (almost) never for real NSA reform; contacting Congress today critical!

Posted by on November 17, 2014 in FISA / PATRIOT Act, government surveillance, Protecting Privacy | 0 comments

Courtesy of the ALA Washington Office’s District Dispatch blog:

It was mid-summer when Senator Patrick Leahy (D-VT), the outgoing Chairman of the Senate Judiciary Committee, answered the House of Representative’s passage of an unacceptably weak version of the USA FREEDOM Act by introducing S. 2685, a strong, bipartisan bill of his own. Well, it’s taken until beyond Veterans Day, strong lobbying by civil liberties groups and tech companies, and a tough stand by Senate Majority Leader Harry Reid, but Leahy’s bill and real National Security Agency (NSA) reform may finally get an up or down vote in the just-opened “lame duck” session of the U.S. Senate. That result is very much up in the air, however, as this article goes to press.

Now is the time for librarians and others on the front lines of fighting for privacy and civil liberties to heed ALA President Courtney Young’s September call to “Advocate. Today.” And we do mean today. Here’s the situation:

Thanks to Majority Leader Reid, Senators will cast a key procedural vote late on Tuesday afternoon that is, in effect, “do or die” for proponents of meaningful NSA reform in the current Congress. If Senators Reid and Leahy, and all of us, can’t muster 60 votes on Tuesday night just to bring S. 2685 to the floor, then the overwhelming odds are—in light of the last election’s results—that another bill as good at reforming the USA PATRIOT Act as Senator Leahy’s won’t have a prayer of passage for many, many years.

Even if reform proponents prevail on Tuesday, however, our best intelligence is that some Senators will offer amendments intended to neuter or at least seriously weaken the civil liberties protections provided by Senator Leahy’s bill. Other Senators will try to strengthen the bill but face a steep uphill battle to succeed.

Soooooo….. now is the time for all good librarians (and everyone else) to come to the aid of Sens. Leahy and Reid, and their country. Acting now is critical . . . and it’s easy. Just click here to go to ALA’s Legislative Action Center. Once there, follow the user-friendly prompts to quickly find and send an e-mail to both of your U.S. Senators (well, okay, their staffs but they’ll get the message loud and clear) and to your Representative in the House. Literally a line or two is all you, and the USA FREEDOM Act, need. Tell ‘em:

  • The NSA’s telephone records “dragnet,” and “gag orders” imposed by the FBI without a judge’s approval, under the USA PATRIOT Act must end;
  • Bring Sen. Leahy’s USA FREEDOM Act to the floor of the Senate now; and
  • Pass it without any amendments that make it’s civil liberties protections weaker (but expanding them would be just fine) before this Congress ends!

Just as in the last election, in which so many races were decided by razor thin margins, your e-mail “vote” could be the difference between finally reforming the USA PATRIOT Act. . . or not. With the key vote on Tuesday night, there’s no time to lose. As President Young wrote: “Advocate. Today.”

E-books and Privacy …. Again.

Posted by on October 13, 2014 in Privacy and New Technologies, reader privacy | 0 comments

A few years ago, after the disclosure that Amazon was collecting and storing user data associated with the loan of library e-books to Kindle users, I wrote an article briefly exploring the “digital dilemma” associated with providing users access to e-books and other resources via third party vendors. At the time I noted that

[t]he current model of digital content delivery for libraries places library users’ privacy at risk. Authorizing the loan of an ebook or the use of a database can communicate unique identifiers or personally identifiable information that reveals a user’s identity. Databases and e-readers create records of users’ intellectual activities that can include search terms, highlighted phrases, and what pages the individuals actually read. Easily aggregated—and then associated—with a particular user, such records can be used against the reader as evidence of intent or belief, especially if the records are stored on vendors’ servers, where they are subject to discovery by law enforcement.

Now the same issue has arisen in regards to Adobe Digital Editions’ collection of reader data and its transmission back to Adobe as unencrypted data sent through unsecured networks. The Library Information Technology Association’s LITA Blog outlines the technical issues. ALA President Courtney Young has commented on the issue and outlines ALA’s planned response.

The ethical issues are clear: it is the responsibility of librarians to establish policies to prevent any threat to privacy posed by new technologies. Libraries need to ensure that contracts and licenses reflect their policies and legal obligations concerning user privacy and confidentiality. Whenever a third party has access to personally identifiable information (PII), the agreements need to address appropriate restrictions on the use, aggregation, dissemination, and sale of that information, particularly information about minors. In circumstances in which there is a risk that PII may be disclosed, the library should warn its users. (See Questions 13 and 22 in the IFC’s Q & A on Privacy and Confidentiality, and Privacy: An Interpretation of the Library Bill of Rights.) In addition, careful thought should be given to the kinds of data that are collected and stored about library users’ reading habits; no personally identifiable data should be collected unless it is essential for the provision of resources and services to the library user, and any data collected should be discarded as soon as it is no longer needed (See the 2006 Resolution on the Retention of Library Usage Records.)

The legal issues are murkier. The majority of state library confidentiality records require libraries to prevent disclosure of library users’ records to third parties in the absence of user consent or a court order or other legal process compelling disclosure. But these laws often do not govern the behavior of third party vendors entrusted with library users’ information. Both Missouri and California have tried to address this by amending their library confidentiality laws to extend the duty to protect library user records to vendors. (See Missouri §185.815 – §185.817, amended and Cal. Gov. Code §6267.) Ultimately, however, the library must be responsible for assuring the privacy and confidentiality of their users’ records.

As libraries move to adopt digital content and new technologies, librarians need to assure that the use of library users’ data for these services does not weaken privacy protections for library users’ data or blur the line between public and confidential records. This will require a firm commitment to the profession’s obligation to protect the confidentiality of library users’ information and the will to advocate for greater legal protections for library users’ data that ensure reader privacy and protect against censorship, whether it is a private, contractual arrangement with the vendor or a public policy solution that includes amending or adopting library confidentiality laws that apply equally to any entity, public or private, that manages, stores, or uses library user data.

Choose Privacy Week 2014: Privacy Issues for Incarcerated Youth

Posted by on May 7, 2014 in Choose Privacy Week, libraries, reader privacy, Youth and Privacy | 0 comments

by Kelly Czarnecki
Teen Librarian
Charlotte Mecklenburg Library

We might not think too often about privacy issues in regards to the incarcerated. Why should they be online anyway? In most cases, they’re not. However, in some places they are. In my experience for instance, I have provided outreach as a public Librarian to juvenile offenders and we have been able to access the Internet for various purposes. While there is of course the initial hurdle of getting staff on board and structures in place for the incarcerated to access the Internet period, this post will focus on privacy issues once they are able to be online which hopefully goes to say it is possible, and these are some things to consider while figuring out what content could be a part of their experience.

While most of us that work in libraries encourage youth to practice safe habits on the Internet, being incarcerated adds another level. While where they are at is obviously a very big part of their life, it’s important we ask ourselves our responsibility in protecting their privacy from them being associated with being in jail or prison.

For example, in 2012, I helped facilitate a content creation program that was funded by the MacArthur Foundation, where juvenile offenders were able to access various sites online for the purpose of authoring information and interacting with one another as well as teens in another state who were also incarcerated. They used Voice Thread to learn how to leave constructive comments on a post one of their peers in the group uploaded. All of which are very useful skills to have if someone has never experienced this before. One of the programs we used was Bitstrips Comics. With each site, the teens were encouraged to create content based on a choice they had to make-preferably nothing that had anything to do with why they were incarcerated. When working with Bitstrips, one of the teens, aged 18, decided to illustrate what he did to get himself arrested. As librarians, we felt it was our responsibility to have a conversation with him regarding his privacy, as he was pretrial. He felt he wanted to keep the post live and wanted the content to stay.

In another program, I worked with youthful offenders to add content to a podcast called Turn it Up Teen Radio in 2014. The teens reported on the topic of bullying. The librarian at the jail asked that the recorded voices of the teens be disguised. Since there are voice effects for Garageband, they were able to choose their preference and read their researched piece from there.

Sometimes we might not think that those who are incarcerated deserve privacy online or even have that as a concern on our radar of them being content creators. When we think of it in terms of what skills they are building that are useful for future employment or other exploration, and understand that there are ways to protect their privacy for when they are no longer incarcerated, it makes sense to help find the best way to do so.

Kelly Czarnecki,  Teen Librarian for the Charlotte Mecklenburg Library, has worked with teens in libraries for over ten years. She was the editor for the gaming column in School Library Journal for many years and is currently the YALSA liaison for the ALA Intellectual Freedom Committee.