2011 Version These are also galvanizing times of promise and opportunity. And yet we can only reap the full benefits if we work together, as a society, to uphold peoples right to privacy. - Jennifer Stoddart, Privacy Commissioner of Canada, November 2010 If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place - Eric Schmidt, CEO, Google, December 2009 POINT COUNTERPOINT
Privacy Legislation Basic Principles for Personal Information: Collected with consent and for a reasonable purpose Used and disclosed for the limited purpose for which it was collected Accurate Accessible for inspection and correction Stored securely Only a Starting Point!
Importance for Libraries Libraries have a role to protect Privacy Protecting user privacy and confidentiality has long been an integral part of the mission of libraries. – American Library Association 2002 Awareness among Staff & Patrons Consistency in handling Data & Issues Guidelines for when Privacy is Tested
CLA Position Statement Drafted June 1987 First Sentence: Rapid advancements in computer and communications technology… Very Limited Scope That names of library users not be released to any person, institution, association or agency for any reasons save as may be legally required by Federal or Provincial laws. What about Usage Histories? Data Storage?
OLA Position Statement None Published (nor OLITA or OLBA) Occasional discussions (blogs, mailing lists, etc) Such as May 9, 2006: The OLA Board at its meeting on May 5 lent OLA's support to a coalition that is challenging digital copyright reform on privacy issues.
Privacy Dangers Fishing Expeditions Data Mining (Identified as threat by ALA) Pressure to Release Information Hidden caches of Data Unexpected points of access & storage Retention versus Preservation
Going Fishing… Police & other authorities may request patron records or usage information Significant pressure could be applied in certain types of situations Media Pressure Political Pressure – Board, Council, etc Pressure from the Public
In the News… Durham Regional Police have laid child pornography charges after an Oshawa man was seen surfing child porn at a public library… On January 7th, 2006, the accused attended the public library in Brooklin and began an extensive search for child pornography using one of the librarys computers… Officers seized two computers from the library and gathered additional information. -- Durham Regional Police News Release, April 19 2006 Police aggressive in attitude towards library Easier to involve Mayor/Media than obtain a warrant?
Even Bigger News… Security services had bomb plot suspects under surveillance for more than six months… To obtain the ammonium nitrate, [alleged bomb plot suspect Zakaria] Amara searched for suppliers on the internet, using the facilities of a public library… -- CBC News Report, June 7 2006 Mississauga Library Computers seized by RCMP – pressing matter
The Hot Button Issues Child Pornography Internet Sexual Predators Terrorism Can Library Boards & Management Resist Political & Media Pressure on these fronts?
A Different Approach… The Seattle Public Library Confidentiality Policy Minimum records kept The Seattle Public Library keeps the minimum number of records necessary for maintaining operations. When a customer logs off a Library Computer, information about that user session is automatically deleted.
Possible Headlines? Library refuses to co-operate with Child Pornography investigation Kidnapping case encounters roadblock in Library Libraries a Terrorist Internet Haven Cyber-Bullies use Library to hide their true identities
The B-List Cyber Bullying Stalking Threats Disseminating Hate Fraud The C-List: Activism
Last Week: Borrowing Records Basic Concept: Delete Info after Return Information about what a person may have borrowed is not retained when the item is returned except where fines and fees may have occurred Watch for Exceptions – Document Visiting Library Services: May want to retain Data Make sure Library Software truly complies (logs; backups; etc) Holds – Does Library Software treat differently? Other Considerations Patrons may want to see their own historical data; have a choice? Historical data for better service – Amazon Effect; Bibliocommons
Yesterday: Public Internet Access Sign-ups: Take Patron Info? Keep it? Keep Session Logs? Internet Acceptable Use Policies (AUP) ISP Responsibility; new US/EU Regulations [Sign up information] is removed as soon as the person who has reserved the computer signs on. - Seattle Public Library [We] delete the history of a users Internet session and all searches once an individual session is completed. - San Francisco Public Library
Today: New Challenges External DataBase Searches eBooks – Borrowing Records, etc 3 rd Party Services Beyond Control of Library? Possibly in jurisdiction of USA PATRIOT Act (etc)? WiFi Access for Patrons Login, Usage Logs, etc? RFID
Newest Challenges Cloud Computing Google Docs, Microsoft Office 365, Azure, Amazon Web Serv Jurisdiction Issues !! Danger, Danger ! Social Networking Interactions Facebook, etc Hardware & Equipment Photocopiers – some keep images of copies made (really!) Out-of-Lease & Disposed of; Stolen; Serviced; Garbage
Tomorrow: The Fun Never Ends DRM – Digital Rights Management Letters from major Privacy Advocates and Stakeholders regarding Privacy Risks with potential Copyright / DRM legal protections Whats Next?
The Case of the Hidden Data Many potential Data caches Logs Backups Caches & Mirrors Proxies Upstream storage & ISPs Partners, Suppliers, 3 rd Party Services, more
More Dangers Hidden/Undocumented Data Potential Embarrassment & Financial Liability for failed Policy Protections Loss of Patron Confidence Unexpected release – garbage bin data Costs (Staff Resources & More) to deliver difficult data when requested
The Privacy Ideal No need to release data you dont have Request & Store the absolute minimum Think twice before you capture data, and three times before you store it. - Electronic Frontier Foundation Delete Data no longer required
The Privacy Ideal Continued… Document All Hidden Sources Audit, Monitor, Consult Psychics Pick two out of three
Ingredients to a Policy Design Details for common issues Library Cards, Borrowing Records, Computer Use General Principles for the Future Synchronization with Reality Make sure you can deliver what you promise! Special Cases Equipment/Data Seizure Policy; Ethical Research Policy
Policy Frameworks CSA Model Privacy Code Accountability / Identifying Purposes / Consent / Limiting Collection / Limiting Use, Disclosure and Retention / Accuracy / Safeguards / Openness / Individual Access / Ability to Challenge Fair Information Practice Principles (FTC) Notice / Choice / Access / Security / Enforcement OECD Guidelines on the Protection of Privacy Collection limitation / Data quality / Purpose specification / Use limitation / Security Safeguards / Openness / Individual Participation / Accountability
Policy Must Evolve New challenges, new technologies New Regulations; US atmosphere Increasing Awareness by Patrons / Public Board, Management & Staff Must Understand and buy-in to policy!
References American Library Association www.ala.org/ala/issuesadvocacy/intfreedom/librarybill/interpretations/privacy.cfm Electronic Frontier Foundation www.eff.org/Privacy/ Electronic Privacy Information Center www.epic.org Center for Democracy & Technology www.cdt.org
More References CSA Model Code www.csa.ca/standards/privacy/Default.asp?language=english Information & Privacy Commissioner of Ontario www.ipc.on.ca/docs/library-e.pdf Office of the Privacy Commissioner of Canada www.priv.gc.ca
Thank You! The role of libraries … must not be compromised by an erosion of the privacy rights of library users. -- American Library Association, 1991 George Geczy, Vice-Chair, Hamilton Public Library Email firstname.lastname@example.org