Our personal data flows back and forth continually. It is a by-product of us going about our daily lives. That’s true of library usage, just as it is of other areas of life. Whether we are reading ebooks, consulting an electronic newspaper, or placing a request for an item currently being borrowed by another library user; our personal data is flowing back and forth. The key question is can those data movements be controlled, and if so, how.
There has been a shift over the last four decades towards delivery of library services electronically, using integrated library management systems, ebook platforms, RFID technology, self‐service issue systems, online databases, and discovery services. Many libraries utilize cloud computing.
Another dimension is the way in which users access library services from home and elsewhere using their own devices; rather than doing so solely on equipment provided by and located within a bricks and mortar library.
If, for example, a library user accesses an ebook from home, their personal data is processed by the library; by the e-book vendor; and by the e-reader software company. The e-book vendor may in turn use third party cookies, and whilst they may claim that these cookies don’t contain any personally identifiable information and can only be used to identify machines rather than individuals, the reality is that device fingerprinting can be used to fully or partially identify individual users. (Conger, Pratt et al. 2013) privacy model has
- 4th parties (illegal entities)
- 3rd parties (legal datasharing partners)
- 2nd parties (vendors) &
- 1st parties consumers / individuals
As libraries have relied more heavily on digital services, the challenge for librarians of being able to protect patron privacy has grown exponentially because of the complex ecosystem which has developed involving libraries, vendors, and third parties.
It is imperative that user privacy is extended beyond interactions with physical libraries, and this may require extensive programming and cyber security expertise.
The firefox addon lightbeam is a useful tool to visualise precisely which sites have had access to your information, both in terms of the sites you have visited AND the third parties who have also had access to your information. Another useful tool is the Ghostery addon which lists the trackers that are in use on a website, broken down by category type (trackers for social media, for advertising, for analytics, for customer or user interaction, etc), and gives you the option to block the ones you want to exclude.
“Librarians defend and protect reader privacy in recognition of the strong connection between the freedom to read and the right to privacy. The right to read freely depends upon the knowledge that what one is reading is not monitored or tracked. Protecting reader privacy ensures that library users can pursue any inquiry or read any book without fear of judgment or punishment” (Caldwell-Stone 2012).
Privacy is one of the most commonly featured values in the codes of ethics of library associations around the world. Indeed (Lamdan 2015) says that librarianship is one of the only professions that explicitly expresses privacy rights in its codes of ethics.
Carrie Gardner, who was library services coordinator at a school in Hershey Pennsylvania is quoted by (Adams 2002) as saying “Often, if people do not think their information requests and information-gathering activities are going to be kept private, they won’t ask for the information. They would rather suffer the consequences of not knowing”. (Chilling effect)
In 2000 (Gorman 2000) published a book, in which he lists the values that characterise and shape the work of librarians:
Gorman’s eight core values
- Intellectual freedom
- Literacy & Learning
- Equity of access
- ensuring the confidentiality of records of library use
- overcoming technological invasions of library use
Gorman says “Even in many democratic countries, the twin threats of an empowered surveillance state and a big technology assault on privacy make the defense of intellectual freedom harder than it was in previous generations” (Gorman 2015)
I am currently studying for a PhD and my research is from a philosophical grounding, primarily using Luciano Floridi’s concept of ontological friction, to understand the flow of personal data within the infosphere.
Given some amount of personal information available in a region of the infosphere, the lower the informational friction in that region, the higher the accessibility of personal information about the agents embedded in that region, the smaller the information gap among them, and the lower the level of privacy that can be expected (Floridi 2014).
I have put together an initial list, where I have identified a number of different types of “friction” which can affect the ease with which our data flows back and forth.
Training & Awareness
Privacy is not an easy concept to define because there are so many different aspects to it. Nevertheless (Koops, Newell et al. 2017) have produced a typology consisting of eight types of privacy. In addition, a ninth type – informational privacy – overlays all of the other eight types.
||Direct and indirect invasions of bodily integrity
||Privacy expectations in and around one’s home (& possibly also the workplace)
||Someone violates this type of privacy by, for example, intercepting personal communications, eavesdropping, or accessing stored communications without consent
||Reputational & image management
||Privacy of thought and mind, development of opinions and beliefs
||Concerns the freedom to make decisions about one’s body and family. Decisional privacy involves matters such as contraception, procreation, abortion and child rearing. Freedom from interference in one’s personal choices, plans and decisions
||Freedom to connect with whomever or with whichever group one chooses without being monitored
||Activities that happen in both public and private places, and encompasses sensitive issues
||Encompassing information/data/facts about persons or their communications
The types of privacy are drawn from the (Koops, Newell et al. 2017) typology of privacy.
I have built up a database of library privacy scenarios, and have used this to illustrate how personal data flows can be adjusted using the various types of friction.
One type of friction is “obscurity”. That heading also incorporates “practical obscurity” and “obfuscation”
Obscurity is the idea that when information is hard to obtain or understand, it is, to some degree, safe. Safety, here, doesn’t mean inaccessible. Competent and determined data hunters armed with the right tools can always find a way to get it. Less committed folks, however, experience the need for great effort, and it therefore acts as a deterrent.
Search visibility – use of robots.txt being one example
Unprotected access – not using access controls such as passwords, biometrics, encryption, privacy settings
Identification – ability to use pseudonyms (the “nym” wars), anonymisation
Clarity – the data doesn’t make sense because it is intentionally vague or incomplete
Right to be forgotten
Difficulty of collecting the data
Available only in the physical library v the digital library
Difficulty of correlating or aggregating the information
Information requires burdensome or unrealistic effort to obtain
Obfuscation (the deliberate use of ambiguous, confusing or misleading information to interfere with surveillance and data collection projects
Police and FBI agents appeared at the Newton Free Library in January 2006 after learning of a terrorist threat sent to nearby Brandeis University had been generated from a library computer. The library Director Kathy Glick-Weil refused to hand over the computer without a warrant, and was backed up by the City Mayor. A warrant was eventually produced (Library Journal staff 2006).
Privacy Types: Informational Privacy; Intellectual Privacy
Friction Types: Regulatory (ALA Code of Ethics; the state law covering privacy of library records: Mass. Ann. Laws ch. 78, § 7)
Some people might portray the librarian’s actions as being obstructive; whilst others might portray them as the actions of someone wanting to obey the law and follow the library’s guidelines.
A library patron leaves a printout of a highly personal email at the public printers at closing time.
Privacy Types: Informational Privacy; Communicational Privacy
Friction Types: Technological; Training & Awareness
Comment: It is possible to ensure that printouts are only released once someone has swiped their card at the printer/copier, thereby minimising the risk of someone else accidentally picking up the printout. There are times when people almost need saving from themselves, where it is the data subject who is responsible for a data breach relating to their own personal information.
“Public libraries have focused on price negotiations in light of a certain sense of genuine desperation about being able to offer anything to patrons; other terms and conditions, such as privacy protections, have generally received much lower priority” (Lynch 2017)
Privacy types: Informational Privacy; Intellectual Privacy (Depending on the material being read other privacy types may be relevant such as Decisional Privacy or Bodily privacy)
Friction Types: Regulatory; Technological
Comment: It is understandable for librarians to want to make as much digital content as possible available to their users. But this should not be at the expense of their users’ privacy. As (Dixon 2008 p156) observes, if libraries only chose vendors who had good privacy policies, the industry would have to change its standards in order to obtain library business.
Indiscreet reference interviews (Voice level, private space)
Privacy Types: Informational privacy; Bodily privacy; Spatial privacy
Friction Types: Spatial; Sensory
Snooping devices (keystroke loggers) were found in Cheshire library computers http://www.bbc.co.uk/news/uk-england-manchester-12396799
Privacy Types: Informational privacy; Intellectual privacy; Communicational privacy (and, depending on the material captured by the keystroke loggers, it could involve other types of privacy such as Decisional Privacy)
Friction Types: Technological
A library user wants to borrow a few items which are listed in the Books on Prescription scheme. They opt not to use the volunteer run library nearest their home, but instead go to the central library managed by paid staff. The Books on Prescription scheme prescribes books on mental health conditions, and the library user is nervous about whether or not they can trust volunteers to keep to themselves the fact that they want to borrow books with titles such as “Overcoming low self-esteem”, “Break free from OCD” or “Overcoming binge eating”
Privacy Types: Informational privacy; Intellectual privacy; Bodily privacy
Friction Types: Information Behaviour; Training & Awareness; Regulatory (ethics)
In Virginia a husband requested circulation records of his wife to prove she had been “exploring avenues of divorce” before he filed the papers
Privacy Types: Informational privacy, Decisional privacy, Intellectual privacy
- Regulatory: The state laws of Virginia (http://www.ala.org/advocacy/privacy/statelaws); the library guidelines & procedures, the ALA code of ethics
- Temporal: Keeping the information for the minimum period required
- Obscurity: Anonymising the borrowing records as soon as items are returned to the library
- Training & awareness: Ensuring that all library staff are fully cognisant of the library’s policies and procedures and their obligations under the law
ADAMS, H.R., 2002. Privacy and confidentiality: now more than ever, youngsters need to keep their library use under wraps. American Libraries, 33(10), pp. 44-48.
CALDWELL-STONE, D., 2012. A digital dilemma: ebooks and users’ rights. American Libraries, .
CONGER, S., PRATT, J.H. and LOCH, K.D., 2013. Personal information privacy and emerging technologies. Information Systems Journal, 23(5), pp. 401-417.
FLORIDI, L., 2014. The 4th revolution: how the infosphere is reshaping human reality. Oxford, United Kingdom: Oxford University Press.
GORMAN, M., 2015. Our enduring values revisited: librarianship in an ever-changing world. Chicago: ALA Editions, an imprint of the American Library Association.
GORMAN, M., 2000. Our enduring values: librarianship in the 21st century. Chicago; London: American Library Association.
LAMDAN, S., 2015. Librarians as feisty advocates for privacy. CUNY Academic works, .
LYNCH, C., 2017. The rise of reading analytics and the emerging calculus of reader privacy in the digital world. First Monday, 22(4 (April 3rd)),.
 We are moving from living in the biosphere to the infosphere. Information is our environment. The infosphere is a newly-created digital space built by new technology (Floridi 2014). It includes agents and objects, services, relations and processes, as well as the space within which they interact. It should not be confused with cyberspace, because it encompasses online as well as offline and analogue domains.