It is only a fortnight ago that I set up the @priv_lib twitter feed, and it has already led me to think about privacy issues in a different way.
One of the things about Twitter that I really like is the ability to make contact with people based all around the world . Another is that you get to interact with people from lots of different disciplines.
One comment I received concerned the importance of personal data being collected before then going on to think about how securely that data was being held and protected. The point being, quite rightly, that we should only collect the information that is strictly needed in order to be able to deliver the service that is being provided. The problem, though, is that libraries depend upon external vendors and third parties to deliver those services. Where for example, services are delivered over the web, librarians have had very tough time indeed getting to the point where they can fully understand what is actually happening to the data. You only need to load the Firefox addin “Lightbeam” to your browser to see what I mean. Lightbeam literally shines a light not just on the websites you have visited, but all the other third party sites you didn’t know your data was being shared with. But that comment re-inforced for me the message that we should collect as little information as we actually need. The question in my mind, though, is where vendors and third parties are involved, how do we enforce our privacy policies and values working with them – is it through contracts and licences; regular monitoring etc etc.
Another point that I saw on a Twitter posting when I searched the service for postings about library privacy was all about how that particular person wanted their library to use the data it held about them in clever ways. The post was basically saying that they wanted the library to use the same sort of techniques that Amazon uses, so that they would get a more personalised service, where the message was “library sell to me, sell to me”. I guess that they were thinking of things like “Other people who read book X, also read books Y and Z”. And so the key point I take from this is that different people have different perspectives on privacy. Some people are happy to do a trade-off , giving up some of their privacy for a more relevant, personalised service.
Another lesson I have learnt from my first two weeks on Twitter is that postings about library privacy issues are not as popular as postings about the Human Rights Act. The highest amount of traffic that any of my postings received was for a tweet about the UK government’s intention to scrap the HRA 1998 and replace it with a British Bill of Rights. And yet, of course, Article 8 of the European Convention on Human Rights, and implemented through the HRA 1998, sets out the right to privacy as one of our human rights.
It is good to be able, with the help of Twitter, to see things through other people’s eyes – to find out what sorts of topics and comments people engage with, and I am looking forward to the many things that I will learn from that process. And hopefully learn also from people interested in privacy who work in different fields such as law, cybersecurity, or cryptography.