Training & Awareness as a form of ontological friction

Background to ontological friction

Informational or ontological friction refers to the forces that oppose the flow of information with a region of the infosphere. It is connected with the amount of effort required for some agent to obtain, filter, or block information about other agents in a given environment, by decreasing, shaping or increasing informational friction. Given some amount of personal information available in a region of the infosphere, the lower the informational friction in that region, the higher the accessibility of personal information about the agents embedded in that region ,the smaller the information gap among them, and the lower the level of privacy that can be expected. Put simply, privacy is a function of the informational friction in the infosphere (Floridi 2014).

 

Role training & awareness can play

…teaching patrons how to use the internet, but not how to use it safely is like showing someone how to drive a car, but not where the seatbelt is” (Beckstrom 2015 p31).

 

Privacy training & awareness can empower individuals to protect themselves with regard to the collection and use of personal data about them. Training & awareness initiatives can cover areas such as a knowledge of the available technology tools that can help thwart government and corporate surveillance; “Know your rights” training detailing privacy laws; ensuring that all library staff are familiar with the library’s own policies, procedures & guidelines relating to privacy & confidentiality issues; or the sharing of best practice amongst libraries in terms of addressing patron privacy matters. As (Gebhart 2017) says “the more we share information and best practices, the more we can each fine-tune the ways we protect ourselves and each other”.

In one year, 2.3 million people attended digital literacy courses in libraries across the EU (http://www.publiclibraries2020.eu/content/see-numbers).

 

Effectiveness of training & awareness as a form of ontological friction

Thinking further about training & awareness as a form of ontological friction; the effectiveness of any training & awareness initiatives will depend upon a number of factors:

  1. Availability
  2. Evaluation & Impact
  3. Reach
  4. Content
  5. Practical v theoretical
  6. Who delivers the training
  7. Training facilities
  8. Clarity over librarians’ role

 

  1. Availability

How frequently is training offered?

Is there any “on demand” support such as recordings of webinars; online support materials

Is ongoing employee training and awareness of privacy and/or security issues, practices and policies provided?

Is refresher training offered?

 

  1. Evaluation & impact

Are all training session attendees offered an opportunity to provide feedback?

Is there a facility for attendees to provide feedback after the event (if they don’t have time on the day of the training, is there, for example, an opportunity to provide feedback online?)

Does the feedback result in any modifications to the design of the training sessions?

Did the training achieve what it set out to achieve?

Were the most appropriate training methods used?

Did the training reach the people it was intended for?

 

  1. Reach

Is training provided for all library staff, regardless of their roles?

Is training provided for library volunteers?

Is the training reaching those users who most need it?

Are all categories of users able to tap into the training & awareness initiatives, for example, what about the housebound?

(Hasselbach, Tranberg 2016) say that “We are in the process of creating a new digital divide, where those who can afford it have privacy and a private life, while the economically vulnerable groups in society do not”. While (Richards, Hartzog 2017 p21) say “it is precisely the weak and vulnerable who need help from other people, organizations, and technologies in defending themselves.”

 

  1. Content

What does the training cover:

Threat modelling

Password management

Cookies, Web Beacons, Device Fingerprinting

Anonymous browsing

Digital footprint

Know your rights

The library’s policies, procedures & guidelines

Internet safety

 

  1. Practical v theoretical

What is the nature or format of the training: Is there sufficient “hands on” training

 

  1. Who delivers the training

Who conducts the training:

Is it an external company? Clearly, external companies are not going to be familiar with the institution’s own policies, procedures, and guidelines.

Is it a company that has its own commercial interests to consider?

  • Barclays Digital Eagles
  • Google Digital Garage
  • Halifax
  • BT

“Private sector partnerships are one way forward when public funding is in short supply. Libraries have worked with Barclays and the Halifax (digital volunteers) and BT (wi-fi). Google has set up Digital Garages aimed at businesses in larger libraries. Though ostensibly “free”, such initiatives are, at least in part, commercially driven. Libraries need to be aware, if not wary, of that” (Khan 2016 p45).

 

Where commercial companies have been brought in, have the libraries involved sought any assurances regarding privacy of library users?

 

  1. Training facilities

Are the training facilities adequate?

Are they conducive to providing the required training?

Do they offer ample opportunity for attendees/delegates to gain sufficient hands on opportunities

 

  1. Clarity over the librarians’ role

Do library staff recognise that they have a key role to play in providing training & awareness to their users, or do they believe that it is someone else’s responsibility?

Do they “Bring passion for privacy (and teaching about privacy) to the community” (Ayala 2017 slide 46)

 

Library examples

Examples of training & awareness initiatives; or scenarios where training could potentially have made a difference

  • Library uses posters to draw attention to the risks of using public computers and wifi Example: Protect your privacy while using public computers & wi-fi https://chooseprivacyweek.org/wp-content/uploads/2013/05/CPWPrivacyPublicComputingTips.pdf
  • Printouts of reports from the library management system were left lying around unattended
  • Head of a library service says “We don’t specifically train staff to address privacy issues in any detail”
  • Before libraries can act ethically with regard to social networking sites, they must first have a nuanced understanding of the potential consequences of these sites.… Yet libraries are also committed to outreach and social networking sites provide a forum where libraries can create an online presence and spread awareness about their services. (Fernandez 2009)
  • Patrons walking away from computer screens that displayed their banking records or credit card information
  • Library organises a cryptoparty
  • Develop a forum for discussion of privacy issues, sharing best practice etc
  • Create an area on library website dedicated to privacy issues (useful example is sjpl.org/privacy)
  • Include privacy within any digital literacy training offered to users

 

General issues

Awareness as empowerment

Knowledge of library procedures

Librarians & users technical knowledge of how to protect privacy

Postcode lottery? Whilst the Department for Culture Media and Sport have responsibility for library policy, the services are delivered by individual local authorities. In addition, the significant increase in the number of volunteers working in libraries and the increasing number of community managed libraries all beg the question of whether there is any sense of consistency across the country.

 

REFERENCES

AYALA, D., 2017. Privacy is the Future The Library’s Role as Educator, Defender and Enforcer 24 June 2017 ALA Annual 2017 (webinar)  .

BECKSTROM, M., 2015. Protecting patron privacy: safe practices for library computers. Libraries Unlimited.

FERNANDEZ, P., 2009. Online social networking sites and privacy: revisiting ethical considerations for a new generation of technology. Library Philosophy and Practice, .

FLORIDI, L., 2014. The 4th revolution: how the infosphere is reshaping human reality. Oxford, United Kingdom: Oxford University Press.

GEBHART, G., 2017. For data privacy day, play privacy as a team sport. Deeplinks blog, (January 27),.

HASSELBACH, G. and TRANBERG, P., 2016. Privacy is creating a new digital divide between the rich and poor. Daily Dot, (October 23),.

KHAN, A., 2016. The future of libraries in the digital age. CILIP Update, (December),.

RICHARDS, N. and HARTZOG, W., 2017. Privacy’s trust gap. Yale Law Journal, (17-02),.

 

 

Advertisements