Three months ago (already? Oops) I attended at the IFLA World Library and Information Congress a session entitled "Mass internet surveillance and privacy - how does it affect you and your library?" It was one of my favourites; so much so that I proposed a session inspired by this topic at Library Camp UK in September.
But first, the IFLA debate. It was organised by the Committee on Freedom of Access to Information and Freedom of Expression (FAIFE) and featured a British lecturer in information sciences, a French librarian member of La Quadrature du Net ("non-profit association that defends the rights and freedom of citizens on the Internet"), a representative from Google and another from the Electronic Frontier Foundation (a "non-profit organisation defending civil liberties in the digital world" based in the USA). My notes - mostly live-tweeted - can be viewed in this Storify. It was dead interesting and made me want to explore the questions raised on a more practical level, with other librarians.
And what better place to do this than Library Camp?
Plus, following the OST principles on which unconferences are based, the right people came to the session! Among us were some new to the profession, some more experienced, working across different sectors (public, academic, national library...) and at different responsibility levels. One of the participants wasn't a library person at all, and pushed us to think about our role ("So what are YOU, librarians, going to do about this?") There was even someone who had done a MOOC on cyber-security!
I wanted to know... 1) Is anyone educating their library users on online surveillance and privacy?
Some academic librarians tell the researchers to be careful about what they share online ("etiquette") In information literacy sessions students google themselves as an exercise.
There were comments that sharing a lot of personal information online may be either a sign of naiveness or a shift of culture. The "right to be forgotten" was discussed as well as the fact prospective employers do look you up online.
|Online surveillance and privacy session at Library Camp UK 2014 |
Image courtesy of NLPN
Short answer: erm, not so much. It was fascinating to discover that out of the 17 people in the room, only 3 of us had ever used DuckDuckGo ("the search engine that doesn't track you"). In term of browsers on public computers, few libraries offer Firefox alongside Internet Explorer / Chrome - none have Tor!!
Someone made the remark that smartphones are the biggest tracking device. Other "Internet of things" stuff were mentioned, like electricity smart meters.
There is a need for transparency: what are big organisations doing with our data?
When is it ok for our data to be used? Two sides of the coin: technology can be helpful to us and used to our advantage (e.g. when our data is used to make search results more accurate) but unfortunately it is also used for frightening purposes.
Surveillance is not something new: even before modern technology and the Internet there were forms of it - for example opening letters.
'There's been surveillance for - I don't know how long...'
'1984 or so.'
3) Are our libraries just as bad as any other organisation when it comes to tracking their users?
We discussed login requirements for computers and wifi, Internet filters and the browsing history being retained by the IT departments for a certain length of time.
I was astounded to hear a participant explain their council IT team had actually gone against preconceptions and offered - without the library asking - to remove authentication for users accessing the public computer network! (So open-minded IT departments do exist?!)
And the million-pound question of the day, from another participant: "If you were offered a million pound in exchange for your users' data, would you choose to sell your users' privacy to a big company and take the money to save your library?"
Librarians are here to raise awareness of these issues among their customers to allow them to make their own informed decisions.